Privacy Policy
Endless Machine Corp., with address at 8 The Green STE 13642, Dover, Delaware, United States, DE 19901 (hereinafter, "The Company") takes the privacy of users ("Users") very seriously. The purpose of this "Privacy Policy" is to explain to Users how The Company collects, retains, processes, shares, and transfers Users' personal information, as defined in the Terms and Conditions, in order to provide its Services through a website (hereinafter and together, the "Platform").
For the purposes of this Privacy Policy, Users shall be individuals and legal entities that contract the Service of The Company, as defined in the Terms and Conditions.
By providing The Company with their personal data through the Platform, Users expressly consent to The Company processing such data in accordance with this Privacy Policy and for the purposes set forth therein.
Users should read this Privacy Policy before registering or using the Services of the Platform. Under no circumstances will The Company collect personal data from Users without their consent and without them having voluntarily provided it.
The Company reserves the right, at the discretion of The Company, to modify this Privacy Policy from time to time to reflect changes in The Company's business or services, or applicable laws. To this end, The Company will notify Users of any modification thirty (30) days in advance on the The Company Platform Privacy Policy page. The Company may also notify Users of modifications using contact information, email, or other contact methods if provided by the Users. The updated Privacy Policy is effective as of the date of publication. Users may contact The Company if they have questions about The Company's privacy practices that are not addressed in this Privacy Policy.
Users undertake to provide truthful and accurate data. Likewise, they will be solely responsible for any loss or damage that The Company or any of its subsidiaries or third parties may suffer as a result of the data provided being false, inaccurate, not updated, or not authentic.
The Company respects and constantly strives to comply with the General Data Protection Regulation 2016/679 ("GDPR"), the California Privacy Act, and all applicable regulations to protect, guarantee, and preserve the rights of Users that may eventually apply or be addressed.
- Who is responsible for processing the personal data provided by Users?
1.1. All Personal Data provided or collected through the Platform will be processed by The Company, whose contact details can be found below, as controller of the database.
Database controller:
Identity: Endless Machine Corp
Postal address: 8 The Green STE 13642, Dover, Delaware, United States, DE 19901
Contact Email: contact@endless.io
- About the Platform and Services
2.1. The Company's service consists of providing a Platform in order to allow Users the possibility of manipulating content in any format according to the User's own request (hereinafter, the "Service").
2.2. The User understands and accepts that any concept not defined in this document may be defined in the Terms and Conditions of Service supplementary to this Privacy Policy.
2.3. Roles under Team Subscriptions: A "Team Admin" is the primary administrator of a Team subscription. They manage team settings, invite Users to join the Team, and oversee the Team’s payment method. Users enrolled under a Team subscription ("Team Members") are subject to the administrative decisions of the Team Admin while using their accounts within the Team subscription. This does not affect their personal accounts with the Company.
- What information does The Company collect and how is it collected?
3.1. The Company processes personal information of Users to offer its Service ("Personal Information").
3.2. In general, the User's Personal Information will include: Email, First Name, Last Name, Profile Picture, Device Identification (system and browser version), IP Address.
3.3. In particular, The Company may collect the following information:
(i) Registration and usage information: When Users use The Company's Services, The Company will collect the Personal Data necessary to offer the Service to Users.
(ii) Additional information that Users wish to share: information that Users provide to The Company for other purposes.
(iii) Information about communications made with The Company: The Company will have access to the information that Users provide for resolving doubts or complaints about the use of the Platform.
(iv) Non-identifying information: The Company may also collect other information, demographic data, information regarding the User's use of the Service, and general project-related data ("Non-identifying Information"). The Company may aggregate the information collected from registered and unregistered users of The Company In some cases, The Company may convert Personal Data (usually, email address) into a form of non-identifying information.
3.4. The Company uses this information to operate, improve, and enhance the Services of The Company
3.5. Information Available to Team Admins. Team Admins may access specific data about Team Members, including but not limited to: use logs and activity summaries, credits spent by each Team Member under the Team subscription and invite history and account status within the Team.
4. Automatically collected information
4.1. The Company may receive technical information when the User uses the Platform or the Service. The Company would use these technologies to analyze how Users use the Service, to improve the Platform, store User login information for future sessions, and provide the User with communications that are of their interest.
