Inspiration

Jobs

Go Pro

Privacy policy

Our commitment to protecting your privacy

Learn more about how Dribbble collects and uses data and your rights as a Dribbble user.

Updated March 12, 2024

INTRODUCTION

Dribbble Holdings Limited (the “Dribbble Group”) is comprised of several companies, which together provide tools to help the world’s designers to create, develop and promote their talents (each a “Service” and collectively, the “Services”). The companies within the Dribbble Group each act as the data controller for personal data processed in respect of their Services (each a “Group Company” and together the “Group Companies”) and referred to as “our,” “we,” or “us” below. The data controllers for each Service are:

  • Dribbble - Dribbble Holdings Ltd

  • Creative Market - Creative Market Labs, Inc.

  • Fontspring - Creative Market Labs, Inc.

  • Font Squirrel - Creative Market Labs, Inc.

We know that you care about how your information is used and shared. This Privacy Policy provides details of the way in which the Group Companies process personal data in line with their obligations under relevant data protection law, including the European Union’s General Data Protection Regulation (the “GDPR”), the California Consumer Privacy Act (the “CCPA”), and other applicable laws (collectively, “Data Protection Law”).

This Privacy Policy explains what information of yours will be collected by the Group Companies when you use our Services, how the information will be used, and how you can control the collection, correction and/or deletion of information. Note that certain third parties may be able to identify you across sites and services and over time using the information they process, however, any such processing not done at the direction of us is outside the scope of this Privacy Policy. We are not responsible for the privacy policies, content or security of any linked third party websites or services. We recommend that you check the privacy and security policies of each and every website and service that you visit.

INFORMATION WE PROCESS.

The types of information we process depends on how you use our Services. Many of our Services require users to set up an account, which involves the collection and processing of your name and email address. Other Services may require the collection of additional information. For example, Dribbble helps to connect its community of designers with people and companies in need of their skills. In order to do so, Dribbble collects payments data and other information required to comply with relevant legal obligations.

The following table explains the types of information we collect and how we collect it. These categories of data may collectively be referred to as “Your Information”.

Information You Provide

Category

Example

Basic Account Information

Basic Account Information

In order to use our Services, Group Companies may require you to register and create an account. Depending on the Service, you will be required to provide a name and email address, and to choose an avatar and username.

Profile Information

Profile Information

People use our Services for different reasons. Some are looking for the perfect tools to help them create or share their designs. Others join our community in order to be inspired, or even to find the right designer to help them with a project.

Depending on your needs, you may provide us with additional personal information, including your area of expertise (e.g. branding and logo design) and details of any training courses you have completed for your profile.

Identity Information

Identity Information

For certain Services, such as creating a shop on Dribbble, we may also be required to collect your full name, date of birth, national identification number, photo identification and other information in order to verify your identify and to comply with applicable law.

Payment and Billing Information

Payment and Billing Information

Users can pay to gain access to specific design tools and fonts, or to attend workshops and other training events. Pro Dribbble users can unlock a range of additional features, which enable them to sell their designs online or to enhance their profiles.

Whatever our users’ individual needs, sometimes we will collect and process payments information. For instance, we collect the credit card information provided to us during checkout, for billing and payment purposes, and to process your transaction.

Additional information, includes billing contact name, postal address and telephone number may be necessary in order for us to provide a particular service.

User-Generated Content

User-Generated Content

In order to use our Services, Group Companies may require you to register and create an account. Depending on the Service, you will be required to provide a name and email address, and to choose an avatar and username.

Users can update their profiles to include custom avatars or photos, along with additional biographical information. They can create custom videos for their profile, in which they can “pitch” their talents to prospective employers. They may also upload their designs to the platform, engage in monthly playoffs and even open a shop to advertise their goods or services for sale. Certain users may also post freelance projects and other job opportunities.

Survey Information

Survey Information

We may ask you to complete surveys that we use for research purposes, or to evaluate our marketing or support efforts, and in those cases we store the answers given.

Contest Information

Contest Information

From time to time, we may offer contests or other promotions. If you choose to enter these contests or promotions, we may collect Identity Information and/or additional information.

