PRIVACY POLICY — SOCIAL SPACE

Effective Date: January 1, 2025

Company: Social Space ("Social Space," "we," "us," "our")

Address: 30815 Philips Branch Rd, Millsboro, Delaware 19966

Contact: support@socialspaceapp.com

1) Scope & Summary

This Privacy Policy explains how Social Space collects, uses, discloses, and protects information about creators and fans who use our websites, apps, messaging tools, and related services (the "Platform"). Social Space is a brand-safe creator platform. By using the Platform, you agree to this Policy.

Key points (plain English):

  • We collect emails and phone numbers with consent to help creators message their fans directly (including SMS to opted-in numbers).
  • Creators may access/export contact lists (subject to consent, law, and anti-abuse controls).
  • You can opt out of marketing anytime. Text STOP to end SMS, HELP for help.
  • We don't sell your personal information in the traditional sense; you have rights under applicable laws.

2) Roles & Definitions

Social Space is the data controller (GDPR) / business (CPRA) for data collected through the Platform.

Creators are independent businesses using the Platform. For fans' contact data they export or use within the Platform, creators act as independent controllers (GDPR) / third parties (CPRA) for their own communications.

Social Space also acts as a processor/service provider for certain creator operations (e.g., delivering creator-initiated emails/SMS to fans), under contractual restrictions.

3) Information We Collect

3.1 Information you provide

  • Account & profile: name/handle, email, phone number, password, photo, preferences.
  • Communications: messages/DMs, comments, survey responses, support tickets.
  • Transactions: subscription tier, purchases, payment method info (tokenized by our processors), billing details, payout info for creators (e.g., tax forms).
  • Consent Records: timestamps, source, method (checkbox, double opt-in), IP, user agent for email/SMS consent.

3.2 Information we get automatically

  • Device/usage: IP address, device IDs, browser type, settings, pages viewed, timestamps, referrers, approximate location (from IP), performance metrics.
  • Cookies & similar tech: session cookies, preference cookies, analytics, and security cookies.

3.3 Information from third parties

  • Payment processors (transaction outcomes, fraud signals),
  • Analytics/attribution tools (coarse traffic and campaign data),
  • Anti-abuse vendors (risk scores, blocklists).

4) How We Use Information (Purposes & Legal Bases)

  • Provide the Platform and features (account setup, content hosting, memberships, tips, DMs). (Contract)
  • Deliver creator messages to opted-in fans via email/SMS; maintain logs and consent. (Consent; Legitimate Interests / Service Provider)
  • Support, security, and anti-abuse (fraud detection, rate-limiting, incident response). (Legitimate Interests; Legal Obligation)
  • Payments & payouts (process transactions, prevent chargebacks, tax compliance). (Contract; Legal Obligation)
  • Product improvement & analytics (aggregate stats, feature usage). (Legitimate Interests)
  • Marketing our services (email/SMS where permitted; easy opt-out). (Consent / Legitimate Interests, as applicable)
  • Legal compliance & enforcement (comply with law, enforce Terms). (Legal Obligation; Legitimate Interests)

5) SMS Program (Very Important)

  • Opt-in required: You'll only receive SMS if you explicitly consent (e.g., checkbox + phone entry, or double opt-in).
  • Who may message you: Social Space and the creator(s) you follow may send messages to your opted-in number via our Platform.
  • Message types: updates, posts, membership info, reminders, replies to your DMs, and brand-safe promotional content.
  • Frequency: Varies. We cap abusive frequency; creators must follow our anti-spam rules.
  • Opt-out: Text STOP to end SMS from that sender. Text HELP for help.
  • Rates: Msg & data rates may apply. Carriers are not liable for delayed/undelivered messages.
  • Compliance: We follow TCPA, CTIA, and applicable laws. We maintain consent and opt-out logs.
  • No prohibited content: Sexual, adult, or otherwise prohibited content is not permitted on SMS.

6) Data Portability ("Own Your Audience") — With Guardrails

Creators can access/export permissible fan contact data (emails/SMS-consent lists) collected through the Platform to manage their communities. Exports require:

  • Valid consent records,
  • Compliance with laws (CAN-SPAM, TCPA, GDPR/UK-GDPR, CASL, state privacy laws), and
  • Adherence to our anti-abuse policies (no spam, no harassment, no prohibited content).

