We at Creepypasta XYZ (“Creepypasta”) take your privacy seriously. This privacy statement explains what data we collect, how we store and transfer it and how we use it.
Some of the data we collect, either individually or aggregated, may be considered personal. We treat this data in a special way, as required by law. We’ll always honor your decisions for how your data is used.
Why do we collect data?
We only process your data for purposes that are objectively justified by our products and services. We process this data with respect to your fundamental right to privacy, including the need to protect personal integrity and private life and to ensure that your personal data is of adequate quality. Unless otherwise stated, we determine the purposes for and manners in which your data is collected (in legalese, we act as a “data controller” regarding personal data).
We collect data to:
- Improve, debug, and maintain Creepypasta products and services
- Study and personalize user experiences
- Fulfill legal requirements
- Conduct business analysis and research, and marketing campaigns
- Ensure better security and fraud protection
- We may also use your data to send personalized information regarding updates, upgrades, enhancements, surveys, recommendations and/or advertisements, if we believe these are relevant for you.
What data do we collect?
The information we collect may include: personal data, for example your name, email, IP-address, location; and non-personal technical data, for example who manufactured your device, your screen’s resolution, your mobile operator’s region and code, Operating System, date & time, latitude, longitude, accuracy (GPS), SSID (network), BSSID (network), internal MAC address (network), bundle ID, device model, device manufacturer, carrier code, carrier name, sim code, country, and locale. A complete list of the data we collect and purpose of collection may vary between our products and services. You can find detailed descriptions in the product/service-related sections below.
To help us improve our service we collect the following information on an anonymous basis:
When visitors leave comments, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. We will also notify post author to help them aware about your comments in their post. Your email will be added as ‘reply-to’ address to help post author reply directly to you.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
When visitors give ratings using available form in both our site and app, we will record your data to aggregate your rating that contains visitor’s username (if already logged in), rating, and IP Address/Host. We may also set cookies to visitor’s browser. This mechanism and data will help us detect fraud and spam in our rating system.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How do we collect data?
Generally, we collect data:
- When you provide it explicitly to us; for example, when you submit a form on our websites
- When you install and run our products, use our services, or visit our websites
- When third parties share information with us
- Some products may require your personal data to function properly.
When we collect your data, we associate it with a unique ID and a unique device ID that are generated when you install a Creepypasta product or begin using one of our services. These identifiers are anonymized and cannot be linked to you as an individual person. We also take measures to remove any possible connections between these IDs and other types of personal data.
Some third-party sites may monitor data traffic from our products and services, such as numbers of hits and the search terms used. We do not make available any personally identifiable information to these services.
This privacy statement does not cover third-party apps you access and use through our products and services, nor does it cover links to other websites. We do not control the privacy and security practices and policies of these third parties and their sites. We encourage you to read the privacy statements of the third-party apps and websites you use.
How do we protect your data?
We treat your personal data as required by law. We are a Indonesian company and we follow Indonesian data-security laws as well as other national legislation, as needed. We require that our suppliers successfully pass security assessments and prove their compliance with applicable laws and industry standards.
Only a limited number of Creepypasta employees have access to the data we collect. We review and update our working procedures regularly to improve your privacy and ensure that our internal policies are followed. We immediately correct any non-conformance regarding these policies.
Our commitment to your privacy does not extend to third-party products and services you may access from Creepypasta products and services. We encourage you to read the privacy statements of the third-party products and services you use.
How do we share your data?
We may share your data:
- To government bodies and law enforcement agencies to comply with the law, for example in judicial proceedings, by court order or other legal process.
- To third parties (including professional advisors) to enforce or defend our legal rights, including our terms and conditions.
- To a third-party purchaser or seller (including professional advisors) in connection with a corporate event such as a merger, business acquisition or insolvency situation
As described elsewhere in this statement.
- Some of our products and services include third-party technology or code that may use the collected data. We may share anonymized and/or aggregated sets of data with our partners and other trusted third parties.
How long we retain your data
For users that register on our website (if any), we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We also store your anonymous data using analytics tools to determine our service from time to time. This services are provided by third parties and will follow their regulations.
What rights you have over your data
If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
What else should I know?
We aim to be transparent as to what data we collect and how we use it. Your rights are not limited to consent and opt-out choices only. If you’ve provided personal information to us, you may change or modify this information at any time.
We retain personal data only as long as necessary for processing it in accordance with the purposes described in this statement, or as otherwise necessary to comply with applicable laws. When your data is no longer necessary or relevant for our purposes, or required by applicable laws, we take steps to have it deleted, aggregated or made anonymous.
You can find out if we hold any personal data about you by contacting us. You may be asked to prove your identification so that we can verify who is making the request. If we hold information about you, you can ask us to correct any mistakes and delete any excessive information.
If you have any questions about this statement or any privacy issues regarding Creepypasta and our products or services, we can be reached by email at: