LightWidget is a service that provides responsive widgets for Instagram, which can be embedded on various websites and blogs.
When you use our widgets, we will register information that you explicitly provide to us in our widget form. We may also gather information when you use our widgets, such as technical information and when, where and how our widgets were used.
We process the information to deliver our services to you, and to improve and develop our widgets and services. We also process personal information that you provide to us during widget upgrade. We may not share the data with any affiliated companies and 3rd party services. Information is gathered only for accounting, invoicing and contact purposes.
If you have not yet created an LightWidget widget, the only personal data we collect is your IP address, which is used for security and IT operational purposes. We may, however, collect anonymous data about the use of our websites and basic technical information about your device and Internet connection for statistical and analytical purposes.
We comply with Instagram Policy that can be found under this link: https://www.instagram.com/about/legal/terms/api/.
1. Basic data protection terminology
Personal data is any information relating to an identified or identifiable natural person. Examples include your name, address, phone number and e-mail, but also other types of information that is associated with identifiable information, such as your account activities.
Processing of personal data is any operation that is performed upon personal data, such as collection, organization, storage, distribution or erasure.
2. Personal data that we collect
We receive a number of different types of information when you create and use our widgets or website.
a) Information you provide to us
When you create a widget and perform activities such as embedding or upgrading it, you provide certain data that is stored by us in our database to recognize you and to ensure the delivery of the service that you have ordered. We will also store information when you contact us, for example when you e-mail us, so that we can assist you and answer your questions. We may also use anonymous and aggregated data about such inquiries to improve our services.
b) Information we collect through the use of our service
When you use our widget, we may gather information about our widget activity. The information can be divided into the following types:
- Technical information about your device and Internet connection through server logs and other tools we record information about the device and your Internet connection, including operating system, browser version, IP addresses, cookies and other unique identifiers. The technical information is usually processed as aggregated data to analyze how people use our widgets, but we may also link such data to your widget, for instance so that we can view statistics of your widgets.
- Information about your use of our widgets. We register your widget activities such as number of views, website(s) that use our widgets and number of clicks. We also store information about your visits to our websites. We use this information, among other things, to prevent abuse and to improve our services.
3. Instagram data that we collect
We receive number of different types of information that you and Instagram API provide to us when you create and use our widgets or website.
a) User email and access token
When you authorize our app with Instagram you provide certain data that we store in our database. We use following data for usage of Instagram API purposes. However we do not store password to your Instagram account.
b) Instagram photos
We use Instagram API to fetch information about photos from particular username or hashtag, that was provided in our widget form. We use only basic data like images links, tags and captions. We do not store Instagram images and videos in our storage in any way. We only have required URLs to them. Images in our widgets comes directly from Instagram.
4. Instagram data retention
5. How can I remove my pictures from your widget?
You may at any time request to remove your pictures and information from our widget and website. In order to do that, please use our contact page and inform us about the pictures that should be removed from our widgets.
6. How do we use information?
We use personal data to deliver our services to you, to improve and develop services in LightWidget, to understand market trends and predict future behavior, and to prevent abuse of our services. The details are as follows:
a) Market trend analysis
We analyze data to understand market trends, so that we can improve, develop and customize our website and widgets. Such analyses can be made by us directly.
b) Improve our widgets and website
We use information to improve our services, for instance by trying to make our widgets and websites as user-friendly as possible. We may for instance register all steps (page views, clicks etc) related to the widget generation to understand if there are certain elements that are confusing to our users. The analyses are usually carried out on an aggregated and anonymized level, but we may also use identifiable data to provide technical support and to understand how each individual use our services.
c) Abuse prevention
We use information to restrict various forms of abuse of our services, such as fraudulent activities, denial of service attacks, spamming, unauthorized logins and other actions that are prohibited under Polish law.
7. How we may share the information
If there is suspicion of illegal activities in connection with use of our services, information may be disclosed to the police and other public authorities subject to a court or administrative order. IP addresses and anonymous information may also be shared with a third party device recognition tool to prevent unauthorized logins or fraudulent behavior.
We may use so-called data processors to process information on our behalf for the purposes as detailed in subsection 6. We may for instance store information on a web server operated by a third party, or use a third party to perform a payment transaction. Such data processors are subject to specific data processing agreements, as well as and national and EU regulation, which among other things protect the confidentiality, integrity and use of this data.
8. Retention of personal data
Personal data will only be kept as long as it is necessary for the purposes of our service.. You may at any time delete your widget with all statistical data by using our contact page. Your widget will then be deleted after a quarantine period, unless the information is needed to provide a service that you still want to have or we are required by law to keep the information for a specific timeframe (we are for example required to retain certain payment information according to accounting legislation).
9. Quarantine period when canceling your account
If you choose to delete your widget, it will be set in quarantine for 90 days. After that period, all your personal information will be deleted or anonymized. However, there are two exceptions:
- we have a legal obligation to keep the transactional data for 5 years
- we keep profile information and login data for a period up to 2 years for security reasons, to be able to investigate fraud or abuse
This data is archived securely and encrypted. It is only made available to official legal entities in response to a legal request (like a court order or subpoena) if we believe that the law requires us to do so.
Profile information and login data may be accessed by our security and forensics team in a case by case basis when we believe it is necessary to do so. For example, this may be done to detect or prevent fraud and other illegal activity or to prevent other serious harm. This data is not available to anyone else outside the security team.
After the aforementioned retention period has passed, all personal identifiable data is removed from all records.
10. Information retention of blocked accounts
Blocked widgets and accounts may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm. We also may retain information from blocked accounts for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms.
11. Data security
We have established measures to prevent unauthorized or unlawful processing of personal data, which include organizational measures such as regular risk assessment and internal policies and procedures, as well as physical and information technology security to safeguard the information.
To prevent unauthorized log in to your account, we may use a tool from an external provider to identify the device that you use when you log in. The tool sends data to both your device and the identification service to help us prevent abuse and make sure no one but you can access your account.
12. Use of analytical tools, cookies and other technology
We use various forms of technology to recognize you as a user and analyze data about our users. Such technology is used partly because it is necessary for services to function, partly to make it easier for you to use the service, and partly to enable us to carry out analyses that will enable us to develop and enhance our services.
a) Analytics tools
We use the following analytical tools to collect information about how our services are used, including the number of visitors, how and from where they browse our site etc:
This tool is used to improve and personalize our website and widgets,to understand market trends and to tailor our offers and marketing. The information we process through Google Analytics may contain identifiable information in the form of IP addresses and profile data, but we normally base our analyses on aggregate data.
Users who do not want to be part of such analyses may use the following link: https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=pl
A cookie is a small text file that is located in browser directories. Cookies are created when a user’s browser loads a website. The website sends information to the browser, which creates a text files, and every time the user goes back to the same website, the browser retrieves and sends this file to the website’s server.
A session-based cookie act as a sort of “bookmark” within the site, and tell our servers what pages to show, so that you do not have to remember or start navigating the site all again. Session-based cookies can also store ordering information needed to make shopping carts work. As the name suggests, such cookies last only as long as the browser session. When you close all open browser windows, or turn your computer completely off, the session-based cookies will be gone forever.
c) Other relevant technologies
We may also use web beacons/pixels to track user behaviour on our widgets and website.
13. Updates to this policy
The commencement date of this privacy statement is January 8th, 2016.
14. Contact information