Privacy Policy

Last updated: December 4, 2020

Privacy Notice

This Privacy Notice describes how Serial Box Publishing, Inc. (“Serial Box,” “we,” “our” or “us”) processes, uses and shares the Personal Information (defined below) that it receives or collects from visitors to and users of the Serial Box website located at the URL www.serialbox.com (“Website”) and mobile application (“App”), as well as any other individual or entity that may disclose Personal Information to us, as further described below. The Website, the App, and any related services are collectively referred to as “Platform” throughout the Privacy Notice.  By using our Platform, you agree to the collection, use, disclosure, and procedures this Privacy Notice describes. Beyond the Privacy Notice, your use of our Platform is also subject to our Terms of Service

For individuals located outside of the United States, please note that your Personal Information will be collected, processed and stored in the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country or region, such as the GDPR, as further described here.

This Privacy Notice covers our Platform and any other websites, products, software, applications, content, data feeds and other services owned or operated by Serial Box on which authorized links to this Privacy Notice and Cookie Notice are posted.

If you have any questions, comments, or concerns regarding this Privacy Notice and/or our data practices, or would like to exercise your rights, do not hesitate to contact us at [email protected] or see our information below.

If you are located in the European Economic Area (“EEA”) or the United Kingdom ("U.K."), this entire Privacy Notice applies to you. However, please see the “Additional Information for Users in the EEA and the U.K.” below, which will inform you in detail about the additional rights you have regarding the processing of your Personal Information.

Who We Are / Data Controller

If you visit or use our Platform, except as may be stated in this Privacy Notice, the data controller of your information is Serial Box Publishing, Inc., a corporation located in the United States and organized under the laws of the State of California. The address of our main office is: 115 Broadway, Fifth Floor, New York, NY 10006.

Changes to This Privacy Notice

We may update this Privacy Notice from time to time and the revised version will be effective when it is posted. If we make material changes to this Privacy Notice, we will post our updated Privacy Notice on the Platform where applicable, and for a reasonable period of time we will post notice of the change so it is visible to visitors and users after the change is posted. By your continued use of the Platform, you will be deemed to consent to the terms of the revised Privacy Notice.

Types of Personal Information We Collect

We may collect a variety of information from or about you or your devices from various sources, as described below.If you do not provide your Personal Information when requested, you may not be able to use our Platform if that information is necessary to provide you with our services or if we are legally required to collect it.

Personal Information You Provide

You can generally visit our Platform without having to submit any Personal Information about yourself to us. However, to purchase or consume any of our products such as our eBooks or audiobooks (“Products”), to sign up for a subscription service, and to use certain services and functionality of the Platform (such as to synch your Product purchases for viewing on your different devices), you will be required to register for an account with Serial Box.

Temporary Account
When you visit the Platform, we will assign you a temporary account that does not require you to directly submit Personal Information. We will, however, collect your IP address, as explained below (and only on opt-in for individuals in the EEA and U.K.) as well as certain Device and Usage Information as explained below.

Account Registration Information
If and when you register for any type of account, we may collect the following information, depending on how you sign up:

- your name
- your email address
- your password.  

If you sign up using a Google, Apple or Facebook account, we will also receive information from those platforms such as the email address or phone number associated with your account, if provided.

Payment Information
If you wish to purchase our Products or sign up for a subscription, we will also need to process your payment information in order to get you started and deliver purchased Products to your devices(s). Payment processing is performed by third-party service providers, as explained here.  

Contact Information
If you contact us for more information via our Platform, we will collect additional contact information:
- your email address
- any other information you may submit to us directly.

If we specifically ask you to provide us with any Personal Information not described above, the reason(s) why you are asked to provide us with this Personal Information will be made clear when we request that you submit the information.

Email, Blog, Social Media & Public Forum Comments
When we send you emails, we may track whether you open them to learn how to deliver a better customer experience and improve our Platform. When you comment on a blog hosted by Serial Box, you may be providing Personal Information that we collect and that is visible to the public.