4.2. The Company and its third-party service providers, including analytics providers, third-party content providers, and payment processors, may automatically collect certain information from the User whenever the User accesses or interacts with the Service or the Platform. This information may include, but is not limited to, the browser and operating system the User uses, the search terms the User entered into a search engine that led the User to the Service, the areas of the Service the User visited, the links the User clicked, the pages or content the User viewed and for how long, other similar information and statistics about User interactions, such as content response times, download errors, and length of visits to certain pages. Additionally, third-party payment processors may store payment-related information, such as credit card details, billing addresses, and invoices. The Company does this in order to improve The Company’s Service and enhance the Platform.
5. Why is Personal Information collected?
5.1. The Company has no interest in retaining Users' Personal Information for any purpose other than the effectiveness of its Service. The Company may retain Personal Information to comply with The Company’s legal obligations and for The Company's business purposes. The Company may retain Personal Information for longer periods than required by law if it serves The Company's legitimate business interest and is not prohibited by law.
5.2. In the event that The Company needs to close an Account, The Company may take steps to anonymize Personal Information and other information, but The Company reserves the right to retain and access Personal Information for as long as necessary to comply with applicable law. The Company will continue to use and disclose such Personal Information in accordance with this Privacy Policy.
5.3. The Company collects, processes, and discloses Users' personal data only for specific and limited purposes. For example, to provide the Service, assess and process potential claims, develop and improve the Service, communication methods, and Platform functionality, provide personalized services, communications, and targeted advertising to Users.
5.4. Administrative Authority of Team Admins. By joining a Team, Team Members authorize the Team Admin to access and manage their use data within the context of the Team subscription. This includes viewing logs and credits, and making decisions regarding continued membership within the Team. Team Admins do not have access to personal account data or activity of Team Members outside the scope of the Team subscription.
6. Reasons for Collecting Information
6.1. The Company collects, processes, and discloses Users' Personal Information for the following purposes:
(i) Execute the Services proposed on the Platform;
(ii) Process and respond to Users' queries or contact them to answer their questions and/or requests;
(iii) Develop and improve the Service, communication methods, and Platform functionality;
(iv) Communicate information to Users and manage their registration and/or subscription to The Company's communications;
(v) Authenticate the identity of individuals contacting The Company;
(vi) Understand and evaluate changing consumer interests, desires, and needs to improve the Platform, current Services, and/or develop new services;
(vii) Provide personalized services, communications, targeted advertising, and service recommendations to Users;
(viii) For direct marketing purposes.
(ix) Manage risk and protect the Platform, the Service, and Users against fraud by verifying Users' identities and helping to detect and prevent fraud and abuse of the Platform or Services.
(x) Manage The Company's business needs, such as monitoring, analyzing, and improving Services and Platform performance and functionality.
(xi) Share relevant information about Users within a Team subscription with their Team Admin(s), such as usage logs, credits spent, and invite history, in accordance with the Team subscription structure.
6.2. If ownership of The Company changes or the majority of its assets are acquired by a third party, Users are informed that The Company will transfer their data to acquiring organizations to continue providing the data processing Service. The new database controller will inform Users of their identifying data. The Company states that it will fulfill its duty to inform the competent supervisory authority in the event of such circumstances and will inform Users of the change in the file manager at the time it occurs.
6.3. The Company may transfer Users' personal data to third parties associated with The Company, provided that Users have given their express, informed, and unequivocal consent for such transfer and are aware of the purpose and recipient of such transfer.
7. What privacy options do users have?
Users have options regarding the privacy practices and communications described in this Privacy Policy.
(i) Personal information. Users may refuse to provide Personal Information, but certain Services or all Services may not be available to Users.
(ii) Cookies. Users may have options to manage cookie preferences. For example, the User's Internet browser or device may allow them to delete, disable, or block certain cookies and other tracking technologies. Users may choose to activate these options, but doing so may prevent Users from using many of the Service's features and functions and relegate a better experience.
(iii) Account registration and information. Users have an Account and can generally review and edit Personal Information directly or by contacting The Company. Users can contact The Company if they have questions about their Account information or other Personal Information.