Messages and Other Communications

Messages and Other Communications

Our Services can be used to communicate with us, other members of the community, or with prospective freelance designers or employers.

Automatically-Collected Information

Category

Example

Usage Information

Usage Information

We automatically collect information about the content and people you interact with, the features and add-ons you use and other actions you take, including applying to certain work opportunities advertised via our Services.

Location Data

Location Data

While users can provide their location or shipping address in the course of using our Services, we also automatically collect certain location information, including your IP address and location information provided by your device.

Device Information

Device Information

We automatically collect information from your browser or your device when accessing our Services, and record this data in log files. This includes information such as your unique device identifier, device attributes, device signals, data from device settings, networks and ads data.

Information Collected Through Cookies

Information Collected Through Cookies

When you visit a Service, we use cookies and related technologies (such as clear GIFs/web beacons) to identify the browser, to identify which page variant a visitor has seen, to determine if a visitor has clicked on a page variant, and to monitor traffic patterns and gauge popularity of service options. Please see our Cookie Policy for more information.

Information Others Provide

Category

Example

Updated Contact Information

Updated Contact Information

We might receive information about you from other sources and add it to our account information. This may include updated delivery and address information from our shippers or other sources so that we can correct our records and deliver your next purchase or communication more easily.

Non-User Contact Information

Non-User Contact Information

Some Group Companies provide an option to invite a friend to their Service, in which case the Group Company we will ask you for that person's email address and automatically send an email invitation to them.

User Reports

User Reports


Users can report content to us, where they feel it infringes intellectual property rights or otherwise violates out our Terms of Service.

Social Media Information

Social Media Information

Some Group Companies receive Your Information from social media companies such as Facebook and Twitter who may transfer Your Information to us when you interact with that social media company in connection with our Services or use an alternative sign in to our Services through a social media company.

Analytic and Aggregator Information

Analytic and Aggregator Information

Our Group Companies receive Your Information from ad networks, behavioural advertising vendors, market research, and social media companies or similar companies. Further, some of the Information Collected Through Cookies may be provided by third party analytic companies.

Information we Create

Category

Example

Inference Data

Inference Data

Some Group Companies, certain partners, social media companies, and third parties operating on our behalf create and infer Your Information based on our observations or analysis of Your Information processed under this Policy, and we may correlate this data with other data we process about you. We may combine any of Your Information about you that we receive from you and from third parties.

The Dribbble Group will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes unless we first notify you or obtain your consent, to the extent required by Data Protection Law.

Sensitive Personal Data

Data Protection Law recognises that certain types of information require additional protection. In particular, the GDPR prohibits the processing of sensitive personal data, other than in certain exceptional circumstances. Sensitive personal data in the EU includes information relating to one’s race or ethnicity, political opinions, religious or philosophical beliefs, membership of a trade union, as well as biometric data and data relating to one’s health or sexual orientation. Certain state laws in the US also have different definitions of sensitive personal data.

We do not knowingly collect or process any sensitive personal data. However, some users may make such information public through their use of our Services. For example, Dribbble permits users to add a biography to their profile. This is a free-text section that allows users to include whatever information they wish, subject to complying with the relevant Terms of Service. Users are in control of what information they share and, to the extent they choose to make sensitive personal data public, they may delete or amend this information at any time.

HOW WE PROCESS YOUR INFORMATION AND OUR LEGAL BASES FOR DOING SO

We collect and process Your Information whenever you use our Services. Consistent with relevant Data Protection Law, we are required to identify a legal basis for each of our processing activities.

Under EU law there are six different bases, which may be relied upon to enable the lawful processing of Your Information. In particular, data controllers may process personal data:

  • where they have received freely given, specific, informed and unambiguous consent from a data subject (“Consent”);

  • where processing is necessary to conclude and perform a contract (“Contractual Necessity”);

  • where processing is necessary to comply with a legal obligation to which they are subject (“Legal Obligation”); or

  • in pursuit of the data controller’s legitimate interests, except where these interests are overridden by the rights and freedoms of individuals (“Legitimate Interests”).