If you comment on a social media platform or public forum about Serial Box or our Products, or upload any content, your comment, content and associated personal information is governed by the privacy notice of the platform where such information was submitted. To the extent that such comments and content are public, they will be visible to the public and we may repost or respond.

Careers
If you decide that you wish to apply for a job with us, you may submit your contact information, photo, and resume online. We will collect the information you choose to provide on your resume, such as your education and employment experience. You may also apply through LinkedIn. If you do so, we will collect the information you make available to us on LinkedIn.

Please ensure that when using these platforms, you respect other individuals’ privacy rights.

Personal Information We Collect Automatically

Device and Usage Information
When you visit, use or interact with the Platform, even if you have not registered for an account, we, or authorized third parties, may automatically collect information about your use of the Platform via your device, some of which information is Personal Information. This information is collected by automated means using cookies, and server logs for analytic purposes. For more information on our use of cookies and similar technologies, and the data that they collect, see our Cookie Notice. With the use of these automated technologies, we collect “Device and Usage Information”, which consists of:

Information About your Device
Information about the devices and software you use to access the Platform – primarily the internet browser or mobile device that you use, the website or source that linked or referred you to the Platform, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device), the operating system of your computer or mobile device, device screen size, phone carrier and manufacturer, application installations, mobile advertising identifiers, push notification tokens,  and other similar technical information. For instance, when you are assigned a temporary account, you will not submit any Personal Information directly, however we (via an authorized partner) will collect your IP address, which enables us to track your reading progress and links that you visited on the Platform. 

Usage Information
Information about your interactions with the Platform, including access dates and times, hardware and software information, device event information, crash data, cookie data. This information allows us to help us improve your experience by understanding the screens that you view, how you’ve used the Platform (which may include administrative and support communications with us or whether you have clicked on third-party links), and other actions on the Platform. We, or our authorized third parties, automatically collect log data when you access and use the Platform, even if you have not created an account or logged in. We use this information to administer and improve the Platform, analyze trends, track users' use of the Platform, and gather broad demographic information for aggregate use.

Location Information
We also collect broad geographic location (e.g., country or city-level location) based upon your IP address (“Location Information”), in order to determine the popularity of our Products around the world and guide Product updates and marketing strategies.

Aggregated Information
With the Device and Usage Information and Location Information collected by our third-party analytics services, such as Google Analytics, we generate and process aggregated information, such as statistical or demographic data. Aggregated Information may be derived from Personal Information, but is not considered Personal Information under the law if it does not directly or indirectly reveal your identity. For example, we may track the total number of visitors to our Platform or the number of visitors to each page of our Platform, and we may aggregate usage data to calculate the percentage of users accessing a specific feature of the Platform and analyze this data for trends and statistics.

However, if we combine or connect Aggregated Information with your Personal Information so that it can directly or indirectly identify you, we treat the combined data as Personal Information, which will be processed in accordance with this Privacy Notice.

Why We Use Personal Information | Legal Bases

We may use your Personal Information for a number of different reasons, as further explained below.

In addition, for users located in the EEA or the U.K., we must have a valid legal basis in order to process your Personal Information.

The chief legal bases under the European Union’s General Data Protection Regulation (GDPR) that justify our collection and use of your Personal Information are:

- Performance of a contract – When your Personal Information is necessary to enter into or perform our contract with you.
- Consent – When you have consented to our use of your Personal Information via a consent form (online or offline).
- Legitimate interests – When we use your Personal Information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
- Legal obligation – When we need to use your Personal Information to comply with our legal obligations.
- Legal claims – When your Personal Information is necessary for us to defend, prosecute or make a claim.