(iv) Communication. Notices, alerts, and updates from The Company:
(v) Marketing: The Company may send Users marketing content about The Company, the Platform, and the Service through various communication channels, such as email. Users may opt out of receiving these marketing communications by following the instructions provided in the communications they receive.
(vi) Informational and other types: The Company will send communications to Users as necessary regarding: (i) the Service; (ii) notifications containing important information; and (iii) other communications requested by Users from The Company.
(vii) Options for Team Members. Users may leave a Team subscription at any time, following the Company’s guidelines for account management. Upon leaving, the User’s data within the Team subscription will still be accessible to the Team Admin. Users who wish to keep their personal data separate from a Team subscription must ensure they are not logged in through Team accounts when accessing personal services. Users may review and edit their Personal Information directly or by contacting The Company. However, information related to the Team may only be edited or accessed by the Team Admin.
8. Do we share/transfer personal information?
8.1. Only for the purposes established in this Privacy Policy and to carry out the Service, Personal Information may be disclosed by The Company when necessary to authorities, Team Admins and other third parties, such as third-party service providers used in connection with The Company's Service and related services.
8.2. The Company may also share non-identifiable information with third parties. The User has the option to decide whether The Company shares the User's personal information with third parties.
8.3. The Company may share aggregated non-identifiable information, and The Company may otherwise disclose non-identifiable information (including, without limitation, anonymized information) to third parties. The Company does not share User's Personal Data with third parties for those third parties' marketing purposes unless The Company first offers the User the opportunity to opt-in or opt-out of such sharing.
8.4. The Company may also share the information it has collected about the User, including Personal Information as disclosed at the time the User provides their Personal Data, with the User's consent as described in this Privacy Policy, or in the following circumstances:
(i) Service Providers: The Company may engage third-party companies and individuals to facilitate the Service, provide the Service on The Company's behalf, perform Service-related services (e.g., maintenance services, database management, web analytics and online advertising, payment processing, fraud detection, and improvement of The Company's features). These third parties may have access to the User's Personal Information to perform these tasks on behalf of The Company
(ii) Legal and Investigative Purposes: The Company will share information with governmental agencies as required by law in response to legal requests from public authorities, including to meet national security or law enforcement requirements. The Company will disclose information about the User to governmental authorities or law enforcement officials or private parties when The Company, in its sole discretion, deems it necessary or appropriate to respond to legal claims and legal processes (including, among others, court orders) or to (a) protect The Company's property and rights or those of a third party, (b) protect public safety or any person's safety, or (c) prevent or stop activity The Company may consider illegal, fraudulent, unethical, or posing a risk thereof.
8.5. By virtue of the above, The Company provides Users with a list of data processors with whom it may share personal information and their processing purposes. The User may then access the following link: https://endless.io/legal/subprocessors
8.6. As The Company is a U.S. company, The Company processes and stores User information in the United States, and The Company's service providers may process and store it elsewhere.
If the User is located outside the United States and chooses to provide information to The Company, they acknowledge and agree that the United States may not have the same data protection laws as the country where the User initially provided the information.
8.7. The Service is operated by the The Company team at its headquarters in Delaware, United States. The Company relies on service providers for the operation of the Platform and the provision of the Service. Not all of these service providers may be located in the United States and process User data in that country.
9. How do we protect Users' Personal Information?
9.1. The Company maintains technical, physical, and administrative security measures designed to provide reasonable protection of Users' Personal Information against loss, misuse, unauthorized access, disclosure, interference, and alteration. Security measures may include end-to-end data encryption, hashing, and access authorization controls. However, considering that the internet is not a completely secure environment, The Company does not guarantee that the security measures adopted will prevent third parties who operate illegally and maliciously from gaining access to Users' Personal Information and the absolute security of such information during its transmission or storage on The Company's systems. Although The Company strives to ensure the security of the Platform's systems and Services, Users are responsible for ensuring and maintaining the privacy of their password(s) and Account, registration information, and verifying that the Personal Information The Company maintains about Users is accurate and up to date. Access to Users' Personal Information is only permitted to employees and agents of The Company on a need-to-know basis and is subject to strict contractual confidentiality obligations when processed by third parties.
9.2. As mentioned above, The Company has adopted the necessary and recommended measures by data protection legislation to maintain the required level of security, depending on the nature of the personal data processed and the circumstances of the processing, in order to prevent, to the extent possible and always according to the state of the art, its alteration, loss, unauthorized processing, or access.
