Your Privacy Matters
1. Who we are
1.1 Wonder Idea is an international tech company, providing several Services that enables registered Users to upload, create, edit and promote their content, in particular publications and other content.
1.2 Our address headquarter is located at: Room 1003, 10/F, Tower 1, Lippo Centre, 89 Queensway, Admiralty, Hong Kong. The company is duly incorporated under the laws of Hong Kong.
1.3 Operationally we are in compliance with, though not bound to do so, the general requirements on personal data collection and usage recommended by the United States Federal Trade Commission’s guidance on “Mobile Privacy Disclosers”, European General Data Protection Regulation and Califolia’s online Privacy Protection Act. In particular, we carry out Privacy Compliance Assessment exercises periodically to ensure compliance in respect of notice, choice, onward transfer, security, data integrity, access and enforcement.
1.4 Owing to the global nature of the Company’s business conducted over the internet, it is practically impossible for us to comply with all applicable laws / rules / regulations (and the like) as may be prescribed by individual country / region / city. We endeavor to adopt internationally recommended “Best Practices” whilst adhering to the Personal Data (Privacy) Ordinance, laws of Hong Kong which you must agree to as the applicable law in case of dispute arising herefrom.
1.5 Data Controller
1.5.1 Wonder Idea is the data controller for the personal data collected from Users domiciled within the EU when using the Services.
1.5.2 We will process your personal data in compliance with European General Data Protection Regulation. (“GDPR”)
2. What info we collect
The types of Personal Information that we collect fall under two general categories: personally identifiable information (PII) and non-personally identifiable information (non-PII). PII consists of any information which can be used to specifically identify you as an individual, whereas non-PII consists of aggregate information or any information that does not reveal your identity. The following paragraphs explain what PII and non-PII we collect from you, and how we use such information.
2.2 Log activity. We receive information every time you view or interact with content on our site, even if you don’t have an account. Log activity information covers a variety of data that is available to Wonder Idea either through 3rds party service providers or collected directly by us: browser information, OS type, device used, IP, chat activity, date, time and duration for each site visit, referring web page, page visits, search terms, location, cookies, clicks, views and session duration for all site pages. We generally analyze sets of data to make sure our services are fully functional, to ensure a reliable and secure performance. We also use such information to better understand user needs, to improve our site performance, and to send relevant marketing messages that match your interests.
2.3 Web Beacons. “Web beacons” (also known as “clear gifs” and “pixel tags”) are small transparent graphic images that are often used in conjunction with cookies in order to further personalize our Websites for our users and to collect a limited set of information about our visitors. We may also use web beacons in email communications sent to you in order to understand the behavior of our members. We do not link the web beacons to any of our members’ PII.
2.4 Mobile Analytics. We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information such as how often you use our applications, the events that occur within the applications, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any of your submitted PII within the mobile application.
2.5 Your Information. When you register or subscribe to any of our Services, we collect a wide variety of information about you.
2.6 Purchase Information. You may provide payment information on our site, when purchasing a premium subscription. We do not store payment information, such as debit/credit card number, CVV code or PayPal address on our database or servers. This information is processed and stored on the servers of our reliable and secure payment processors in order to enable recurring payments to us. We also store the card’s expiration date and the last 4 digits, so that we can send you a notification when your card is about to expire. This way you’ll be able to experience uninterrupted premium services and keep your subscription active. If you wish to deactivate recurring payments, or update your billing information, you can do so in Account Options. Your request to deactivate recurring payments will be automatically processed by our payment processors and your recurring payments will stop.
2.7 E-mails. You are required to produce an e-mail address when you register for our Services. We use your e-mail for both transactional (e.g. order placement and confirmation, refund and renewal processing, notifying you of our suggested matches) and promotional (e.g., newsletters, new product offerings, special discounts, event notifications, special third-party offers) purposes. Our e-mail messages may contain codes that enable our database to track your usage of the e-mails, including whether the e-mail was opened and what links (if any) were opened. If you do not want to receive promotional e-mails from us, please see the section below labeled “Opt-Out”. We reserve the right to send you certain communications relating to our Services, such as service announcements, terms and policies updates and administrative messages, without offering you the opportunity to opt out of receiving them. We may also contact you by email, tickets and/or telephone (including to any wireless number you may provide to us) solely in connection with our Services. If you would rather not receive emails, tickets or telephone calls from us, you may change or delete your number by contacting us for it to be removed from our contact list.
2.8 Mobile Device. If you use your mobile device to access our Websites or download any of our applications, we may collect device information (such as your mobile device identifier, model and manufacturer), operating system information, IP address and etc. We collect your geolocation information only with your consent.
2.9 Demographic Data.
We may collect demographic data from our members and visitors. We use this data to tailor your user experience at our Websites, newsletter and service, showing you content that we think you might be interested in, and displaying the content according to your preferences. Some of this information may be shared with advertisers on a non-personally identifiable basis.
2.10 Location. We get information about your signup and current location (country and city) from your IP address and device settings. (An IP address is a number that is assigned to your device by your Internet Service Provider when you are accessing the Internet.) You may receive personalized messages based on your location.
2.11 Online Survey Data. We may periodically conduct voluntary member surveys. We encourage you to participate in such surveys to help us improve our Services. All responses are anonymous and do not involve any of your PII
2.12 Public information. All your public information can be viewed on your public profile, including nickname, unique URL, profile image, website, social profiles, number of followers, as well as all the catalogs that you have created and published publicly. None of these details are mandatory for setting up an account, but we recommend displaying them on your profile, if you have any interest in branding or promoting your content.
You are responsible for the information that you share on your profile and the content of your catalogs, so you should think carefully about what you want to publish publicly. For sensitive information that you wish to keep private or share with a limited group of individuals, we recommend publishing your content privately.
If you update your public information on our sites it may automatically be updated on our websites.
In addition to displaying your public information and your content on our sites, we also provide technology such as APIs and embeds to give you the option to make your content available on other sites or platforms. Such embed codes and API integrations are not available to other publishers or site visitors.
2.13. CONTACT INFORMATION AND PASSWORD. We use your email address and password to authenticate your account and keep it secure, preventing fraud, abuses and spam. We need your email to set up unique user accounts, to be able to get in touch with you and to send you personalized messages. You can always modify your email address directly from your account and you can reset your password at any time. Your password is non-reversibly encrypted before being saved to the database, for your protection, so it cannot be copied or stolen, even in case of a hacking attack.
We also use your email address to get in touch with you and to send you information about our services and to market to you according to your country’s laws. You can check your account settings if you wish to control the type of emails you receive from us or to unsubscribe from all email messages.
You can sign up our services using another service: a Facebook or Google account. If you do, we will use information from that service to create your account, such as your email address and name. We do not collect any passwords at all for users that are using the Facebook Connect API as well as for those connecting with Google API.
If you email or contact us via live chat we will keep your contact info and message, to be able to send you a reply.
If you fill in a contact form or request to download a resource, you may be asked to provide personal data such as, but not limited to, your full name, your email address and your consent to receive marketing communications and materials. We collect and process this kind of personal data for the purpose of providing the desired service or resource, to study your interests for marketing purposes or for improving our website and platform.
If you leave comments or replies to comments on our blog, you are required to provide your name, your email address and, optionally, your website URL. We require this personal data in order to ensure that you are a real person and to avoid spam.
2.15 Link clicks. In order to operate our service we keep track of how you interact with our site and what links you decide to click on. This includes links on the website, blog, help center, emails, ads, and live chat support.
2.16 Embeds. If you view catalogs integrated on 3rd party websites via embed codes or white labeled URLs, we may receive log data regarding your activity (what page you visited, session information and how you interacted with the embedded contents). This type of data does not contain any personally identifiable information and is reported as an aggregate to us. We make this data available directly in the publisher’s account under statistics and in Google Analytics (for premium users who are using the Analytics integration). This type of information is important for our users who need to understand how their publications are performing in order to be able to optimize them or refine their marketing strategies.
3. Why we collect ( The Purpose and Legal basis)
If you are a resident of the European Economic Area (EEA), all the processes undertaken by Wonder Idea are in accordance with European laws and regulations such as the General Data Protection Regulation (GDPR). The GDPR governs how Wonder Idea may process your information and as well your rights in relation to it.
Wonder Idea will collect and use your personal data only where:
- We need it in order to fulfill our contractual obligations when delivering you the Service
- It is in our legitimate interest for developing and improving the Service
- You have given us consent
- It is necessary for compliance with our legal obligations
Providing the personal data mentioned above is a contractual requirement. Without it is not possible for you to enter into a contract with our company and subsequently to start using Wonder Idea. If you need any clarification regarding the provision of personal data – whether it is required by law, or by a contract, or whether it is necessary for your usage of Wonder Idea, please contact our Data Protection Office
4. Transfer data to third countries including United States
4.1 All the collected data is transferred to the United States for processing, we don’t back-up our data outside of the United states.
4.2 We undertake the transfer to the United State on the legal basis of fulfilling our contractual obligation towards you. The transfer of your personal data is necessary for us to perform our contractual obligations to you as a User under the Terms of Service and to deliver the services we have agreed with you as a User to provide.
4.3 We and our Suppliers have, as required by the General Data Protection Regulation, implemented appropriate technical and organizational measures to keep your personal data safe. Please contact us at support @wonderidea.com if you would like to learn more about how we keep your personal data safe. If you are located in the European Union you can confidently contact our appointed representative: BONDOC SI SCA with an office at 44 Londra Street, Sector 2, 011764 Bucharest Romania. Or you can raise a concern with your local supervisory authority.
