Privacy policy

Storychest Privacy Policy

Last Updated: 6 February 2021

Storychest Limited is a company registered in England and Wales under registration number 08867594 (Storychestweour or us) with its registered office at C/o Bennett Brooks & Co Limited, Suite 345, 50 Eastcastle Street, Fitzrovia, United Kingdom.  We are registered as a data controller with the United Kingdom’s Information Commissioner’s Office under registration reference ZA232941.

The Storychest service consists of mobile applications and websites hosted or made available by Storychest, which you may use or access for uploading, capturing, organising, searching, commenting on (including ‘liking’), storing and sharing stories containing text, photos, videos and other media on multiple computer and network platforms (collectively, the Service). You use the Service by accessing our mobile applications and/ or our website through a computer, (including a desktop or a laptop), a mobile phone or a tablet (Devices).

We are committed to protecting the privacy of your personal information and that of your family and friends. We believe that it is important that our users understand what information we collect, how we use it, and who it is shared with, which is why we have tried our best to explain our Privacy Policy simply and clearly.

In this Privacy Policy, we explain the types of information we collect from you and how we use that information.   The information we collect, use and share may include personal information.

1.            What information do we collect?

We may collect and store the following information when providing the Service:

Information You Provide. When you register for an account with us and use the Service, we collect some information from you directly including your name, email address, date of birth and profile photograph.  You may also provide us with the names, email addresses, dates of birth and photographs of your friends and family.  You also provide other information while using the Service such as ‘likes’ and comments.  In addition, you may provide us with certain information by providing ideas, suggestions, documents and proposals through any feedback interface or otherwise (Feedback) relating to the Service.

Information Others Provide.  We also collect information that other users provide when they use the Service including information about you, such as when they share a photo of you or upload other information about you.

Stories. We collect and store the stories you upload or access within Service, which may contain textual information and also media files such as photos and videos (Stories or Story).

Facebook login. From 12 February 2021 we will no longer be supporting Facebook login for users who have updated their Storychest app to Version 2.7.  Facebook login will continue to be possible for earlier versions of Storychest. If you continue to use an earlier version of Storychest and utilise Facebook login, we may access, collect and store information about you that is made available to us when you log on to the Service using your Facebook login.  Access and use of this information is subject to the further terms and conditions and privacy policies of Facebook. You can find more information about Facebook’s data security here.

Log Data. When you use the Service, our servers automatically record (log) information from your Device, its software, and your activity using the Service. This may include the Device’s Internet Protocol (IP) address, browser type, locale preferences, date and time stamps associated with interactions, system configuration information, crash data, metadata concerning media that you upload, and other interactions with the Service.

Device information.  In addition to log data, we may also collect information about the Device you are using, including what type of Device it is, what operating system you are using, software and file names, device settings, unique device identifiers and mobile network information.  To learn more about what information your Device makes available to us, please also check the policies of your Device manufacturer or software provider.

Geo-Location Information. Some Devices allow applications to access real-time location-based information (for example, GPS). We may also use digital technology to enable and support our security features, such as to help us detect malicious activity, combat fraudulent participation and violations of our Terms of Service.  These digital technologies may be used to identify your geographic location and verify your Device’s IP address as originating from your location.  You consent to us collecting such information to enable, support and improve our Service. Some photos and videos you store in Storychest may already contain recorded location information. We may use this information to optimise your experience.

2.            How do we use the information we collect?

We use the information we collect to provide the Service to you, to make it better, to communicate with you and to protect Storychest and our users.  In particular, we use the information we collect to:

·                enable you to connect with and be identified by your friends and family who also use the Service

·                perform our necessary business functions (eg employee education and training, internal audit investigations, performance reporting, market research and analysis), and provide, maintain and improve our Service

·                administer your use of the Service

·                better understand your needs and interests

·                to enable you to participate in a prize draw, competition or complete a survey

·                verify your identity when you are dealing with us and assist you with your queries, requests or concerns

·                provide or offer software updates

·                communicate with you about the Service, including to notify you about important technical information (such as maintenance downtime), to seek Feedback from you, to remind you that you have an account and to notify you about updates and service developments (Service Messages)

·                communicate with you about things that we think may interest you or our users generally

·                comply with our legal and regulatory obligations, or as otherwise required or authorised by law

·                manage and resolve any legal or commercial complaints or issues

We may also use your information for any other purpose as authorised by you.