10. What are Users' Rights?
10.1. The Company respects Users' rights regarding the protection of personal data. To this end, the User acknowledges and accepts that the following rights are available to them:
(i) Right to be informed: Users have the right to receive clear, transparent, and easily understandable information about how The Company uses their Personal Information and the rights available to them. Therefore, The Company provides them with the information contained in this Privacy Policy.
(ii) Right of access and rectification: Users have the right to access, rectify, or update their Personal Information at any time.
(iii) Right to restrict processing: In certain circumstances, Users have the right to restrict the processing of their Personal Information.
(iv) Right to object: In certain circumstances, Users have the right to object to certain types of processing, including processing for direct marketing (i.e., receiving emails from The Company notifying them or being contacted with various potential opportunities).
(v) Right to withdraw consent: If Users have given their consent for The Company to process their Personal Information, they have the right to withdraw their consent at any time (although doing so does not mean that anything The Company has done with their Personal Information with their consent up to that point is unlawful). Users may withdraw their consent for the processing of their Personal Information at any time by contacting The Company using the contact details provided below.
10.2. Data subjects may exercise the aforementioned rights by sending a written request to The Company at the email address contact@endless.io. The Company will handle the request promptly and proceed to execute the applicable User rights.
10.3. In the event that Users believe that their rights under data protection legislation are being infringed, they may file a complaint with the supervisory authority of their place of residence. As an example for Europe, data protection authorities are independent public authorities that oversee, through investigation and corrective powers, the enforcement of data protection law. They provide expert advice on data protection issues and handle complaints filed for violations of the General Data Protection Regulation (GDPR) and relevant national laws. There is one in each EU Member State. In general, the primary point of contact for data protection issues is the data protection authority of the EU Member State in which the User or legal entity processing such Personal Information is headquartered. To find the appropriate authority, the User or Company can visit the following link: https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_en 11. Can children use The Company's services?
11.1. The Service is not intended for or directed at children under 18 years of age. The Company does not knowingly collect information, including Personal Information, from children or other individuals who are not legally capable of using the The Company Platform and Service. If The Company becomes aware that it may have collected Personal Information from a child under 18 years of age, The Company will immediately delete it, unless The Company is legally required to retain such data. Please contact The Company if Users believe that The Company has collected, by mistake or unintentionally, information from a child under 18 years of age.
12. Retention of Personal Data.
12.1. The Company will retain Users' Personal Information for 2 years after the User has deactivated their Account. Personal Information may also be retained so that The Company can continue to improve Users' experience through the Service. The Company will actively review retained Personal Information and securely delete it, or in some cases anonymize it, when there is no longer a legal, business, or consumer need to retain it.
12.2. Data Retention for Team Members:
Data collected under a Team subscription will be retained according to the same retention periods as other data. Upon termination of a Team membership, the Company reserves the right to anonymize or delete Team-related data after the legally required retention period.
13. Links to Other Websites
13.1. The Platform contains links to other websites. If the User decides to click on a third-party link, they will be directed to the website of that third party. The Company linking to a website does not constitute an endorsement, authorization, or representation of The Company's affiliation with such third party, nor an endorsement of their privacy or information security policies or practices. The Company does not exercise any control over third-party websites. These other websites may place their own cookies or other files on the User's computer, collect data, or request Personal Information from the User. The Company recommends that the User read the privacy policies or statements of the other websites they visit.
14. Changes to this Privacy Policy
14.1. Changes to this Privacy Policy will be posted on the Platform. If The Company makes a material change to The Company's privacy practices, The Company will provide notice on the Platform and through other contact information that the User or Users have provided.
15. Applicable Law. Disputes.
15.1. This Privacy Policy shall be governed by the laws of Delaware, United States. Any conflict arising from the interpretation or execution of this Privacy Policy or for any other cause shall be subject to the applicable laws of Delaware and to the exclusive jurisdiction of the courts of the judicial district of Delaware, United States.
16. Contact
16.1. If Users have any questions or concerns regarding The Company's Privacy Policy, please contact The Company All contacts and inquiries related to this Privacy Policy should be directed to contact@endless.io.