Below are the general purposes and corresponding legal bases (in brackets) for which we may use your Personal Information:

- Communicating with you about your use of the Platform and our Products, including to notify you about purchases and pre-orders [performance of a contract, legitimate interests, and in some cases, legal claims].
- Providing our Products and services to you, including operating our subscription service, processing payments through our third-party payment processors and delivering your purchases to your device(s) [performance of a contract].
- Generating user analytics to improve our Platform, guiding our advertising strategy and enhancing our Product offerings [legitimate interests and consent where applicable].
- Responding to your general inquiries [legitimate interests].
- Marketing our services. This allows us to provide you with information about new products. Note that you may unsubscribe or opt out from further communication in any electronic marketing communication sent to you (or you may opt out by contacting us) [consent or legitimate interests for existing customers, depending on their location].
- Advertising our Platform on other websites [legitimate interests and consent where applicable].
- Complying with our legal and regulatory obligations. We may use Personal Information to fulfill our legal obligations, for the prevention of fraud and monitoring security, to enforce our legal rights, to comply with any legal or regulatory reporting obligations; and/or to protect the rights of third     parties [legal obligation, legal claims and legitimate interests].
- Where necessary, recovering any payments due to us for our legal or other services, including enforcing such recovery through debt collection agencies or taking other legal action (including in connection with legal and court proceedings) [performance of a contract, legal claims].
- Making changes to our business, for example, if we undergo a re-organization (i.e., we merge, combine or divest a part of our business), in which case we may be required to transfer some or all of your Personal Information to third parties as part the process, as further described below [legitimate interests].

Nevada Residents

Pursuant to Nevada law, you may direct a business that operates an internet website not to sell certain Personal Information that a business has collected or will collect about you. Serial Box does not sell your Personal Information pursuant to Nevada law.

Disclosure of Information

We disclose your Personal Information in order to provide our Platform and Products, or as may be required for our business operations, as explained below. We do not share or otherwise disclose information we collect from or about you except as described below or otherwise disclosed to you at the time of the collection.

Third-Parties Who Assist Us With Our Business

Serial Box may share users’ information with our third party agents, contractors, or service providers who are hired to perform services on Serial Box’s behalf. These companies do things to help us provide our Platform and Products. In some cases, these companies collect Personal Information directly from you. The following is an illustrative list of third parties that may collect, process or receive your Personal Information in order to assist us in providing our Platform and Products:

- Entities that host various components of our Platform
- Email marketing providers
- Analytics service providers
- Advertising Partners
- Marketing and social media partners
- Customer survey tool providers.

Service providers (or processors) generally may only process your Personal Information for the specified purposes of providing their services to us and in accordance with our instructions, unless they aggregate and anonymize any Personal Information such that you may no longer be identified or identifiable at any time or in any manner.

We use analytics services such as Google Analytics to collect and process certain analytics data. These services may also collect information about your use of other websites, apps, and online resources. You can learn about Google’s practices by going to https://www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

Legal Obligations & Security

We will disclose your Personal Information: (i) when we have a good faith belief it is required by law, such as pursuant to a subpoena, warrant or other judicial or administrative order (as further explained below); (ii) to protect the safety of any person; (iii) to protect the safety or security of our Platform or to prevent spam, abuse, or other malicious activity of actors on our Platform; or (iv) to protect our rights or property or the rights or property of those who use our Platform and/or Products.

If we are required to disclose Personal Information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States or otherwise via a mutual legal assistance mechanism (e.g., treaty).

Business Transfer

We may transfer your Personal Information to an affiliate, a successor entity upon a merger, consolidation or other corporate reorganization in which Serial Box participates, or to a purchaser or acquirer of all or substantially all of Serial Box’s business or assets, including a successor in bankruptcy.

Payment Processing

We do not directly collect your payment information and we do not store your payment information. We use third-party PCI-compliant payment processors, which collect payment information on our behalf in order to complete transactions. We do not have access to or process your credit card information.

Changing Your Personal Information and Choices

If you would like us to stop using your Personal Information, or if you want to change Personal Information you previously have provided to us via the Platform, please contact us at [email protected] and we will comply unless precluded from doing so for record-keeping purposes or by applicable law.

We allow you to opt out of future communications at any time by clicking the “Opt Out” or “Unsubscribe” link in the email or replying to any email you receive with a message that reads “Opt Out” in the subject line.

Account Deletion

If you would like to delete your account, please go to your Account Settings and follow the instructions for account deletion.

