Privacy Policy
Last Updated: 20 August 2024
Welcome to Affinity, from Serif (Europe) Limited (part of the Canva Group). Please read this Privacy Policy carefully as it explains how we collect and use your personal information in relation to Affinity’s products, services, events, forums and websites (being serif.com, affinityspotlight.com and any other websites created by us from time to time that link to this Privacy Policy, together, our “Websites”) or applications that link to this Privacy Policy. It also describes your choices and rights about the collection and use of your personal information.
We may modify this Privacy Policy from time to time to reflect our current practice and ensure compliance with applicable laws. When we do we will update the “Last Updated” date at the top of this policy. If we make any material changes to the way we collect, use, store and/or share your personal information, we will notify you on our Websites or by sending an email to the email address associated with your Affinity account. It is therefore important that you regularly review this Privacy Policy to ensure you are updated as to any changes.
Where this document is translated into a language other than English, in the event of any dispute arising with respect to its interpretation, the English language version shall prevail.
Contact us
‘Serif’, ‘Affinity’ and ‘Affinity Spotlight’ are trading names of Serif (Europe) Ltd (“we”, “our” or “us”) registered in England number 2117968 with registered offices at: The Software Centre, 12 Wilford Ind Est, Nottingham NG11 7EP, UK. Telephone: UK - 0845 345 6770 Intl.- +44 115 914 2000. Unless otherwise specified, we are the data controller of your personal data.
If you have any queries relating to our use of your personal information or any other related data protection questions, you can contact our nominated Data Protection Officer at dataprotection@serif.com or write to us at Data Protection Officer, Serif (Europe) Ltd, 12 Wilford Ind Est, Nottingham NG11 7EP.
If you are not satisfied with any action taken by us or response given, you have the right to complain to Information Commissioner at ico.org.uk, or using their helpline telephone number: 0303 1231113.
Information we collect
We collect the following types of information about you:
From Our Websites
- When you register for an Affinity account, sign up to receive our newsletters, or to take part in our free public betas, or download a free trial of our software, or sign up to the Affinity Forum, an account is created which may include your name, email address, IP address (which may be used to infer general location at a city or country level) and phone number. This may also include your payment information when you make a purchase on our Websites. Please do not share your username or account details with any third party.
- If you: (a) complete one of our enquiry forms on Our Websites; (b) enter into a contract with us for our services; (c) report a problem with Our Websites; or (d) otherwise correspond with us, we may collect your name, address (including email address), other contact details, phone numbers and identification.
From Our applications
- Affinity applications collect information from your device for the purpose of aggregated reporting, for example usage data, application name and version number, language and OS version. This is used to ensure correct content is shown in the welcome screen of the applications and to help notify you of product updates.
- We will also collect crash report data, but only if you choose to submit it to us at the time.
- In addition, our beta versions of the applications will automatically send additional data to help diagnose issues including GFX card information, Direct X data, CPU info and platform patches.
Other information submitted by you
- Information related to transactions you conduct on the Websites and/or services, including when you choose to register for a webinar, event, or participate in a survey, or download special content, and your interactions with the Websites and/or services (for example when you provide feedback).
Information we receive from third-parties
We may receive information about you from third parties. For example, if you access the service through a third-party connection or log-in, that third-party may pass certain information about your use of its service to us.
Why do we process and store your personal data?
We use information about you for the following purposes in reliance on the following legal bases:
-
Consent
In some cases, we will process your personal data based on obtaining your express consent for us to do so, for example when signing up to receive our newsletter. Where this applies, we will always offer you the opportunity to withdraw your consent for this processing at any time.
-
Contract
It may be necessary for us to capture and store your personal data to fulfill our contractual obligation to you. For example, we may need to retain a copy of your email address where it forms part of the product license you purchase from us and to send you communications about critical elements of Our Websites or products (for example we may send you emails about technical issues, security alerts or administrative matters).
-
Legitimate Interests
Where we have legitimate reasons to process your personal data in ways which do not adversely affect your interests and rights, including:
- To enable you to access and use Our Websites, to provide access to your purchases and product keys, and to provide customer support where required
- To provide a personalized checkout experience on our store. We will use your general location information (at a city or country level) to display relevant services, and pricing in your local currency
- To personalize our communications with you
- To detect and prevent fraud and abuse of Our Websites and store, and to help keep our services secure
- To improve the quality of your experience on Our Websites. We are always working to improve Our Websites and our products, and may use certain demographic information such as your account country and language preference to help us achieve this.
