Information we collect and the purposes for which we use it
Automatically collected information
Our servers automatically collect the following information regarding devices that access our site or app: device characteristics (including device ID for mobile devices), operating system, browser type, IP address, username from stored cookies if present, dates and times of each login, page and image viewing statistics, and incoming and outgoing links. We also log the metadata associated with any uploaded images. We use this automatically collected anonymous data to analyze how our site and app are used so as to keep them optimized, to determine the popularity and usefulness of various features, to maintain the integrity of user accounts so that each user can see his or her posts and the upvotes, downvotes, and comments to them, and to enable users with usernames to access their posts, albums, and membership information. We also use such data to enable us to comply with copyright law, with 18 USC §2258A (illegal content), and to respond to lawful requests by public authorities, including national security, courts, and law enforcement.
None of this information is “personal data” – that is, data we could use to identify a specific person. Some of this information could, however, become personal data because we provide automatically collected anonymous data to third party advertisers to supplement the tracking information described below, and those third parties might be able to combine our anonymous data with other data they have to enable them to identify people.
Interactively collected information
Information you choose to give us
When you sign in with a username, we handle it in the same way as an automatically collected username except that if you don’t allow cookies, you have to enter your username each time you log in. A username is, by nature, publicly posted information. On occasion we may run a contest or other type of promotion, and to enable us to award prizes to the winners as well as to comply with the applicable laws, we collect real names and contact information – so if you win a contest, we’ll ask for that information and we’ll use it only for those two specific purposes.
We collect whatever personal data about you that you choose to give us, such as a contact email address (which we do not make public) and profile information. We do not require you to use an account to upload images. If you are located in the EEA and wish to open an account, do not use your real name – choose a username and email address that reveal nothing about your identity. If you give us an email address, we’ll probably send you promotional messages once in a while; we’ll try to make them fun and interesting but of course you’ll be able to opt out at any time.
Information you post
ZippyImage does not “collect” the stuff you post: images, comments, messages, etc., and – with respect to persons in the EEA – does not “process” or determine any purposes for processing of any information that you manifestly make public. In particular, every image uploaded to ZippyImage is public – whether uploaded directly without going through a user account, or uploaded via a user account – and has its own URL. No matter what your privacy settings are, every image can always be accessed and viewed by anyone who types in that exact URL. No image uploaded to ZippyImage is ever completely hidden from public view. This is mainly to ensure that ZippyImage, which allows anonymous postings, will not be used as a platform for illegality. So too for messaging: ZippyImage allows users to send messages to one another both indirectly (via comments to posts) and directly (via chat). ZippyImage's messaging functionality is not intended to be a secure messaging platform; it's just for fun. To ensure that ZippyImage's messaging platform is not used as a platform for illegality, all messages are public. No messages are ever completely hidden from public view. We may monitor user messaging.
Post / Image Privacy
Uploading a New Post creates a “post” (also called “album”) that can be shared to the community. The individual images inside the post are referred to as “images.”
Although nothing you post to ZippyImage is completely hidden from public view or entirely private, with that understanding you can set the privacy level of posts.
- Hidden: Posts will not be searchable within ZippyImage, and will not appear in ZippyImage's public gallery or public profile, but each one will still be accessible by going to the post’s URL.
- Public: Posts will be publicly viewable and shared with the community. Public posts shared with the community will allow comments, sharing, and voting, and appear in a user’s profile.
Accessing, correcting, and limiting use of your data
Because we don’t collect information about the identity of our users and don’t receive any information from third parties enabling us to identify our users, we have no means of knowing, or providing you with information about, whatever anonymous data about you we might have on our servers – unless you have a username. If you have a username, you may log in and access your data, correct whatever information you deem to be incorrect, opt out of information sharing with our advertisers, or delete your account. We may retain backup and/or archival copies of information prior to your corrections, amendments, or deletions.
We take every reasonable precaution to protect the data on our servers from loss, misuse, unauthorized access, disclosure, alteration, or destruction, taking into account the risk level and the nature of the data. You are responsible for taking every reasonable precaution on your end to protect any unauthorized person from accessing your ZippyImage account.
GDPR / Privacy Shield
For users in the European Economic Area (EEA) and in Switzerland, ZippyImage complies with the principles of the U.S.-EU Privacy Shield Program and the U.S.-Swiss Privacy Shield Program. See https://www.privacyshield.gov. Although the European Court of Justice invalidated the U.S.-EU Privacy Shield Program in July 2020, ZippyImage participation in both programs has always been voluntary. ZippyImage is not subject to the GDPR, and thus did not need the Privacy Shield as a means of complying with the GDPR, because we do not collect “personal data” about, or monitor behavior of, anyone in the EEU, nor do we “target” individuals in the EEU. Regarding the latter, see Guidelines 3/2018 on the territorial scope of the GDPR (Article 3), Ver. 2.1 (Nov 12, 2019). We remain subject to the investigatory and enforcement powers of the Federal Trade Commission, and we are liable for the unauthorized transfer to third parties of user personal data. To contact us regarding privacy issues, you can email us at firstname.lastname@example.org.
These terms are governed by California law, excluding its conflicts of law principles, and if there is a lawsuit between a user outside the EEA and ZippyImage, jurisdiction and venue will lie exclusively in the State where the defendant is located, if within the United States, or in Los Angeles County, California otherwise.