Violations may result in suspension, feature limits, or termination.

7) How We Share Information

We share personal information only as needed:

  • Service providers / processors: payment, SMS/email delivery, analytics, cloud hosting, security, customer support. Contractually restricted from using data beyond our instructions.
  • Creators: when you follow/subscribe/message a creator, relevant info (e.g., your handle, consented email/phone, message content) may be available to that creator for Platform features and permitted messaging.
  • Legal & safety: to comply with laws, lawful requests, or to protect rights, safety, and the Platform.
  • Business transfers: in a merger, acquisition, or asset sale, information may be transferred subject to this Policy.

We do not sell your personal information for money. We may enable limited "sharing"/"targeted advertising" in the CPRA sense for our own service marketing; you can opt-out (see §11).

8) Cookies & Analytics

We use cookies and similar technologies to: keep you logged in; remember preferences; measure usage; and secure the Platform. You can control cookies via your browser. Some features may not function without essential cookies.

9) Data Retention

We retain personal information for as long as necessary to provide the Platform, comply with legal obligations (e.g., tax, accounting, fraud prevention), resolve disputes, and enforce agreements. Consent and opt-out logs for SMS/email are retained as required by law and carrier policies.

10) Security

We use organizational and technical safeguards (encryption in transit, access controls, monitoring, backups). No system is 100% secure. Report issues to support@socialspaceapp.com.

11) Your Privacy Rights

11.1 U.S. State Rights (e.g., CA/CPRA, CO, CT, VA, UT)

Depending on your state, you may have the right to:

  • Access and know categories/specific pieces of personal information we collected.
  • Delete personal information (subject to legal exceptions).
  • Correct inaccuracies.
  • Opt-out of "selling"/"sharing"/targeted advertising (as defined by law).
  • Limit the use/disclosure of sensitive personal information (we don't intentionally process SPI beyond what's necessary for Platform operations).
  • Non-discrimination for exercising your rights.

To exercise rights or opt-out of "sharing," email support@socialspaceapp.com with "Privacy Request" in the subject, or use available in-product controls. We'll verify requests as required by law.

11.2 Email/SMS Marketing

  • Email: click unsubscribe links or contact us.
  • SMS: text STOP at any time to end messages; HELP for help.

11.3 GDPR/UK-GDPR (EEA/UK)

If you are in the EEA/UK, you may have rights to access, rectify, erase, restrict, object, and data portability, and to withdraw consent at any time (without affecting prior lawful processing). You can lodge a complaint with your local supervisory authority. Legal bases are listed in §4.

12) International Transfers

We are U.S.-based. If we transfer personal data internationally, we use appropriate safeguards (e.g., EU Standard Contractual Clauses and UK addendum where applicable).

13) Children's Privacy

The Platform is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If we learn that we have collected such information, we will delete it.

Users aged 13–17 may use the Platform with the consent and supervision of a parent or guardian.

14) Creator Responsibilities (Read This If You're a Creator)

If you export or otherwise use fan contact data:

  • You are an independent controller for your communications and must comply with all laws (CAN-SPAM, TCPA/CTIA, GDPR/UK-GDPR, CASL, state privacy laws).
  • You must respect user preferences and promptly honor opt-outs.
  • You may not send prohibited content or misuse data for spam, harassment, or off-platform circumvention of our rules.
  • You must maintain your own records of consent and unsubscribe handling.

Violation can result in enforcement actions, including account termination.

15) Do Not Track / Global Privacy Control

Your browser may offer Do Not Track (DNT) or Global Privacy Control (GPC) signals. Where legally required and technically feasible, we will treat valid GPC signals as opt-out requests for "sharing"/targeted advertising.

16) Changes to this Policy

We may update this Policy from time to time. We'll change the Effective Date above and, if changes are material, provide additional notice. Continued use means you accept the updated Policy.

17) Contact Us

Social Space
30815 Philips Branch Rd, Millsboro, Delaware 19966
Email: support@socialspaceapp.com