Anything World values your trust, particularly when it comes to your personal data/personal information.
Our business is to help you create 3D experiences populated with anything you can think of; not to make money out of your personal data. We don’t market or sell your personal data and we never will. That’s a promise.
This policy explains what data, including personal data, we collect from and about you when you visit the Anything World website and when you subscribe to the Anything World platform.
We appreciate there’s a lot of detail in this policy, but it’s important that you read it to ensure you’re fully informed about how we use your personal data and your rights.
We may need to make changes to this policy occasionally, to reflect any changes to our services or legal requirements. We’ll notify you of any important changes before they take effect.
If you’ve got any questions about this policy, please email us at firstname.lastname@example.org.
We’re Anything World Limited (we/our), a limited company registered in England and Wales under company number 11379076. As required by UK data protection law, we are ICO registered for GDPR with our website operating through Squarespace and payments through Stripe, both or their policies are listed below...
We don’t knowingly collect personal data about children. For this purpose, a ‘child’ means anyone under the age of 13 or the age of majority where you’re based.
If you hold parental responsibility for a child under the age of 13 or the age of majority where you’re based and are concerned that we’ve collected personal data about your child, please contact us at email@example.com.
When we talk about ‘personal data’, we mean any data that identifies or can be used to identify you. This doesn’t include data where your identity has been removed (anonymous data). The types of personal data collected by and about you include:
As long as you are visiting our website and using our platform, we’ll only collect your personal data from you. If you’re employed or engaged by the organisation that has signed up for our platform, they may set an account up for you to access it.
This section is important as it explains what we’ll use your personal data for, and the legal grounds relied on by us for those purposes.
Under UK and EU data protection law there are six legal grounds that we may rely upon, the most relevant being where:
We may use your personal data for purposes which are closely related to any of the above purposes. If we want to use your personal data for any unrelated purposes, we’ll let you know about this in advance.
We don’t sell your personal data for marketing purposes and we never will.
The only people that will have access to your personal data include:
In the very rare situation where we’re asked to disclose personal data in response to any legal request or court order, we’ll take legal advice before making any disclosure to ensure that your rights and interests are considered before responding to such requests.
We have set our servers up so that all personal data provided by you is stored within the UK and the EEA. However, several of our technical service providers are based outside those regions (such as Squarespace and Calendly which are based in the USA), which means that your personal data will be transferred outside the UK and the EEA. Whenever we transfer your personal data outside the UK or the EEA, we ensure that a similar degree of protection applies to your personal data.
We’ve put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We also limit access to your personal data to those of our staff and technical service providers that have a need to access it (based on the principle of ‘least privilege’). They’ll only use your personal data based on our instructions and are required to keep your personal data confidential.
We’ve put in place procedures to deal with any suspected personal data breach and will notify you and the UK Information Commissioner’s Office or any other relevant regulator where we’re legally required to do so.
We’ll only keep your personal data for as long as necessary in connection with the purposes we collected it for and to comply with any legal, accounting or reporting requirements. To determine how long we keep your personal data for, we consider the amount, nature and sensitivity of the personal data, the purposes for which it was collected and the potential risk of harm from us continuing to keep it.
We’ll retain any personal data linked to your account for as long as you’re a subscriber and for 12 months after you’ve ended your subscription (in case you decide to re-activate it within that time). Copies of transactional records will be kept for 6 years.
We’ll retain personal data relating to email marketing until you unsubscribe, or your email address has become permanently unavailable.
We’ll retain any analytical data collected about your use of our website which identifies you for a period of 12 months.
We may retain any data that doesn’t identify you indefinitely.
Our website uses small text files, called cookies, which are stored on your device when you access and use our website. Apart from those cookies which are strictly necessary for us to provide you with access to our website, we’ll only store cookies on your device if you’ve consented to this when you first access our website and every 30 days thereafter.
As cookies are unique, we can use them to distinguish you from other users for the purposes described above, however we’ve configured our analytical cookies so that your IP address is anonymised. To find out more about cookies, how to refuse them and how to change your device’s cookie settings, you should visit the ICO Cookie Guidance.
Our website uses the following types of cookies:
The cookies we use are as follows:
As required by the laws of the State of California, our Website responds to Do Not Track (DNT) signals.
We use Mailchimp to manage our email marketing campaigns. Mailchimp uses tiny invisible images called ‘pixels’ that are contained within emails to enable us to see:
Under UK and EU data protection laws, you have the following rights in relation to your personal data:
You won’t have to pay any fee to exercise any of the above rights, although we may charge a reasonable fee or refuse to comply with your request if any request is clearly unfounded or excessive. Where this is the case, we’ll let you know.
To protect the confidentiality of your personal data and other members of our community, we may need to ask you to verify your identity before fulfilling any request in relation to your personal data.
This section of the policy applies if you reside in the State of California.
Definitions: Any references in this policy to personal data include references to personal information as defined under the CCPA.
Rights of access and deletion: The right of access described in the previous section is limited to the personal data we’ve collected from and about you over the past 12 months. The rights of access and deletion described in the previous section will be subject to the exceptions set out under the CCPA.
Right to opt-out of the sale of personal information: Although you’ve the right to opt-out of the sale of your personal information, this isn’t something we do.
Right to non-discrimination: You’ve the right not to be discriminated against for having exercised your rights under the CCPA. This means that we won’t deny you access to our website; charge you a different price for any content available within our platform; deny you any benefits or charge you any penalties; or provide you with a different user experience to any other users.
Sale of personal information within the past 12 months: We haven’t sold any personal data in the past 12 months.
Disclosure of personal information within the past 12 months: The CCPA describes many of the activities we routinely undertake in relation to personal information as disclosures to third parties for a ‘business purpose’. We enter into contracts with such third parties which require them to keep your personal information confidential and not use it for any purpose other than to provide their services to us. In the past 12 months, we’ve disclosed all of the categories of personal information listed earlier in this policy to our technical service providers for the purposes of auditing the use of our website, detecting and protecting against security incidents, debugging to identify and repair errors and undertaking internal research for developing the website.
Exercising your rights under the CCPA: To exercise any of your rights under the CCPA you, or another person registered with the California Secretary of State that has been authorised by you, should email firstname.lastname@example.org.
If you’ve got any questions or comments regarding this policy, please email us at email@example.com.