Under the CCPA, we must disclose the purposes for which we collect your information:

  • Business Purposes, which include auditing, security, debugging/repair, certain short-term uses, performing services, internal research for technical development, quality and safety maintenance and verification, as well as the use of Your Information for our operational purposes, or other notified purposes that use Your Information as reasonably necessary and proportionate to achieve the operational purpose; and

  • Commercial Purposes, which include use of Your Information to advance our commercial or economic interests, such as encouraging others to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction.

The Group Companies primarily rely on Consent, Contractual Necessity, Legal Obligation and Legitimate Interests when processing Your Information. Below we explain the purposes for which we process this information, along with the relevant categories of data we use and the legal basis we rely on to do so (for purposes of the GDPR) or other permitted reasons for processing (e.g. Business Purposes or Commercial Purposes under the CCPA).

Legal Basis: Consent

Why and how we process your data

Categories of data

CCPA Purpose

Depending on the Service, users may decide to customize their profile and provide us with additional information for this purpose. Users have control over what additional information they provide and can amend or update their profile at any time.

Depending on the Service, users may decide to customize their profile and provide us with additional information for this purpose. Users have control over what additional information they provide and can amend or update their profile at any time.

Profile Information

User-Generated Content

Consent, Business Purposes

We may occasionally ask you to complete surveys to assist us with product or marketing research, or to evaluate our customer service.

We may occasionally ask you to complete surveys to assist us with product or marketing research, or to evaluate our customer service.

Survey Information

Consent, Business Purposes, Commercial Purposes

Our Services allow people to build communities, to promote their creative works and to connect with interested parties. Users may choose to add their location information, so as to inform others of where they are based.

Our Services allow people to build communities, to promote their creative works and to connect with interested parties. Users may choose to add their location information, so as to inform others of where they are based.

Location Data

Consent, Business Purposes, Commercial Purposes

Users can adjust their device-based settings to enable the sharing of certain information (e.g. Location Data) on the basis of consent obtained for cookies. We use this information for various purposes, including linking Service users’ accounts with their device, for the purpose of delivering targeted advertising.

Users can adjust their device-based settings to enable the sharing of certain information (e.g. Location Data) on the basis of consent obtained for cookies. We use this information for various purposes, including linking Service users’ accounts with their device, for the purpose of delivering targeted advertising.

Location Data

Device Information

Analytic Information

Consent, Business Purposes, Commercial Purposes

From time to time, we may offer contests or other promotions that users may choose to enter. We use Your Information as necessary to process your request to enter the contest or take part in a promotion, notify you if you have won or to process delivery of a prize or other related purposes.

From time to time, we may offer contests or other promotions that users may choose to enter. We use Your Information as necessary to process your request to enter the contest or take part in a promotion, notify you if you have won or to process delivery of a prize or other related purposes.

Contest Data

User-Generated Content

Identity Information

Consent, Business Purposes, Commercial Purposes

Users have the right to withdraw their consent at any time. If they choose to exercise this right, our Group Companies will cease processing personal data on this basis. However, please note that a decision to withdraw your consent cannot affect the lawfulness of processing previously carried out on this basis.

Legal Basis: Contractual Necessity

Why and how we process your data

Categories of data

CCPA Purpose

We collect and store certain personal data, so that you can create, manage and control your account, and to verify access rights to our Services.

We collect and store certain personal data, so that you can create, manage and control your account, and to verify access rights to our Services.

Basic Account Information

Identity Information

Contractual Necessity, Business Purposes

The Dribbble Group offers a range of Services, some of which are free, while others require a once-off payment or a subscription.

Where a user wishes to avail of one of our paid Services, we will need to collect certain information so as to verify their identity and to process their billing. Such paid Services include subscriptions for access to fonts and template documents, upgrades to Pro Dribbble accounts which allows designers to enhance their profile and sell their creations online, or even enrolment in workshops and other training courses.

Basic Account Information

Identity Information

Payment and Billing Information

Contractual Necessity, Business Purposes

From time to time, our Group Companies will need to process your information for the purpose of communicating with you (subject to your opt-out rights set described in this Privacy Policy). Such communications may be required to provide you with information about the Services, or to inform you of changes or additions to same.

From time to time, our Group Companies will need to process your information for the purpose of communicating with you (subject to your opt-out rights set described in this Privacy Policy). Such communications may be required to provide you with information about the Services, or to inform you of changes or additions to same.

Basic Account Information

Contractual Necessity; Business Purposes

Each Group Company processes personal data in order to protect against fraud or error, to respond to claims of any violation of our rights or those of any third parties and to enforce this Privacy Policy and to enforce its respective Terms of Service.

Each Group Company processes personal data in order to protect against fraud or error, to respond to claims of any violation of our rights or those of any third parties and to enforce this Privacy Policy and to enforce its respective Terms of Service.

Basic Account Information

Identity Information

Profile Information

User-Generated Content

Usage Information

Location Data

Device Information

User Reports

Contractual Necessity; Business Purposes

Legal Basis: Legitimate Interests

Why and how we process your data

Categories of data

CCPA Purpose

Over the years, a diverse community of designers, artists and other creatives has been built around our Services. While our users share a passion for content creation and design, they have different interests and needs. Some of our users are drawn to web design, others focus on typography or illustration. We process certain information in order to personalise a user’s experience of our Services and to provide targeted advertising, so that users see the content that is most meaningful to them.

Over the years, a diverse community of designers, artists and other creatives has been built around our Services. While our users share a passion for content creation and design, they have different interests and needs. Some of our users are drawn to web design, others focus on typography or illustration. We process certain information in order to personalise a user’s experience of our Services and to provide targeted advertising, so that users see the content that is most meaningful to them.

Basic Account Information

Location Data

Usage Data

Device Information

Automatically-Collected Information

Social Media Information

Analytic and Aggregator Information

Inference Data

Business Purposes, Commercial Purposes

We process personal data in order to assess service levels, monitor traffic patterns and gauge popularity of different features on our Services with the aim of improving our Services

User-Generated Content

Survey Information

Usage Information

Automatically-Collected Information

Analytic and Aggregator Information

Business Purposes

Each Group Company processes personal data in order to protect against fraud or error, to respond to claims of any violation of our rights or those of any third parties and to enforce this Privacy Policy and to enforce its respective Terms of Service.

Each Group Company processes personal data in order to protect against fraud or error, to respond to claims of any violation of our rights or those of any third parties and to enforce this Privacy Policy and to enforce its respective Terms of Service.

All of Your Information

Business Purposes

Our Group Companies process personal data to respond to your requests for customer service.

Our Group Companies process personal data to respond to your requests for customer service.

Information You Provide

Usage Information

Location Data

Device Information

Business Purposes

The Dribbble Group may process personal data to evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of the Dribbble Group’s assets, in which personal information is among the assets to be transferred.

The Dribbble Group may process personal data to evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of the Dribbble Group’s assets, in which personal information is among the assets to be transferred.

All of Your Information

Business Purposes

Our Group Companies share certain personal data with third party service providers, in order to provide their Services. For example, Dribbble shares payment information with Stripe and Paypal, in accordance with their respective privacy policies.

Our Group Companies share certain personal data with third party service providers, in order to provide their Services. For example, Dribbble shares payment information with Stripe and Paypal, in accordance with their respective privacy policies.

Basic Account Information

Identity Information

Payment and Billing Information

Business Purposes, Commercial Purpose

The Dribbble Group shares personal data with registered API application providers, in order to deliver relevant design stories and inspiration.

The Dribbble Group shares personal data with registered API application providers, in order to deliver relevant design stories and inspiration.

Basic Account Information

Additional Account Information

User-Generated Content

Automatically-Collected Information

Business Purposes, Commercial Purpose

Legal Obligation

Why and how we process your data

Categories of data

CCPA Purpose

Compliance with various tax laws

Compliance with various tax laws

Basic Account Information

Identity Information

Payments and Billing Information

Legal Obligation, Business Purpose

When you exercise your rights under data protection law and make requests

All of Your Information


Legal Obligation, Business Purpose

To establish and defend against legal claims or comply with lawful requests from government or law enforcement officials

To establish and defend against legal claims or comply with lawful requests from government or law enforcement officials

All of Your Information

Legal Obligation, Business Purpose

WHO WE SHARE DATA WITH

The Dribbble Group Companies work together to support the delivery of our Services

Our Group Companies also work with third-party service providers who help us to provide our Services. Most of our service providers are located in the US.

