Last updated: March 31, 2023
if you are under 18 years old, you are not permitted to use our Services all-alone. Reading this Policy means you are a responsible kid so ask your parent or guardian to sit next to you and explain to you what Certifunny is all about.
One of our core values is to always let you know the kind of data we collect from you and how we use it to offer you the best experience possible. We want to be clear and precise for you to fully comprehend and be able to decide and control the information you share with us.
You should read this policy in full but here are some key items of it which will further discussed in more detail below:
- You must be at least 18 years old to use the Services
- Certifunny produces certificates of any kind for fun. Via Certifunny you can either certify yourself or others.
- Creating an account is not obligatory for using most of our services but if you wish to have access to their full extent, you should create an account. If you decide to do so you may only create one account for your actual self.
- We give you control through your settings for you to have control on the data we collect from you and how we use it and to have control over your account security.
Who we are
The App and Sites (referred together as “Services” or “Platform”) are operated by Certifunny L.P., Athens, Greece, registered in the Hellenic Business Registry (Γ.Ε.Μ.Η.) with Registration Number 169633603000 (also referred to this policy as “we” or “us”) and is the data controller responsible for your personal data collected and processed through the Certifunny App and Sites.
Information we collect
Your profile information
You give us information (“User data”) when you create a Certifunny account or when you update your profile such as your username, password, date of birth, email address and/or telephone number.
Content and behavioural information
Using our Services generates information (“Usage data”) about your activity within our Platform (e.g. timestamp of login, actions taken) and your interactions with other users (e.g. users you connect and interact with, messages you exchanged etc).
We collect hardware and software related information (“Technical data”) about and via the device(s) you use to access our services (e.g. IP address, device ID and type and other identifiers that may uniquely identify a device or browser).
From third parties
When you verify your social network identities within Certifunny (e.g. Facebook, Twitter, TikTok, Instagram, etc) you are always aware of what kind of data you share with us, for example your username and/or your public profile information.
Although most web browsers automatically accept cookies, many browsers’ settings can be set to decline cookies or alert you when a website is attempting to place a cookie on your computer. Bear in mind though that some of our services may not function properly if you disable cookies. When your browser or device allows it, we use both session cookies and persistent cookies to better understand how you interact with our services, to monitor aggregate usage patterns, and to personalize and otherwise operate our services such as by providing account security, personalizing the content we show you, and remembering your language preferences.
Our purpose for using your personal data
We will use the information we collect about you for the following reasons:
- To communicate with you, provide you with user support and notify you about changes to our services
- To provide personalized services to you
- To diagnose, understand, troubleshoot, and fix issues with our Services
- To develop new features and improvements to our Services
- To comply with legal obligations and law enforcement requests
- To establish, exercise and defend legal claims
- To conduct business planning, reporting and forecasting
- To process your payments
- To detect and prevent fraud, abuse, and illegal activity on our Services
- To ensure your safety and security and prevent your exposure to inappropriate content
We rely on the following legal bases:
- Legitimate interest: When Certifunny has an interest in using your personal data in a way that is necessary and justified considering any possible risks to you and other Certifunny users. For example, using your Usage Data to improve our Services for all users.
- Compliance with Legal Obligations: When Certifunny must process your personal data to comply with applicable laws and regulations and evidence our compliance with them.
How we share your personal data
This section sets out the rules and purpose of sharing your personal data collected and generated by your use of our Services as well as the categories of recipients of it.
Publicly available information
Your First and Last name are available to those who have the link (URL) of a certificate in which you are either the assignor or the assignee
With your consent or at your request
- Where sharing of specific personal data is essential for the use of our Services or a third-party application, service device you have chosen to use, or
- If you otherwise grant us your permission to share the personal data for example by modifying your settings in our Services or by giving your consent
With other users
We don’t share any of your personal data with other users unless you have shared your coupon to them. If this is the case, then the users who will use your coupon will see the name of the owner of the coupon, which is you.
With our service providers
We use service providers to assist us operate and improve our Services. These service providers include those who offer the technical infrastructure we need to provide our services, analytics, customer support, marketing and/or advertising solutions, payment processing and security operations.
With payment processors
So they can process your payments within our Platform and for anti-fraud purposes. Currently, it is only Stripe, that becomes aware of your email whenever you proceed to a checkout of an order. They use your email for sending you an invoice.
With academic researchers
We may share pseudonymised data for statistical analysis and academic study. Pseudonymised data is where your data is presented in such a way that no longer identifies you as it appears to belong to a code rather than a human.
When required by law
We may disclose your information under good faith and if reasonably necessary for us to do so:
- To comply with a legal obligation
- To respond to a valid legal process (e.g. a search warrant, court order or subpoena)
- For our own or a third party’s justifiable interest relating to:
- National security
- Law enforcement
- Criminal investigation
- Protecting a person’s safety
- Preventing death or imminent bodily harm
When enforcing legal rights
We may share information:
- If disclosure would mitigate our liability in an actual of threatened lawsuit
- To protect our legal rights and the legal rights of our users, partners, or affiliates
- To enforce our agreements with you
- To investigate, prevent or act on an illegal activity or suspected fraud
With purchasers of our business
We may transfer your information if we are involved, either in whole or in part, in a merger, sale, acquisition, divestiture, reorganization, dissolution or other change of ownership or control. During negotiations we present pseudonymised data so that your account is kept confidential. We will notify you before your personal data is transferred.
Where we store your data
We currently partner with Digital Ocean Holdings Inc. for our cloud infrastructure and we operate two dedicated servers for offering our Services, one in Amsterdam and one in New York. It is in these two places where your data are stored.
Data retention, deactivation, deletion
We keep your personal data only as long it is necessary to provide you with our Services and for Certifunny’ s legitimate and essential business purposes, such as:
- Making data-driven decisions about new functionalities
- Complying with legal obligations
- Resolving disputes
If you decide to deactivate your account your personal data will remain stored for as long your account stays deactivated.
If you decide to close your account, we will delete or anonymise your personal data, so it no longer identifies you, unless we still need to use it for a legally justifiable reason. Here are some examples where we are legally allowed or required to keep some of your information:
- If there is an unresolved issue relating to your account, such as a credit or unresolved claim or dispute
- For our legal, tax, audit, and accounting obligations
- For our legitimate business interests such as fraud prevention or to maintain security
We want you to be in control of your information, so we want to remind you of the following options and tools available to you:
- Access / Update tools in the service: Tools and account settings can help you access, rectify or remove information that you provided to us and that’s associated with your account directly within the service. If you have any questions on those tools and settings, please contact our Community Care Team.
- Device permissions: Mobile platforms can have permission systems for specific types of device data and notifications, such as phone contacts, pictures, location services, push notifications and advertising identifiers. You can change your settings on your device to either consent or oppose the collection or processing of the corresponding information or the display of the corresponding notifications. Of course, if you do that, certain services may lose functionality.
- Uninstall: You can stop all information collection by an app by uninstalling it using the standard uninstall process for your device. Remember that uninstalling an app does NOT close your account. To close your account, please use the corresponding functionality on the service.
- Account closure: You can close your account by using the corresponding functionality directly on the service.
Global Operations and Data Transfers
When carrying out the activities described in this Policy, Certifunny may share your personal data internationally with subcontractors and partners. They may process your data in countries whose data protection laws are not considered to be as strong as EU laws or the laws which apply where you live. For example, they may not give you the same rights over your data.
Whenever we transfer personal data internationally, we use tools to make sure the data transfer complies with applicable law and help to give your data the same level of protection as it has in the EU. We also use technical protections such as encryption and pseudonymisation.
Certifunny doesn’t sell your personal data as defined under the California Consumer Privacy Act.
Keeping your personal data safe
We're committed to protecting our users' personal data. We implement appropriate technical and organizational measures to help protect the security of your personal data. However, be aware that no system is ever completely secure.
We have implemented various safeguards including pseudonymization, encryption, access, and retention policies to guard against unauthorized access and unnecessary retention of personal data in our systems.
We constantly monitor login activity and may temporarily block your account in case we suspect fraud e.g. due to lots of unsuccessful successive login attempts.
To protect your user account, we encourage you to:
- use a strong password that is unique to your Certifunny account
- never share your password with anyone
- limit access to your computer and browser
- log out once you have finished using our Services on a shared device
Changes to this policy
How to contact us
If you have any thoughts or concerns about this Policy, please let us know by sending an email to our Community Care Team or writing to us at the address below: