Privacy Policy

Effective as of July 20, 2020.

This Privacy Policy describes how Mighty Proud Media, Inc. and our subsidiaries and affiliates (collectively “The Mighty,” “we“, “us” or “our“) handle personal information that we collect though our websites, mobile apps and other digital properties that link to this Privacy Policy (collectively, the “Service”), through social media, in connection with our marketing activities, and through other activities described in this Privacy Policy.  

 

Table of Contents

Personal information we collect

How we use your personal information

How we share your personal information

Your choices

Other sites and services

Security

International data transfer

Children

Changes to this Privacy Policy

How to contact us

Information for California residents

Information regarding the European Economic Area

 

Personal information we collect

Information you provide to us.  Personal information you may provide to us through the Service or otherwise, includes:

  • Contact data, such as your first and last name, and email and mailing addresses.
  • Account data, such as your username and password that you set to establish an account on the Service, and your account preferences.
  • Profile data that you choose to include in your profile. This information may include your date of birth, gender, biographical details, photograph, your profiles on social networks, interests, and information about your or others’ medical condition that you choose to share.  
  • Content that you submit to us, such as Stories, Mighty Thoughts, or Questions, and any other content that you upload or post to the Service, including text, photos, videos, posts, comments, attachments and any associated metadata.
  • Communications that we exchange, including when you contact us with questions, feedback, or otherwise. 
  • Research data that you provide when you agree to participate in our surveys and other research activities, including your survey responses, your demographic information and your educational, medical or financial background information. 
  • Marketing data, such as your preferences for receiving our marketing and other communications, and details about how you engage with them.
  • Other information that we may collect which is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Third party sources. We may combine personal information we receive from you with personal information we obtain from other sources. The sources may include:

  • Data providers, such as information services and data licensors.
  • Public sources, such as social media platforms.
  • Research partners, such as universities, companies and other organizations with whom we partner on research initiatives.

Automatic data collection.  We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your activity over time on our sites and other sites and online services, such as:

  • Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area.
  • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.

Cookies. Some of our automatic data collection is facilitated by cookies and similar technologies.  For more information, see our Cookie Notice

 

How we use your personal information

We use your personal information for the following purposes or as otherwise described at the time we collect it:

Service delivery.  We use your personal information to:

  • provide, operate and improve the Service and our business;
  • establish and maintain your user profile on the Service;
  • enable security features of the Service, such as by sending you security codes via email, and remembering devices from which you have previously logged in;
  • communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
  • understand your needs and interests, and personalize your experience with the Service and our communications; and
  • provide support for the Service, and respond to your requests, questions and feedback.


Research and development.  We may use your personal information for research and development purposes, including to analyze and improve the Service and our business.  As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect.  We make personal information into anonymous data by removing information that makes the data personally identifiable to you.  We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.   

Marketing and advertising.  We and our third party advertising partners may collect and use your personal information for marketing and advertising purposes:

  • Direct marketing. We may send you The Mighty-related or other direct marketing communications as permitted by law, including by email.  You may opt-out of our marketing communications as described in the Opt-out of marketing section below.
  • Interest-based advertising.  We may contract with third-party advertising and social media companies to display ads on our Service and other online services. These companies may use cookies and similar technologies to collect information about you (including the device data, online activity data and/or geolocation data described above) over time across our Service and other online services, as well as your interaction with our emails, and use that information to serve ads that they think will interest you. You can learn more about your choices for limiting interest-based advertising, in the Advertising choices section below.


Compliance and protection.  We may use your personal information to:

  • comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); 
  • audit our internal processes for compliance with legal and contractual requirements and internal policies; 
  • enforce the terms and conditions that govern the Service; and 
  • prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.  

 

How we share your personal information

We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:  

Affiliates.  Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers.  Companies and individuals that provide services on our behalf or help us operate the Service or our business (such as information technology, customer relationship management and support, email delivery, advertising, marketing, and website analytics). 