Please note that you cannot opt out of receiving Service Messages, or any messages we need to send you in accordance with our Terms of Service, to notify you of any changes of our Terms of Service or that we consider necessary for your or our security.  If you no longer wish to receive other communications from us, please follow the “unsubscribe” instructions provided in any of those communications.

3.            How and when do we share information?

Our users use the Service to share information with other users.  We share your information as described in this Privacy Policy or at the time of collection including as follows:

Your Use. The Service enables users to capture and share Stories concerning moments in their life and the lives of their friends and family members.  The Storychest privacy settings are controlled on a Story by Story basis by each user so that users can decide exactly who sees any Story that they upload, and Stories will remain within that closed environment unless the user decides to share more widely, by using the “Social sharing” facility within the Service.   Any information and content you choose to share in Storychest should reflect how much you want others to know about you. Please consider carefully what information and content you share.

Third party service providers. We may use certain trusted third party companies and individuals to help us provide, analyse, and improve the Service (including but not limited to data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Service’s features). These third parties may have access to your information only to the extent necessary and for the purposes of performing these tasks on our behalf and under reasonable contractual and technical obligations to ensure the confidentiality of your information is maintained and it is used in accordance with this Privacy Policy. As of the date this policy went into effect, service providers we use include:

·                Microsoft Azure to store the information and files associated with your Stories. You can find more information about Microsoft Azure’s data security here and here.

Payment system operators and financial institutions. If you wish to use any of our services which require the payment of fees, we may use third parties to process payments on our behalf and disclose your information to them for these purposes only.  Like our other third providers, these third parties may use your information only to the extent necessary and for the purposes of performing these tasks on our behalf and under reasonable contractual and technical obligations to ensure the confidentiality of your information is maintained and it is used in accordance with this Privacy Policy.

Compliance with Laws and Law Enforcement Requests; Protection of Storychest’s Rights. We may disclose to parties outside Storychest any information stored in your Storychest and information about you that we have collected when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation or compulsory legal request from a competent authority; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of the rights of Storychest or its users; or (d) protect and enforce Storychest’s property rights.

Business Transfers. We may share your personal information with prospective purchasers of all or part of our business or shares in our company or if we are involved in a restructure, financing, merger, acquisition, or sale of all or a portion of our assets, your information may be shared or transferred as part of that transaction.

Non-private or Non-Personal Information. We may share anonymised, aggregated, de-identified or otherwise non-personal information which cannot be used to identify you, such as usage statistics of our Service.

Analytics. We may use and share information to monitor and analyse use of the Service. We currently use Google Analytics. To learn more about the privacy policy of Google Analytics, click here.  We also have access to Apple Analytics (if enabled by users).  To learn more about the Apple Privacy Policy, click here.  These third parties may use cookies to provide their services (see below).

With your consent.  We may also share your information as authorised by you.

4.            Cookies 

We may also collect information about you and your use of the Service using cookies.  We use cookies to improve functionality and performance of the Service.  Cookies are very small files that are sent by us to your Device which we can access when you are using the Service. Cookies allow a website to recognise a user’s Device.  For more information, see http://www.allaboutcookies.org/

Each cookie expires after a certain period of time depending on its purpose or they can be stored for longer.  We use sessional or transient cookies that are stored and used during your browsing session and are required for the use of the Service.  These are usually deleted automatically from your Device when you log out of your account, the browser is closed or within a reasonable time after your use of the Service.  Permanent, persistent or stored cookies are stored on your Device in between your use of the Service which allows us to personalise content for you and remember your preferences. 

We also allow the use of some third party cookies including analytical or performance cookies which are set by a domain other than the Service including as follows:

Website Analytics Cookies. We use Google Analytics, a web analytics tool that helps us understand how visitors arrive at and engage with the Service, so we can improve customers’ user experience and performance of the Service.  These cookies do not store any personal information about users.  

Remarketing Cookies. From time to time we undertake digital marketing campaigns using Google Ads, Facebook and LinkedIn.  We use cookies to track which parts of the Service you’ve been interested in.  This helps us know what message to serve you and when so that you get the most relevant information delivered to you when we advertise.  We use the Facebook Pixel to track your responses to our adverts and ensure you are getting the right messages from us.  You can opt out of these cookies by visiting Google Ads, Facebook and LinkedIn at any time and changing your settings.

Other Third Party Cookies. When you visit a page on the Service which contains third party embedded content, you may be sent cookies from those third party embedded websites.  We do not control the setting of those cookies and we recommend you check those third party websites for more information about their cookies and how to manage them.

