Privacy Policy

Crumb.sh is committed to protecting your privacy. This Privacy Policy describes how we collect, use, and share information about you when you use our services.

This privacy policy is effective as of February 20, 2022.

Information We Collect

We collect information about you when you use our services. We collect information in a variety of ways, including:

Personal information

When you create an account, we collect information about you such as your name, email address, and password. We also collect information about you when you use our services. For example, we collect information about you when you create, edit, view, or run a crumb. We always try to minimize the amount of information we store, but we do need to store information like your IP address to fight spam and abusive behavior.

Log Files

Crumb.sh automatically logs information about your use of our services. This information is used to analyze trends, administer the site, track your experience, and gather broad demographic information.

Cookies

A cookie is a small data file that a website stores on your computer's hard drive. Cookies are used to help the site remember information about your visit. In addition, we use CloudFlare (see below) to help us analyze traffic patterns and improve our services. CloudFlare might use cookies to to properly operate their service. You can read more about CloudFlare's cookie policy here.

CloudFlare

CloudFlare is a so-called content delivery network (CDN) that hosts the content for our services. CloudFlare provides a secure connection between your computer and our servers. CloudFlare stores world-wide copies of our website on their infrastructure to significaly speed up your experience, and to offer you state-of-the-art security.

CloudFlare analyses out traffic and blocks malicious traffic. CloudFlare also provides a number of services to help you protect your privacy and security. For example, CloudFlare can block certain types of attacks, such as phishing and cross site scripting.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), Crumb.sh’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it. Crumb.sh may process your Personal Data because:
  • We need to perform a contract with you
  • You have given us permission to do so
  • The processing is in our legitimate interests and it’s not overridden by your rights
  • For payment processing purposes
  • To comply with the law

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Crumb.sh aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Crumb.sh relied on your consent to process your personal information.
  • Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Analytics

We use Google Analytics to analyze how our users use our services. Google Analytics collects information about how you use our services, how you interact with our services, and how you interact with other websites. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page.

Payment processing

We use Stripe to process payments. Stripe is a payment processing service that is used to process payments for our services. Stripe collects information about your payment history and your billing information.

We do not store your payment information. We do not store your credit card information, even though it might look like it, we do not store your credit card information on our servers. This is seamlessly handled by Stripe. Payment processors like Stripe adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will remove that information from our administration.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us.