Privacy Policy

This Privacy Notice for Rate, operated by Crowbly FZE LLC (License No. 4415394.01, Formation No. 4415394, Sharjah, United Arab Emirates) ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

• —Visit our website at rate.blue, or any website of ours that links to this Privacy Notice
• —Use Rate, a feedback platform that enables creators, event organizers, and content producers to collect structured ratings and written feedback from their audience
• —Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? If you do not agree with our policies and practices, please do not use our Services. For questions, contact us at legal@rate.blue

Table of Contents

1. 1. What Information Do We Collect?
2. 2. How Do We Process Your Information?
3. 3. What Legal Bases Do We Rely On?
4. 4. When and With Whom Do We Share Your Information?
5. 5. Do We Use Cookies and Other Tracking Technologies?
6. 6. Do We Offer AI-Based Products?
7. 7. How Do We Handle Your Social Logins?
8. 8. Is Your Information Transferred Internationally?
9. 9. How Long Do We Keep Your Information?
10. 10. How Do We Keep Your Information Safe?
11. 11. Do We Collect Information From Minors?
12. 12. What Are Your Privacy Rights?
13. 13. Controls for Do-Not-Track Features
14. 14. Do United States Residents Have Specific Privacy Rights?
15. 15. Compliance and Development Status
16. 16. Do We Make Updates to This Notice?
17. 17. How Can You Contact Us About This Notice?
18. 18. How Can You Review, Update, or Delete Your Data?

1. What Information Do We Collect?

2. How Do We Process Your Information?

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• —To facilitate account creation and authentication and otherwise manage user accounts.
• —To deliver and facilitate delivery of services to the user.
• —To send administrative information to you, including changes to our terms and policies.
• —To request feedback and to contact you about your use of our Services.
• —To protect our Services as part of our efforts to keep them safe and secure, including fraud monitoring and prevention.
• —To identify usage trends and better understand how our Services are used so we can improve them.
• —To save or protect an individual's vital interest, such as to prevent harm.

3. What Legal Bases Do We Rely On to Process Your Information?

We only process your personal information when we have a valid legal reason to do so under applicable law — with your consent, to comply with laws, to provide you with services, to fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

If you are in the EU or UK, we may rely on: Consent, Performance of a Contract, Legitimate Interests, Legal Obligations, and Vital Interests as defined under GDPR and UK GDPR.

If you are in Canada, we may process your information with your express or implied consent, and in certain exceptional circumstances as permitted by applicable law.

4. When and With Whom Do We Share Your Personal Information?

We may need to share your personal information in the following situations:

Business transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

5. Do We Use Cookies and Other Tracking Technologies?

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy

6. Do We Offer AI-Based Products?

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies ("AI Products"). Our AI mascot "Blue" analyzes feedback data to surface insights, trends, and summaries for event creators.

We provide AI Products through third-party service providers, including OpenAI. Your input, output, and personal information may be shared with and processed by these AI service providers to enable your use of our AI Products. You must not use the AI Products in any way that violates the terms or policies of any AI service provider.

All personal information processed using our AI Products is handled in line with this Privacy Notice and our agreements with third parties, ensuring high security and safeguards for your personal information throughout the process.

7. How Do We Handle Your Social Logins?

Our Services offer you the ability to register and log in using your third-party social media account details (such as Google). Where you choose to do this, we will receive certain profile information about you from your social media provider, typically including your name, email address, and profile picture.

We will use this information only for the purposes described in this Privacy Notice. We are not responsible for other uses of your personal information by your third-party social media provider. We recommend reviewing their privacy notice to understand how they collect, use, and share your personal information.

8. Is Your Information Transferred Internationally?

Our servers are located in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored by, and processed by us and our third-party providers in the United States and other countries.

If you are a resident in the EEA, UK, or Switzerland, we have implemented the European Commission's Standard Contractual Clauses for transfers of personal information and will take all necessary measures to protect your personal information in accordance with this Privacy Notice and applicable law. Our Standard Contractual Clauses can be provided upon request.

9. How Long Do We Keep Your Information?

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law. No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible, securely store it and isolate it from any further processing until deletion is possible.

10. How Do We Keep Your Information Safe?

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

11. Do We Collect Information From Minors?

We do not knowingly collect, solicit data from, or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of a minor and consent to such minor's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data. If you become aware of any data we may have collected from children under age 18, please contact us at legal@rate.blue

12. What Are Your Privacy Rights?

In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right to: request access and obtain a copy of your personal information; request rectification or erasure; restrict the processing of your personal information; data portability; and not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information.

You may review, change, or terminate your account at any time by logging into your account settings or contacting us. To make a formal request, visit rate.blue/privacy/data-request or email legal@rate.blue

If you are in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to complain to your Member State data protection authority or the UK data protection authority.

If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

13. Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals. If a standard for online tracking is adopted that we must follow in the future, we will inform you in a revised version of this Privacy Notice.

14. Do United States Residents Have Specific Privacy Rights?

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to, correct, copy, or delete the personal information we maintain about you. These rights may be limited in some circumstances by applicable law.

We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers.

To exercise your rights, visit rate.blue/privacy/data-request or email legal@rate.blue

California "Shine The Light" Law. California Civil Code Section 1798.83 permits California residents to request information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes. If applicable, please submit your request in writing using the contact details in section 17.

15. Compliance and Development Status

This service is currently in its beta phase. Some of the measures being put in place are to ensure data protection laws are adhered to. Although we do our best to conform to these guidelines, there might be cases where the above mentioned principles are not completely adhered to due to ongoing processes. We will improve our privacy measures as the service develops, and this Privacy Notice will be updated from time to time to reflect changes in the law. If you are a customer from the EEA or UK and have any concerns about personal data processing, please do not hesitate to contact us.

16. Do We Make Updates to This Notice?

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Last updated" date at the top of this page. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently.

17. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, please contact us:

18. How Can You Review, Update, or Delete Your Data?

You have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please visit: rate.blue/privacy/data-request