If you want to restrict, block or delete any cookies that are on your Device, please change the cookie preferences of your browser or refer to the instructions for your file management software to locate the file or directory that stores cookies.  Please note that by deleting our cookies or disabling future cookies, you may not be able to access or use the Service or certain features of the Service.

5.            Where do we process your information?

We may use or store information wherever Storychest does business, including in countries other than your own.  By using the Service, you acknowledge that your information may be transferred, stored and used in other countries outside of the country in which you reside where a different data protection or privacy regime may apply.  These countries include the United Kingdom and Western Europe.  When we do this, we shall ensure appropriate steps are taken to protect your personal information in accordance with this Privacy Policy. 

6.            What legal rights do you have in relation to your information?

You have a right to:

·                access and request a copy of your personal information to check how we are using your personal data;

·                correct or rectify any personal information that is out-of-date, incorrect, incomplete or misleading;

·                have your personal information deleted or erased;

·                ask us to limit or restrict the use of your personal information;

·                object to the processing of your personal information;

·                request a copy of the personal information you have provided to us in a structured, commonly used and machine-readable format and the right to have that information transmitted or ported to another entity under certain circumstances; and

·                withdraw any consent previously given by you to the processing of your personal information.

You have a right to request the erasure or destruction of your personal information (“the right to be forgotten”) when it is no longer necessary for the purpose for which it was originally collected, it is not being used for the purposes for which it was collected, or you wish to withdraw your consent for certain processing.  You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing, where we have processed your personal information unlawfully, or where we are required to erase your personal data to comply with local law.

All requests should be submitted to us in writing using the contact details set out below. 

We will action your request within a reasonable time frame and provide one copy of your personal information free of charge.  If your request is for additional copies or your request is manifestly unfounded, excessive or repetitive, we may refuse your request or charge a reasonable fee.  If we refuse a request or charge a reasonable fee, we will advise you of the reasons for our refusal or any fees within a reasonable time frame.

There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy, rights or freedoms of others, or result in a breach of confidentiality or applicable laws.  In addition, we may not be able to comply with your request to erase or destroy your personal information in certain circumstances such as where we need to continue processing your personal information in order to comply with applicable laws.  In these cases we will let you know why we cannot comply with your request. 

7.            Retention of information

We will retain your information for as long as your account is active or as needed for the purpose for which it was collected, and in accordance with legal requirements. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account via your “My Account” page or request that we delete your account by contacting us. We may retain and use your information as necessary to comply with our legal obligations and resolve disputes. Consistent with these requirements, we will delete or permanently de-identify your information within a reasonable period of time after receipt of your request. Please note, however, that there might be latency in deleting information from our servers and backed-up versions might exist after deletion. In addition, we do not delete from our servers information that you have in common with other users.

8.            Quality and security of information

We take reasonable steps to ensure that any of your personal information which we hold is accurate, complete and up-to-date.  These steps include promptly updating personal information when we are advised that personal information has changed, checking our contact lists for accuracy, and providing you with a simple means via your account to update your personal information.

The security of your information is important to us. We will operate appropriate technical and organisational processes to protect your information against unauthorised or unlawful access or processing and against accidental loss or destruction.  When you enter certain information (such as a password) on forms, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security.   You also play an important role in keeping your information secure by maintaining the confidentiality of any usernames and passwords you use with the Service. If you have any questions about security of our Service, please contact us using the contact details below.

9.            Questions and Complaints

If you have questions about this Privacy Policy, if we do not agree to provide you with access to your personal information, or if you have a complaint about our information handling practices, you can contact our Privacy Officer using the contact details below.

In particular, if you wish to make a complaint about how we have handled your personal information, you should forward a written complaint to our Privacy Officer.  We will respond in writing within a reasonable time after receipt of your complaint.

If you are not satisfied with our decision or response, you can contact us to discuss your concerns.  You also have the option of notifying the relevant regulatory authority for your country.  For the United Kingdom, this is Information Commissioner’s Office (ICO).  Contact details for the ICO can be found at the ICO’s website:  www.ico.org.uk

10.         Changes to our Privacy Policy

This Privacy Policy may change from time to time. If we make a change to this Privacy Policy that we believe materially reduces your rights, we will provide you with notice (for example, by email or by a notice next time you use the Service). We may provide notice of changes in other circumstances as well. By continuing to use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.

11.         Contacting Us

If you have any questions about this Privacy Policy or wish to make a request, please contact our Privacy Officer at info@storychest.com