Who do we share your personal data with?
Our affiliates, employees and authorized contractors
We may share your information, including personal data with any of Affinity’s affiliates and group companies for the purposes described in this Privacy Policy.
Third party service providers and third parties
We may share your information, including personal data, with third-party service providers and agents who work on our behalf and provide us with services related to the Websites or our products and services (including for billing and credit card payment processing, maintenance, sales, marketing, administration, customer support, data enrichment, and database management services, or outside professional advisors) or co-sponsors and presenters of webinars and events that you attend or co-branded content partners when you download or request certain marketing of such content.
Law enforcement
We may share your personal data when we believe it is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies or protect us, our business or our users, or third parties, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud or to maintain the security of our Websites, products and services.
Merger, acquisition or reorganization
Affinity may also share, sell or transfer your information to third parties in connection with or contemplation of (including as part of the due diligence process) any merger, acquisition, reorganization, financing, sale of assets, bankruptcy or insolvency event involving Affinity or any portion of our assets, services or businesses.
Your personal data rights
You have the right to object to our processing of your personal data about you for marketing purposes and we will stop processing data for that purpose.
The laws of some countries grant particular rights in respect of personal information. Individuals in certain countries, including the United Kingdom, European Union and Brazil have the right to:
- Request access to their information
- Request that we correct inaccuracies in their information
- Request that their information be deleted or that we restrict access to it
- Request a structured electronic version of their information
- Object to our use of their information
Rights in respect of your information
Should you wish to make a request in respect of your personal information:
- If you have an Affinity Store account, you can access and correct your personal data by visiting https://store.serif.com/account/ and navigating to your ‘Account Details’ page.
-
You can also make a request in respect of your personal data, including requesting the deletion of your account and your personal data, by emailing us dataprotection@serif.com, or writing to us at the following address:
Data Protection Manager
Serif
12 Wilford Ind Est
Nottingham
NG11 7EP
In some circumstances Affinity will not be able to comply with your request regarding your personal data and we will explain why. For example, we may not be able to provide a copy of your information where it infringes on the rights of another user or if you ask us to delete your personal data which we are required by law or have compelling legitimate interests to keep, or where information cannot be disclosed for legal reasons.
If we are unable to resolve your request, or if you are concerned about a potential violation, you also have the option to report the issue or make a complaint to the data protection authority in your jurisdiction.
For the protection of all our customers, we will take reasonable steps to confirm your identity before providing you with details of any personal data we may hold about you.
Please be aware that once deleted, your account will no longer be accessible and cannot be restored so you should ensure that anything that is accessed via your account that you wish to keep is backed up before proceeding.
How secure is your personal data?
We have implemented and we continually maintain a variety of technical and organisational measures to protect your personal data from unauthorised access and against unlawful processing, accidental loss, destruction, and damage.
It is important for you to remember to protect yourself against unauthorized access by guarding your password. For example, if you use a shared computer, make sure you logout or close your browser whenever you leave the computer.
Do we transfer personal data overseas?
The Internet is a global environment. Using the Internet to collect and process personal data involves the transmission of data on an international basis. Although the data we collect from you is stored in the UK and European Economic Area (“EEA”), we may need to transfer data to our affiliates, group companies and service providers who are located outside the UK and EEA for the purposes described in this Privacy Policy. We will implement measures to transfer your data securely and in accordance with applicable data protection laws.
Children
We do not knowingly collect personal data from anyone under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe your child has disclosed personal information to us, please contact us at dataprotection@serif.com.
Where processing of personal data is based on consent, if we learn that this data belongs to someone under the age of 13, we will cease processing and will take reasonable measures to delete the applicable information from our records, unless the consent is provided by a parent or guardian.
How long we keep your personal data
We will retain your personal data for a commercially reasonable time and for as long as we have a valid purpose to do so. In particular, Affinity will retain your personal data for the purpose of complying with its legal and audit obligations, and for backup and archival purposes.
Questions
If you have any questions about our Privacy Policy, please get in touch.