For EEA residents, is your information is transferred outside of the EEA, we will adopt measures to ensure that it is protected in a manner that is consistent with our obligations under Data Protection Law, including the European Union’s General Data Protection Regulation.

Transfers to Third Parties

Category of Recipient

Type of Personal Data

Purpose

Location

Hosting providers

Hosting providers

Your Information

We rely on cloud service providers to host user data. (Business Purposes)

USA

Customer support service providers

Basic Account Information, Payment and Billing Information, Messages and Other Communications, Location Data, Device Information and User Reports

Our third-party partners help to provide support to our customers throughout the world. (Business and Commercial Purposes)

Philippines, USA

Digital trust & safety service provider, for example Sift

Digital trust & safety service provider, for example Sift

Basic Account Information, Identity Information, Profile Information, Payment and Billing Information, User-Generated Content, Messages and Other Communications, Automatically- Collected Information

To identify and prevent fraud on our Services, to uphold our Terms of Service and to keep our users safe. (Business Purposes)

USA

Customer data platform service provider, for example Segment

Information You Provide, Automatically- Collected Information

To effectively manage customer data, including by standardising data collection and unifying our user records. (Business and Commercial Purposes)

USA

Software visualisation service provider, for example New Relic

Software visualisation service provider, for example New Relic

User-Generated Content, Automatically-Collected Information

To help us better track the performance of our Services. (Business Purposes)

USA

Website analytics, for example Hotjar and Google Analytics

Basic Account Information, Location Data, Usage Information, Analytic and Aggregator Information

To help us better track the performance of our Services. (Business Purposes)

Malta, USA

Paid search advertising analytics, for example Google Ads

Basic Account Information, Automatically- Collected Information, Analytic and Aggregator Information

To help our Group Companies to reach users of Google Search for the purpose of advertising our Services. (Commercial Purposes)

USA

Payment Processing service providers, for example Braintree

Payment Processing service providers, for example Braintree

Basic Account Information, Payment and Billing Information

To facilitate payments for our paid Services (Business Purposes)

USA

Royalty payment processing service providers, for example PayPal and Tipalti

Basic Account Information, Payment and Billing Information

To facilitate royalty payments to our designers and foundry partners. (Business Purposes)

Malta, USA

Email help desk service provider, for example Help Scout

Email help desk service provider, for example Help Scout

Basic Account Information, Location Data, Usage Information

To provide remote support to our customers. (Business Purposes)

USA

Email service provider, for example Mailchimp, Mandrill App

Basic Account Information

To facilitate the sending of electronic mail, both internally within the relevant Group Company and externally with our users, partners and other members of the public. (Business and Commercial Purposes)

Malta, USA

In addition to the above, some of our Services are integrated with social media networks and other platforms (e.g., Facebook, Pinterest, and LinkedIn) whereby information may be shared between us and those platforms. For instance, if you interact with our Service through a social media feature such as a plug-in, then you may be granting us on-going access to certain information from that social media account. If you do not want a social media platform to collect or share information about you, please review the privacy policy and privacy settings of the applicable social media property before using such features on our Service.

YOUR RIGHTS

Data Protection Laws around the world, including the GDPR and the CCPA, provide users with certain rights over how their personal data is used by companies. Consistent with these laws, our Group Companies enable users to access, amend and delete the Information You Provide. We also have systems in place to allow you to exercise your rights in respect of Automatically-Collected Information and Information Others Provide, including your rights to object to or restrict the processing of your personal data.

If you would like to exercise any of your rights, please contact the relevant company at the information provided below. Alternatively, you may update or correct certain information, such as your Basic Account Information and email preferences, at any time by logging in to your account settings page.