Advertising partners.  Third party advertising companies that collect information about your activity on the Service and other online services to help us advertise our services, and/or use customer lists that we share with them to deliver ads on their platforms on our behalf to those customers and similar users. 

Professional advisors.  Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above. 

Business transferees.  Acquiring and other relevant parties to business transactions (or potential transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, The Mighty or our affiliates (including, in connection with a bankruptcy or similar proceedings).  

Other users and the public. Your profile and any information you choose to make public are visible to other users and the public.  Content that you post on the Service, including personally identifiable or medical information, is visible to other users and the public and can be collected and used by others.  We cannot control who reads the information that you make viewable or what they may choose to do with it.

Business partners.  We may compile and share with our research partners and other business partners information that you make publicly available on the Service (e.g., all posts in a certain time period by users posting about a particular medical condition).  We may also share information you provide when you participate in our surveys or other research activities with our research partners and other business partners as described to you when we collect that information.   We may share the Content you submit to us for republication on our partners’ websites. 

 

Your choices 

You have the following choices with respect to your personal information.

Access or update your information. If you have registered for an account with us, you may review and update certain account information by logging into the account.

Opt-out of marketing communications.  You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us.  You may continue to receive service-related and other non-marketing emails.  

Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Service may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org

Do Not Track.  Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Declining to provide information. We need to collect personal information to provide certain services.  If you do not provide the information requested, we may not be able to provide those services.

Third party platforms. If you choose to connect to the Service through your social media account, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third party platform, that choice will not apply to information that we have already received from that third party.

 

Other sites and services

The Service may contain links to websites, mobile applications, and other online services operated by third parties.  These links are not an endorsement of, or representation that we are affiliated with, any third party.  In addition, our content may be included on web pages or in mobile applications or other online services that are not associated with us. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions.  

 

Security

We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect.  However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information. 

 

International data transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.  

 

Children

The Service is not intended for use by children under 16 years of age. If we learn that we have collected personal information through the Service from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it. 

 

Changes to this Privacy Policy 

We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service.  Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

 

How to contact us

  • Email: [email protected]
  • Mail: 210 N. Glenoaks Blvd. Suite C, Burbank, CA 91502, United States

 

Information for California residents 

Scope.  This section describes how we collect, use, and share the Personal Information of California residents as a “business” under the California Consumer Privacy Act (“CCPA”) and their rights with respect to their Personal Information.  For purposes of this section, “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA.  Additionally, this section does not apply to information we collect from you in the course of communicating with you in your capacity as an employee, controlling owner, director, officer or contractor of an organization (i.e., company, partnership, sole proprietorship, non-profit or government agency) in the context of performing due diligence on, or providing or receiving products or services to or from, that organization.  In some cases we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.

Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law. 

  • Information.  You can request the following information about how we have collected and used your Personal Information during the past 12 months:
    • The categories of Personal Information that we have collected.
    • The categories of sources from which we collected the Personal Information.
    • The categories of third parties with whom we share the Personal Information.
    • The categories of Personal Information that we sold or disclosed for a business purpose.
    • The categories of third parties to whom the Personal Information was sold or disclosed for a business purpose.
    • The business or commercial purpose for collecting and/or selling Personal Information.
  • Access.  You can request a copy of the Personal Information that we have collected about you during the past 12 months. 
  • Deletion.  You can ask us to delete the Personal Information that we have collected from you.
  • Opt-out of sales.  If we sell your Personal Information, you can opt-out of those sales. 
  • Nondiscrimination.  You are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA.  

How to exercise your rights

You may submit requests to exercise your California privacy rights described above as follows:

  • Right to information, access and deletion. You may submit requests to exercise your right to information, access or deletion by emailing [email protected].
  • Right to opt-out of the “sale” of your Personal Information.  Like many companies, we use services that help deliver interest-based ads to you, and have done so during the past 12 months.  Our use of these services may constitute a “sale” of your Personal Information for purposes of the CCPA because the advertising partners that provide the services collect information from our users (e.g., the device data and online activity data described above) to help them serve ads more likely to interest you.  See the Do Not Sell My Info section of our Cookie Notice to opt-out.  