Marketing Communications

You may opt-out of receiving marketing communications at any time by clicking the “Opt Out” or “Unsubscribe” link in the email or replying to any email you receive with a message that reads “Opt Out” in the subject line. Please note that opting out of marketing emails will not opt you out of communications regarding orders, purchases, or important notifications. Note in addition that for users in the EEA and the U.K., we require opt-in to marketing communications.

Links to Other Websites

Our Platform may link to websites maintained by outside organizations. Please be aware that these third-party websites are governed by their own privacy policies and do not fall within this Privacy Notice. Serial Box is not responsible for the content or policies maintained by these websites. Please familiarize yourself with the privacy policy or notice of any third-party website you visit, as it will govern any information you submit through that website.

Social Plugins

We may use social plugins on our Platform and may include icons that allow you to interact with third-party social networks such as LinkedIn, Twitter and Facebook. For example, you may “like” us on Facebook or follow us on Twitter. The third-party social plugin may set a cookie when your browser creates a connection to the servers of such social networks and the plugin may transmit your Personal Information to the social networks. Your use of these social plugins is subject to the privacy policies of the third-party social networks.

Third-Party Advertising

Serial Box partners with third-party advertisers, ad server companies and social media networks (“Advertising Partners”) to promote our Platform and Products and to advertise to you on third party websites. These Advertising Partners use cookies and similar technologies on our Platform and with our permission to collect certain information, such as your IP address, device ID, as explained in our Cookie Notice. If you respond to one of our advertisements and visit or register to use our Platform, we or our service providers may provide these Advertising Partners with identifiers from your device or computer, such as an IP address or device ID, to help us analyze our user acquisition efforts. For instance, we use Facebook Pixel to send request information to Facebook and track conversions.

What does this mean? When you visit our Platform, Advertising Partners may drop cookies (or similar tracking technologies) and capture and collect Device and Usage Information, so that they can track your activity on and off the Platform – unless you are in the EEA and have not opted in or have blocked cookies as described below. This information may be combined with other information from other sources, and used to deliver targeted advertising on other websites.

Please visit our Cookie Notice for more information on the types of cookies that are used by us and our Advertising Partners on the Platform, as well as your choices.

Your choices: We and our Advertising Partners endeavor in good faith to adhere to self-regulatory advertising principles, such as the Digital Advertising Alliance’s Principles (“DAA”) or the Network Advertising Initiative (“NAI”). If you are interested in learning more about and/or opting out of online behavioral advertising, sometimes called interest-based advertising, we encourage you to visit one of the advertising industry-developed opt-out pages:

- Network Advertising Initiative
- DAA
- EDAA

If you do not wish to receive personalized ads, please visit the opt-out pages at the above links to learn about how you may opt-out of receiving personalized ads from member companies. Please note that while we provide these links for your convenience, we do not have access to, or control over, these third parties’ use of cookies or other tracking technologies. You can also change your privacy settings in your device settings and implement limited ad tracking.

To learn more about our use of cookies and similar technologies for tracking, including Facebook Pixel, please see our Cookie Notice.

NOTE: In order to disable advertising-related tracking at your request, companies may need to set an opt-out cookie on your browser. Sometimes a browser’s configuration may prevent companies from setting such cookies, for example, if your browser is set to block all third-party cookies by default. Therefore, you may need to change your browser settings to accept cookies, in order to fully disable advertising-related tracking.

Children

We recognize the privacy interests of children, and we encourage parents and guardians to take an active role in their children’s online activities and interests. We target our Platform and the Products we offer to adults and not to children under 16 years of age. We do not knowingly collect the Personal Information of children under 16 years of age.

How Long Do We Keep Your Personal Information?

Your Personal Information is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights.

In order to determine the most appropriate retention periods for your Personal Information, we consider the amount, nature and sensitivity of your Personal Information, the reasons for which we collect and process your Personal Information, best practices and applicable legal requirements. When we have no ongoing legitimate business need or specific obligation to process your Personal Information, we will either delete or anonymize it (see below) or, if this is not possible (for example, because your Personal Information has been stored in backup archives), we will securely store your Personal Information and isolate it from any further processing.

Some exceptions from static retention periods may occur. For instance, we cannot delete Personal Information when there are legal obligations to retain it (e.g., arising from tax or commercial law, or our obligations as legal advisors). This is particularly true of transactional data. Additionally, we cannot delete Personal Information when it is needed for the establishment, exercise or defense of legal claims (“litigation hold”). In this case, the Personal Information can be retained as long as needed for exercising respective potential legal claims.

In some instances, we may choose to anonymize your Personal Information instead of deleting it, for statistical use, for instance. When we choose to anonymize, we implement measures so there is no way that the Personal Information can be linked back to you or any specific user.

Please contact us if you would like more information.

Protecting Your Personal Information

We have put in place reasonably appropriate technical and organizational measures to protect the Personal Information that we collect and process about you. The measures that we use are designed to provide a level of security appropriate to the risk of processing your Personal Information.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. We also require those parties to whom we transfer your Personal Information to comply with the same.

While we take all reasonable steps necessary to provide the most secure Website, you understand and assume the risks associated with your activities on the Internet.  As our Platform is hosted electronically, we can make no guarantees as to the security or privacy of your information.

International Transfers

We are located in the United States, and the Personal Information that we collect is stored on servers located in the United States. This means that your Personal Information will be collected, processed and stored in the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country or region, such as the GDPR.

By sending us Personal Information, you agree and consent to the processing of your Personal Information in the United States, which may not offer an equivalent level of protection to that required in other countries (particularly the European Union), and to the processing of that information by us on servers located in the United States, as described in this Privacy Notice.

We have implemented safeguards designed to ensure that the Personal Information we process remains protected in accordance with this Privacy Notice, including when processed internationally or by our third-party service providers and partners. The safeguards we may take in our discretion include, for instance, entering into binding agreements in connection with any onward transfers of Personal Information. We may implement other mechanisms and take similar appropriate safeguards with our third-party service providers and partners. Further details can be provided upon request.

How to Contact Us About Privacy

If you have any questions about this Privacy Notice, have additional questions, or would like to exercise any of your rights if you are located in the European Economic Area, please contact us at [email protected] You may also write to:

Serial Box Publishing, Inc.
115 Broadway, Fifth Floor
New York, NY 10006

Additional Legal Rights For Users in the EEA and the U.K.

If the GDPR applies to you because you are in the EEA or the U.K., you have certain rights in relation to your Personal Data:

- The right to be informed – our obligation to inform you that we process your Personal Data (and that is what we are doing in this Privacy Notice);
- The right of access – your right to request a copy of the Personal Data we hold about you (also known as a ‘data subject access request’);
- The right to rectification – your right to request that we correct Personal Data about you if it is incomplete or inaccurate;
- The right to erasure (also known as the ‘right to be forgotten’) – under certain circumstances, you may ask us to delete the Personal Data we have about you (unless there is an overriding legal reason we need to keep it);
- The right to restrict processing – your right, under certain circumstances, to ask us to suspend our processing of your Personal Data;- The right to data portability – your right to ask us for a copy of your Personal Data in a common format (for example, a .csv file);
- The right to object – your right to object to us processing your Personal Data (for example, if you object to us processing your data for direct marketing);
- Rights in relation to automated decision-making and profiling – our obligation to be transparent about any profiling we do, or any automated decision-making; and
- The right to withdraw your consent where you previously provided consent.

These rights are subject to certain rules regarding when you can exercise them. If you are located in the European Economic Area and wish to exercise any of the rights set out above, please contact us (see How to Contact Us About Privacy).You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under those circumstances.

We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

In addition, if you no longer wish to receive our marketing/promotional information, we remind you that you may unsubscribe to direct marketing communications at any time directly by clicking on the unsubscribe link included in each electronic marketing message we send to you. If you do so, we will promptly update our databases, and will take all reasonable steps to meet your request at the earliest possible opportunity, but we may continue to contact you to the extent necessary for the purposes of providing any services you may have requested as covered in this Privacy Notice.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. However, we would appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us first.

If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact us using the details in How to Contact Us About Privacy.