At any time you may:

  • Decline to Submit Information: You may, of course, decline to submit Personal Information through the Service, in which we may not be able to provide certain services to you.

  • Update Account Information: You may update or correct your account information and email preferences at any time by logging in to your account settings page.

  • Unsubscribe from marketing emails: to unsubscribe from a particular newsletter, click the "unsubscribe" link at the bottom of that email newsletter. When we send newsletters to subscribers we may allow advertisers or partners to include messages in those newsletters, or we may send dedicated newsletters and marketing messages on behalf of those advertisers or partners. We may disclose your opt-out choices to third parties so that they can honour your preferences in accordance with applicable laws.

  • Blocking cookies: certain browsers may be configured to notify you when you receive cookies, or allow you to restrict or disable certain cookies. If you choose to disable cookies, however, that could affect certain features of the Service that use cookies to enhance their functionality. Please see our Cookie Policy. Further, please note our Services do not respond to your browser’s do-not-track request.

  • Disabling local shared objects: we may use other kinds of local storage that function similarly, but are stored in different parts of your computer from ordinary browser cookies, including Flash cookies placed on your device or web browser via the Adobe flash plug-in. Your browser may allow you to disable its HTML5 local storage or delete information contained in its HTML5 local storage. For further details about deleting information contained in "local shared objects" or adjusting related preferences, please click here.

  • Withdraw Your Consent: Where we are processing Your Information based on your consent, you may change your mind and withdraw your consent at any time. The consequence of you withdrawing consent might be that we cannot perform certain services for you, such as linking to your device or providing certain advertising to you, that are conditioned on your consent.

EU Residents

Under the GDPR, you have the following rights which may be subject to restrictions under local law: (i) the right to withdraw consent to processing where consent is the basis of processing; (ii) the right to access your personal information and certain other supplementary information, under certain conditions; (iii) the right to object to processing that is based on our legitimate interests, under certain conditions; (iv) the right to deletion of personal information about you, under certain conditions; (v) the right to demand that we restrict processing of your personal information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer necessary, are processing, or believe your personal information is inaccurate; (vi) the right to data portability of personal information concerning you that you provided us in a structured, commonly used, and machine-readable format, under certain conditions; (vii) the right object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions; (viii) the right to lodge a complaint with a data protection authorities.

California Residents

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you, or that we have sold, or disclosed for a Commercial Purpose.

  • The categories of sources for the personal information we collected about you.

  • Our business or commercial purpose for collecting or selling that personal information.

  • The categories of third parties with whom we share that personal information.

  • The specific pieces of personal information we collected about you (also called a data portability request).

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request we will delete (and direct our service providers to delete) your personal information from our records unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, or take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform the Services.

  • Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.

  • Debug products to identify and repair errors that impair existing intended functionality.

  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.)

  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

  • Comply with a legal obligation.

  • Make other internal and lawful uses of that information that are compatible with the context in which you provide it.

Minors’ User Content

Individuals under the age of 18 in California can delete or remove publicly available User-Generated Content using the same deletion or removal procedures described above, or otherwise made available through the Services. If you have questions about how to remove your User-Generated Content or if you would like additional assistance with deletion you can contact us by email at [email protected]. We will work to delete your information, but we cannot guarantee comprehensive removal of that content or information posted through the Services.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights, please submit a verifiable consumer request to us by emailing us at [email protected]. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12 month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person we collected personal information on.

  • Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable request does not require you to create an account with us.

Response Timing and Format

We endeavour to respond to verifiable consumer requests within 45 days of receipt. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response to you by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. If applicable, we will also provide reasons we cannot comply with your request. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information. We do not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or unfounded. If we determine a fee is warranted, we will provide you with an estimate before completing your request.

Personal Information Sales Opt-Out and Opt-In Rights

For the purposes of CCPA, we do not sell Your Information.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.

  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

  • Provide you with a different level or quality of goods or services.

  • Suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.

Information

California Civil Code Section §1798.83 permits users of the Site and/or Services who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected] with “Request for California Privacy Information” in the subject line and in the body of your message. We will provide the requested information to you in your email address in response.

DATA SECURITY AND DATA BREACH

We care about the integrity and security of Your Information and implement appropriate technical and organisational security measures to safeguard Your Information from unlawful or unauthorised destruction, loss, change, disclosure, acquisition or access.

Our Group Companies follow generally accepted industry standards to protect the personal data provided to us, both during transmission and after it is received. Examples of our security measures include, as appropriate, physical measures such as locking access to servers, putting in place IT measures such as encryption, and restricting access to your information through approvals and passwords, so it is accessible only on a “need to know” basis.

Depending on the Group Company and the Service in question, your account information is protected by a password. You are responsible for carefully choosing and periodically changing an appropriately-strong password and for maintaining its secrecy. You are also responsible for controlling access to your email communications from our Group Companies, and for other security measures, such as signing out after using our Services.

Despite these measures, it is not possible to warrant the security of any information you transmit to our Group Companies or guarantee that your information on our Services may not be accessed, disclosed, altered, or destroyed by a breach of any of our technical or organisational safeguards. Your privacy settings may also be affected by changes to the functionality of our Group Companies’ distributors, such as social networks. We are not responsible for the functionality or security measures of any third party.

DATA RETENTION

We will keep personal data only for as long as is necessary for the purposes for which that personal data are processed, including to provide our Services. The storage periods are determined on a case-by-case basis and will depend on several factors, including:

  • The type of information and the purpose for which it is processed;

  • Any legal requirement to retain the data, including where data was processed on the basis of a Legal Obligation or until the Statute of Limitations has elapsed with respect to possible legal claims or investigations;

  • Whether the data is required for Trust & Safety purposes. For example, where users breach our Terms of Service, we may terminate their account and prevent them from accessing our Services, in order to protect other users. In such circumstances, it may be necessary to retain certain personal data, even after account termination.

Following termination or deactivation of your User account, we may retain the Information You Provide for a commercially reasonable time for backup, archival, contract performance and enforcement, or audit purposes but for no longer than is necessary and only where the information is accurate and relevant for our use. Furthermore, we may retain and continue to use indefinitely all information contained in your communications to other Users or posted to public or semi-public areas of the Service after termination or deactivation of your User account. However, we will only keep this information on the Services where it was posted and will not use this information for any other purpose.

ADVERTISING

This Site is affiliated with Publisher First, Inc. dba Freestar (“Freestar”) for the purposes of placing advertising on the Site, and Freestar will collect and use certain data for advertising purposes. To learn more about Freestar’s data usage, click here.

For more information about this type of online advertising, about cookies, and about how to turn this feature off, please visit this link.

PRIVACY POLICY CHANGES

As the Dribbble Group continues to grow, the manner in which we process data will evolve over time. We will update this policy from time to time to reflect changing practices and will notify you of any material changes in the following ways: i) we will send an email to the address provided to us upon sign-up to our Services, or ii) we will post a notification on the relevant Group Company’s site or app.

FURTHER INFORMATION AND COMPLAINTS

For further information about this Privacy Policy and/or the processing of your personal data by or on behalf of any members of the Dribbble Group, please contact us using the information provided below.

For users based in the EEA, you have the right to lodge a complaint with your competent data protection supervisory authority. The contact details of each supervisory authority are available on the European Data Protection Board’s website.

Notwithstanding this right, we request that you contact us in the first instance to give us the opportunity to address any concerns that you may have.

CONTACT INFORMATION

If you have any questions about this Privacy Policy, or data protection queries in relation to any of the Group Companies or Services, Dribbble Group’s Data Protection Officer can be reached at [email protected].

VeraSafe has been appointed as the Dribbble Group's representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, VeraSafe can be contacted, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative

or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland



VeraSafe has been appointed as the Dribbble Group's representative in the United Kingdom for data protection matters, pursuant to Article 27 of the United Kingdom General Data Protection Regulation. If you are located within the United Kingdom, VeraSafe can be contacted, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative

or via telephone at: +44 (20) 4532 2003.

Alternatively, VeraSafe can be contacted at:

VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom