If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit https://oag.ca.gov/privacy/privacy-laws. To further define how the California Consumer Privacy Act of 2018 (CCPA) impacts CSS, we have a Supplemental Privacy Statement for California Consumers.
CSS, its Service Providers, and/or Third-Party Services may also automatically collect certain information about you when you access or use the Service ("Usage Information"). Usage Information may include IP address, device identifier, browser type, operating system, information about your use of the Service, and data regarding network connected hardware (e.g., computer or mobile device). Except to the extent defined by applicable law, or to the extent Usage Information is combined by or on behalf of CSS with CSS- Collected PI, CSS does not consider Usage Information (including, without limitation, device identifiers) to be Personal Information or CSS- Collected PI. CSS considers IP address to be PI. For more information on Third-Party Services’ data collection and practices, refer to Section 6. For more information on Service Provider data collection and practices, refer to Section 10. For information on choices some of these third parties may offer you regarding automated data collection, refer to Section 10.
The methods that may be used on the Service to collect Usage Information include:
A cookie is a small text file that is stored on a user’s device, which may be session ID cookies or tracking cookies. Session cookies make it easier for you to navigate the Service and expire when you close your browser.
Web Beacons ("Tracking Pixels")
Web beacons are small graphic images, also known as "internet tags" or "clear gifs," embedded in web pages and e-mail messages. Web beacons may be used, without limitation, to count the number of visitors to the Service, to monitor how users navigate the Service, and to count content views.
An embedded script is programming code designed to collect information about your interactions with the Service. It is temporarily downloaded onto your computer from CSS’s web server, or from a third party with which CSS works and is active only while you are connected to the Service and deleted or deactivated thereafter.
GPS (global positioning systems) software, geo-filtering and other location- aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting content based on your location.
Collection and analysis of information from your device, such as, without limitation, your operating system, plug-ins, system fonts, and other data, for purposes of identification and/or tracking.
Device Recognition Technologies
Technologies, including application of statistical probability to data sets, as well as linking a common unique identifier to different device use (e.g., Facebook ID), which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user or household).
In-App Tracking Methods
There are a variety of Tracking Technologies that may be included in mobile applications, and these are not browser-based like cookies and cannot be controlled by browser settings. Some use device identifier, or other identifiers such as "Ad IDs" to associate app user activity to a particular app and to track user activity across apps and/or devices.
Some information about your use of the Service and certain Third-Party Services may be collected using Tracking Technologies across time and services and used by CSS and third parties for purposes such as to associate different devices you use and deliver relevant ads and/or other content to you on the Service and certain Third-Party Services. See Section 10 regarding certain choices regarding these activities.
CSS is giving you notice of the Tracking Technologies and your choices regarding them explained in Section 10 so that your consent to encountering them is meaningfully informed.
Crackle may also obtain information about you from other sources, including Crackle’s and Crackle’s parent and related companies’ affiliates ("Crackle Plus Companies"), Service Providers and Third- Party Services solely as allowed by law, and combine that with CSS- Collected PI. Such third- party-sourced, or non-Service-sourced, information (including Personal Information) will only be treated as CSS-Collected PI to the extent it is combined with CSS-Collected PI. CSS is not responsible or liable for the accuracy of the information provided by third parties or for third party policies or practices.
CSS may share non-Personal Information, and Personal Information that is not deemed CSS- Collected PI hereunder (provided that CSS is aware of no restrictions on CSS’s use, if any), with third parties or Crackle Plus Companies and their affiliates for the purposes defined in this Policy. CSS may share the information CSS receives from or about you via the Service (or give others access to it), including your Personal Information, for a variety of purposes. These include, without limitation:
CSS’s sharing of CSS-Collected PI is, however, subject to the following:
Please review those rules carefully.
Additionally, the Service may offer you the option to send a communication to a friend. If so, CSS relies on you to only send to people that have given you permission to do so. The friend’s Personal Information you provide (e.g., name, e-mail address) will be used to facilitate the communication, but not used by CSS for any other marketing purpose unless CSS obtains consent from that person. Your contact information and message may be included in the communication.
The Service may include hyperlinks to, or include on or in connection with, the Service (e.g., apps and plug-ins), websites, locations, platforms, applications or services operated by third parties ("Third-Party Service(s)". These Third-Party Services may use their own cookies, web beacons, and other Tracking Technology to independently collect information about you and may solicit Personal Information from you.
Certain functionalities on the Service permit interactions that you initiate between the Service and certain Third-Party Services, such as third-party social networks ("Social Features"). Examples of Social Features include enabling you to send content such as contacts and photos between the Service and a Third-Party Service; "liking" or "sharing" CSS’s content; logging in to the Service using your Third-Party Service account (e.g., using Facebook Connect to sign-in to the Service); and to otherwise connect the Service to a Third-Party Service (e.g., to pull or push information to or from the Service). If you use Social Features, and potentially other Third-Party Services, information you post or provide access to may be publicly displayed on the Service (see Section 5) or by the Third-Party Service that you use. Similarly, if you post information on a Third-Party Service that references the Service (e.g., by using a hashtag associated with Crackle Plus Companies in a tweet or status update), your post may be used on or in connection with the Service or otherwise by Crackle Plus Companies. Also, both CSS and the third party may have access to certain information about you and your use of the Service and any Third-Party Service.