We will need to verify your identity to process your information, access and deletion requests and reserve the right to confirm your California residency.  Authentication into your The Mighty account (if applicable), government identification or other information may be required.  Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465.  If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity, and provide us with written confirmation that you have given the authorized agent permission to submit the request. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.

Personal information that we collect, use and disclose

The chart below describes the Personal Information we collected and disclosed during the 12 months preceding the effective date of this Privacy Policy by reference to the categories of Personal Information specified in the CCPA (California Civil Code § 1798.140). Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below. 

Statutory category Personal Information we collect in this category
(See “Personal information we collect” above for descriptions)
Identifiers Contact data
Account data
Research data
Commercial Information Profile data

Marketing data

Online activity data

Research data 

Online Identifiers Account data
Profile data
Device data
Internet or Network Information Marketing data
Device data
Online activity data
Geolocation Data Device data
Inferences May be derived from your: 

Content

Marketing data

Device data
Online activity data
Research data 

Protected Classification Characteristics Profile data
Research data
Sensory Information Profile data

Content

Research data

Medical Information Profile data
Content
Research data

 

Sources.  We describe the sources from which we collect this Personal Information in the section above entitled Personal information we collect.  

Purposes.  We describe the business and commercial purposes for which we collect this Personal Information in the section above entitled How we use your personal information.  

Disclosure.  We disclosed this Personal Information to the categories of third parties described in the section above entitled How we share your personal information

 

Information regarding the European Economic Area

Notice to European users

This section applies only to individuals in the United Kingdom and the European Economic Area. 

Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation. 

Controller. The Mighty is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.

EU representative.  Our EU representative is:

VeraSafe Ireland Ltd.

North Point Business Park, New Mallow Road, Cork T23AT2P, Ireland

https://verasafe.com/privacy-services/contact-article-27-representative/

Legal bases for processing.  The legal bases of our processing of your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it.  However, the table below sets out the legal bases on which we typically rely when we process personal information other than medical information or other special categories of data.  We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us at [email protected].

Processing purpose

 

(click link for details)

Legal basis
Service delivery Processing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service.   

Where we cannot process your personal data as required to operate the Service on the grounds of contractual necessity, we process your personal information for this purpose based on our legitimate interest in providing you with the Service you access and request.

Marketing and advertising Processing is based on your consent where that consent is required by applicable law. 

Where such consent is not required by applicable law, we process your personal information for these purposes based on our legitimate interests in promoting our business.

Research and development

Compliance and protection
These activities are based on legitimate interests, if consent is not the basis is processing
Compliance with legal obligations Processing is necessary to comply with our legal obligations.
Actions we take with your consent Processing is based on your consent.  Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the Service. 

Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it.  If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis. 

Sensitive personal information 

We always ask for your explicit consent before processing information on your medical conditions. 

We ask that you not provide us with any other sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, biometrics or genetic characteristics, criminal background or trade union membership) through the Service or otherwise. If you do not consent to our processing and use of such sensitive personal information, you must not provide it to us.

Retention

We retain personal information where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested; to comply with applicable legal, tax or accounting requirements; to establish or defend legal claims; or for fraud prevention).  When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. 

Your rights

European data protection laws give you certain rights regarding your personal information.  If you are located within the United Kingdom or European Economic Area, you may ask us to take the following actions in relation to your personal information that we hold:

  • Access.  Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct.  Update or correct inaccuracies in your personal information.
  • Delete.  Delete your personal information.
  • Transfer.  Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict.  Restrict the processing of your personal information.
  • Object.  Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.  

You may submit these requests by email to [email protected] or our postal address provided above in the How to contact us section.  We may request specific information from you to help us confirm your identity and process your request.  Applicable law may require or permit us to decline your request.  If we decline your request, we will tell you why, subject to legal restrictions.  If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.  You can find your data protection regulator here.  

Cross-Border Data Transfer

If we transfer your personal information from the United Kingdom or European Economic Area to another country such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so.  Please contact us for further information about any such transfers or the specific safeguards applied.