5. Who gets access to your data and why
We collect and share as little personal data as possible to function. Whenever you delete your account we will initiate a process that will remove your data from all these processors, if possible. In some cases it is physically impossible to distinctly identify specific users, when data is used collectively for research and statistical purposes, or it may be needed for accounting purposes.
5.1. List of 3rd party service providers
We use trusted third party companies from the USA, UK, Hongkong, Ireland, Romania and other countries(or regions):
5.1.1 Analytics – In order to understand the use of our service we need to allow site analytics tools to access some information regarding your site usage. These tools are Google Analytics and Hotjar. The information we collect through these third-party services includes your IP address, your device type and Operating System, your Internet browser, your location, the pages on our website you have visited, the actions you’ve performed on these pages (including recordings of your interactions, such as movements, mouse clicks), and actions you’ve performed in our online app (such as number of contents you have created, upload and download history).
5.1.3 CRM and email providers – Our business email addresses are managed by Google and Zoho, so every email that you send to any employee will be accessed through Google Mail and Zoho Mail. We send out automated transactional emails (emails regarding account registration and payments) through AWS, Getrespond and Mailgun, which have access to email addresses of end users. For CRM and live chat we use Zendesk.
5.1.4 Payment processors and ecommerce – We share your payment info with payment and e-commerce service providers (Stripe, Paypal, 2Checkout and Digital River) to process payments, to prevent, detect and investigate frauds and for dispute resolutions (chargebacks, claims, refunds).
5.1.5 Cloud Storage, Database and CDN– We use Amazon Web Services (AWS), Linode and Cloudflare for cloud services, database backup and storage. All the data that Wonder Idea collects directly through its service and all the content uploaded or created by users are hosted on these trusted Suppliers.
5.2 Other than those who act on our behalf and except as explained in this Policy, information you provide will not be transferred to unrelated third parties, unless we have your permission to do so.
5.3 We may share personal data regarding you if we are obligated to do so by law, to enforce our terms of service, to protect us against loss or damage. This may include exchanging information with the police, courts or law enforcement organisations.
5.4 If we sell our business or our company assets are acquired by a third party personal data held by us about our users may be one of the transferred assets.
6. Your rights as a user
6.1 As provided by the GDPR, you have the right to:
6.1.1 Access personal data regarding you.
You can always access your account to review the personal data we have collected about you. You may delete and amend the data collected.
You also have the right to obtain a copy of the personal data free of charge. However, we may charge a fee corresponding to administrative costs if further copies of the information are requested, or if the request is unfounded or excessive.
6.1.2 Ask for rectification of incorrect or inaccurate data concerning you, or to have incomplete personal data completed. You can use your access to your account to update your personal data.
6.1.3 Ask for erasure of personal data regarding you (under certain circumstances).
6.1.4 Ask for the restriction of the processing of your data (under certain circumstances).
6.1.5 Object to the processing of your data for marketing purposes by withdrawing your personal consent.
6.1.7 You can at any time withdraw your consent by deleting your profile .
6.1.8 You have the right of portability of the personal data you have submitted to us. We will deliver your personal data in a structured, commonly used and machine-readable format.
When we receive a request to access, rectify, erase or port data, we may ask you for additional information in order to confirm your identity and ensure data security. You can send a request via [email protected].
Please remember that we may only port your original User Submission, the Proprietary Formats could not be ported as it is part of our Service, and should be taken as your personal data.
6.2 You have the right to complain regarding the processing of personal data concerning you to the local supervisory authority.
7 Data retention and account deletion
7.1 We store your personal data for as long as your account is active.
7.2 We may also store some of your personal data to comply with our legal obligations.
7.3 You may add or update certain information to your account. When you update information, however, we often maintain a copy of the unrevised information in systems back-ups for a period of time until our backup is updated with the latest version.
7.4 When you delete your account, we delete the data attached to your account.
7.5 Please note some of your info would be indexed by the search engine, we can not control the search result page in the search engine. It will take some time for the search engine to update its own rescult.
7.6 Please note that some information may remain in our records after your account has been deleted, and that we may only be able to delete this information later when updating our backups,which may include your contents.
7.7 Please note that if you use Digital Sale to monetize your content, even if you delete your account, we may still keep a copy of your content for your readers to access privately only in their accounts until such private access has expired.
8. Children’s privacy
8.1 The Platform is intended for use by people above the age of thirteen or the legal age for granting consent to an information service provider on the Internet in the jurisdiction in which you reside. If we receive notice or reasonably believe that someone under the appropriate age has provided us with personal information, we will promptly delete the account and all personal information that has been provided to us.
8.2 We may use a registration of age as a tool to try and prevent users under the legal age in the jurisdiction where the user resides to read content not rated for minors.