CSS may engage and work with Service Providers and other third parties to serve advertisements on the Service and/or on Third-Party Services. Some of these ads may be tailored to your interest based on your browsing of the Service and elsewhere on the internet, sometimes referred to as "interest-based advertising" and "online behavioral advertising" ("Interest-based Advertising"), which may include sending you an ad on a Third-Party Service after you have left the Service (i.e., "retargeting").
CSS takes reasonable measures to protect CSS-Collected PI (excluding UGC) from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction.
Nevertheless, transmission via the internet and online digital storage are not completely secure and CSS cannot guarantee the security of your information collected through the Service.
CSS offers to its users a range of sites and applications, some of which are intended for users and their families. CSS does not permit the registration of, nor does CSS knowingly collect, use, or disclose PII from anyone under 13 years of age (as defined by the U.S. Children’s Privacy Protection Act ("COPPA") ("Children’s Personal Information").
Our platform, Popcornflix Kids, may automatically collect information such as IP address and watch time of shows if a child is watching from their own device to support internal operations such as to conduct research and analysis to address the performance of the platform, provide contextual advertising, and to provide access to content. In any instance that we collect personal information from a child, we will retain that information only so long as reasonably necessary to fulfill the activity request or allow the child to continue to participate in the activity and ensure the security of our users and our services, or as required by law.
We may share information with our service providers if necessary, for them to perform a business, professional, or technology support function for us.
We may disclose personal information if permitted or required by law, for example, in response to a court order or a subpoena. To the extent permitted by applicable law, we also may disclose personal information collected from children (i) in response to a law enforcement or public agency’s (including schools or children services) request; (ii) if we believe disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or protect the safety of a child using our sites or applications; (iii) to protect the security or integrity of our sites, applications, and other technology, as well as the technology of our service providers; or (iv) enable us to take precautions against liability.
We do not “sell” personal information of known minors under 16 years of age.
If you are using any of our other sites and you are under the age of 13, you are not permitted to use these Services. If you are aware of anyone under the age of 13 using our other Sites, please notify us. Upon confirmation, we will terminate any account that a user may have, and we will eliminate any personal information we may have obtained from that user immediately.
If you are a parent or guardian and believe CSS has collected Children’s Personal Information in a manner not permitted by COPPA, please contact CSS and CSS will remove such data to the extent required by COPPA.
If you have an account with us, CSS provides web pages and other mechanisms allowing you to delete, correct, or update some of the CSS-Collected PI, and potentially certain other information about you (e.g., profile and account information).
CSS only knowingly shares personal information (as defined by California’s "Shine the Light" law), with non-affiliated third parties (i.e., parties other than our affiliated Crackle Plus Companies) for their own direct marketing purposes if you specifically opt-in or are offered the opportunity to opt- out and elect not to opt-out, to such sharing at the time you provide personal information or choose to participate in a feature on the Service. If you do not opt-in or if you opt-out at that time, CSS will not knowingly share the personal information that was collected in connection therewith with such identified non-affiliated third party(ies) for its/their own direct marketing purposes but may continue to seek your consent to sharing with the same or other non-affiliated third parties for their own direct marketing purposes from time-to-time. Each consent notice and opportunity will be treated separately so it is possible that you may consent to some sharing but not to others.
In addition, California residents may request information about CSS’ compliance with the Shine the Light law and the CSS Companies with which CSS may have shared personal information for their direct marketing purposes by contacting CSS here or by sending a letter to Crackle Plus, LLC at PO Box 700, Cos Cob, CT 06807 (Attention: Privacy Program, Information Security). Requests must include "California Privacy Rights Request" in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that CSS is only required to respond to one request per customer each year, and CSS is not required to respond to requests made by means other than through the provided e-mail address or mail address.
Under EU Regulation 2016/679 of the European Parliament and the Council; the General Data Protection Regulation (“GDPR”), you have a number of rights when it comes to your personal information. Further information and advice about your rights can be obtained from the data protection regulator in your country of residence within the EU. You can exercise any of these rights by contacting us through our email or mailing address in the "Contact CSS" section below:
CSS will make good faith efforts to make requested changes in CSS then-active databases as soon as practicable, but it is not always possible to completely change, remove or delete all of your information or public postings from CSS’ databases and residual and/or cached data may remain archived thereafter. Further, we reserve the right to retain data (a) as required by applicable law; and (b) for so long as reasonably necessary to fulfill the purposes for which the data is retained except to the extent prohibited by applicable law. To submit individual right’s requests that apply in your region, please click here.
You can control the use of your data for interest-based advertising from CSS by visiting our LINK TO CCM.
Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options so you may need to set them separately. Also, tools from commercial browsers may not be effective with regard to Flash cookies (also known as locally shared objects), HTML5 cookies, or other Tracking Technologies. For information on disabling Flash cookies, go to Adobe’s website http://helpx.adobe.com/flash- player/kb/disable-third-party-local-shared.html. Please be aware that if you disable or remove these technologies, some parts of the Service may not work and that when you revisit the Service your ability to limit browser-based Tracking Technologies is subject to your browser settings and limitations.
App-related Tracking Technologies in connection with non-browser usage (e.g., most functionality of a mobile app) can only be disabled by uninstalling the app. To uninstall an app, follow the instructions from your operating system or device manufacturer.
Your browser settings may allow you to automatically transmit a "Do Not Track" signal to online services you visit. Note, however, there is no consensus among industry participants as to what "Do Not Track" means in this context. Like many online services, CSS currently does not alter CSS’s practices when CSS receives a "Do Not Track" signal from a visitor’s browser. To find out more about "Do Not Track," you can visit https://allaboutdnt.com/ but CSS is not responsible for the completeness or accuracy of this third party information. Some third parties, however, may offer you choices regarding their Tracking Technologies. CSS is not responsible for the completeness or accuracy of third-party choice notices or choice mechanisms. For specific information on some of the choice options offered by third party analytics and advertising providers, see the next section.
You may choose whether to receive some Interest-based Advertising by submitting opt- outs. Some of the advertisers and Service Providers that perform advertising-related services for us, and our partners may participate in the Digital Advertising Alliance’s("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, visit http://www.aboutads.info/choices/ and http://www.aboutads.info/appchoices for information on the DAA’s opt-out program for mobile apps. Some of these companies may also be members of the Network Advertising Initiative ("NAI"). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain Interest-based Advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use of a different device or web browsers or use a non- browser-based method of access (e.g., mobileapp), your NAI /DAA browser-based opt-out may not, or may no longer, be effective.
CSS supports the ad industry’s 2009 Self- regulatory Principles for Online Behavioral Advertising (https://www.iab.net/media/file/ven-principles-07-01-09.pdf). CSS is not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.
With respect to CSS’ mobile apps ("apps"), you can stop all collection of data generated by use of the app by uninstalling the app. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain location-based services, by adjusting the permissions in your mobile device. See also the prior section regarding the DAA’s mobile Interest-based Advertising choices.
You can opt out of receiving certain promotional communications (emails or text messaging) from CSS at any time by (i) for promotional emails, following the instructions provided in emails to click on the unsubscribe link, or if available by changing your communication preferences by logging onto your account; and (ii) for text messages, following the instructions provided in text messages from CSS to text the word, affect subsequent subscriptions. If you opt-out of only certain communications, other subscription communications may continue. Even if you opt-out of receiving promotional communications, CSS may, subject to applicable law, continue to send you non- promotional communications, such as those about your account, transactions, servicing, or CSS’s ongoing business relations.
To submit individual right’s requests that apply in your region, please click here here.
When we use the term “personal information” in this supplemental California Statement, we are using that term as CCPA defines it, which CCPA generally defines “personal information” to mean information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. However, personal information does not include publicly available, de-identified, or aggregate consumer information (which are all defined in CCPA). Notably, the definition of “personal information” also does not apply to the collection of personal information from job applicants, employees – whether you are our employee or any employee of the entity arranging access to our Services for you, business owners, directors, officers, staff, or contractors.
Where we act as a “business” under CCPA (meaning we determine the manner and reasons for why we process your personal information), we may be required to disclose the categories of personal information we collect, the sources where we obtain that information, the purposes for why we collect that information, and who we share that information – all of which depends on the specific Service.
|A. Identifiers.||A real name, alias, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers. Testimonials and reviews.||Yes|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||Yes for name only.|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||Yes for age and gender.|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||Yes, for videos watched on service.|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||No.|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.||Yes, for cookies, device ID, and IP address.|
|G. Geolocation data.||Physical location or movements.||Yes.|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||No.|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||No.|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||No.|
The CCPA provides California residents (consumers) with specific rights regarding their personal information. If you are a resident of California and are not a job applicant, employee, or employee of another company interacting with us in your job role, you have the right to request what information we collect, use, and disclose. This includes the categories of personal information and the specific pieces of personal information. You may also request the sources of personal information collected about you, the purpose for collecting the personal information. You also have the right to request that we delete your information. To submit other individual right’s requests that apply in your region, please click here.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. CSS does not knowingly collect information from children. If you believe we have collected information about your child, you may also make a verifiable consumer request on behalf of your child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
The verifiable consumer request must:
Provide sufficient information that allows us to reasonably verify you are the person we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not: