Privacy Policy

We appreciateyour interest in our Privacy Policy. At AdBox Social, we take the protection ofyour data very seriously, and in the below we explain what data we collect whenyou use (“our website”), and how it isused.



a) Whatlaw applies?

We recognizethe legislative ambiguity around Wyoming State and US Federal Privacy Law, andin the absence of the former, have voluntarily committed to the Data ProtectionPrinciples as set out in the General Data Protection Regulation (“GDPR”), andof course we process your Personal Data accordingly.


b) Whatis Personal Data?

Personal Datais any information relating to personal or material circumstances that relatesto an individual. This may include, a name, date of birth, e-mail address,postal address, or telephone number but also online identifiers such as IPaddresses or device ID`s.


c) What isprocessing?

"Processing" means any operation or setof operations which is performed upon Personal Data, whether or not byautomatic means. The term is broad and covers virtually any handling of data.


d) Who is responsiblefor data processing?

The responsible party within the meaning of the GDPR is Vivid Ads LLC dba AdBox Socialof 30 N Gould St, STE 4000, Sheridan, WY 82801, USA (“AdBox Social”, “we”, “us”or “our”). If you have any questions or if you wish to exercise your rights,please contact us using our Socials on Facebook and Instagram, or e-mail

e) Whatare the legal bases of processing?

In accordance with the GDPR, we have to have atleast one of the following legal bases to process your Personal Data:


·For thefulfilment of contractual obligations

- Thepurposes of the data processing are primarily based on the service we provide.


· Withinthe framework of our legitimate interests

Where necessary, we process your data beyondthe actual performance of the contract in order to safeguard legitimateinterests of us or third parties. Examples are:

-  EnsuringIT security and IT operations,

-  Measuresfor business management and further development of our services,

-  Defenseagainst third-party claims and enforcement of own claims.


· Basedon your consent

- Insofar asyou have given us your consent to process personal data for certain purposes.


f) Isthere an obligation for me to provide data?

Within the scope of our business relationship, you are only required toprovide personal data that is necessary for the establishment, implementation,and termination of a business relationship or that we are legally obliged tocollect. Without this data, we will usually have to refuse to conclude thecontract or will no longer be able to perform an existing contract and may haveto terminate it.


Data wecollect automatically

a) Log data

Each time youvisit our website, our system automatically records the following data from thevisiting device and stores it in a so-called log file: i) Name of the retrievedfile, ii) date and time of the visit, iii) amount of data transferred, iv)message about successful retrieval, type of browser and version used, v) IPaddress (identification of the user's device), vi) Operating system of the visiting device, vii) Internetservice provider of the visiting device, viii) website from which you accessour website, and ix) which of our website pages you are accessing. The legalbasis for processing is our legitimate interest.


b) Cookies

We use so-called cookies on our website. Cookies are pieces ofinformation that are transmitted from our web server or third-party web serversto your web browser and stored there for later retrieval. For further informationon the Cookies we use, please refer to our Cookie Policy. The legal basis forprocessing is our legitimate interest and your consent.


c) Hosting

To provide our website, we use the services of Webflow,Inc. who processes all data to be processed in connection with the operationof this website on our behalf. The legal basis is our legitimate interest.


d) Content Management System (CMS)

We also usethe Content Management System (CMS) of Webflow, Inc. to publish and maintain thecreated and edited content and texts on our website. This means that allcontent and texts submitted to us is transferred to WordPress. This representsa legitimate interest.


e) Third-partyservices and content

We use content or service offers of third-partyproviders on the basis of our legitimate interests in order to integrate theircontent and services ("services").


This always requires that the third-party providers ofthis content are aware of the IP address of the user, as without the IP addressthey would not be able to send the content to their browser. The IP address istherefore necessary for the display of this content.


The following provides an overview of third-partyproviders and their content, together with links to their privacy policies,which contain further information on the processing of data and so-calledopt-out measures, if any,


· Analytics:

- GoogleAnalytics by Google LLC,

- Hotjar by Hotjar Ltd,

· Fonts:Google Fonts by Google LLC,

- Video: Vimeo by, Inc,

- Cookie Consent Tool: CookieYes LTD

- Remarketing and Advertisement:

- Facebook
- Remarketing by Meta
- Platforms Inc

Ifyou do not wish to participate in our advertising personalization orretargeting/tracking you can object to behavioraladvertising at the following websites: Your Online Choices, Digital Advertising Allianceof Canada, NetworkAdvertising Initiative, AdChoices and the EuropeanInteractive Digital Advertising Alliance (Europe only)


Data wecollect directly

a) Contacting us

Personal data is processed depending on the contact method. In additionto your name and email address, IP address or phone number, we usually collectthe context of your message, which may also include certain Personal Data. Thepersonal data collected when you contact us is used to process your request andthe legal basis is your consent.


If you contact or connect with us via thesocial media platforms on which we are present (currently, Facebook and Instagram) we and therelevant social media platform are jointly responsible for the processing ofyour data and enter into a so-called joint controller agreement. The legalbasis is our legitimate interest, your consent or, in some cases, theinitiation of a contractual service, if any.


b) When using our services

We process the Personal Data involved in your use of our services in order to be able to provide our contractual services. This includes in particular our services, support,correspondence with you, invoicing, fulfilment of our contractual, accountingand tax obligations. Accordingly, the data is processed on the basis of fulfilling ourcontractual obligations and our legal obligations.


We also offer to contact us via the messaging services of Slack Technologies, LLC . If you contact us viaSlack we store and use the data provided in accordance with the provision of acontractual measure to process and respond to your request.


c) Payment Data

If you make a purchase your payment will be processed via our paymentservice provider Stripe. Payment data will solely be processed throughStripe and we have no access to any Payment Data you may submit. The legalbasis for the provision of a payment system is the establishment andimplementation of the user contract for the use of the service.


d) OnboardingQuestionnaire

We provide a questionnaire to make the onboardingprocess as convenient as possible for you. The data processing is based on ourlegitimate interest lies in the technically error-free and optimized provisionof our services. The processing of thedata collected from you is based on contract as the processing ofpersonal data is necessary for the initiation of our services.


e) Administration,financial accounting, office organization, contact management

We processdata in the context of administrative tasks as well as organization of ourbusiness, and compliance with legal obligations, such as archiving. In thisregard, we process the same data that we process in the course of providing ourcontractual services. The processing bases are our legal obligations and ourlegitimate interest.


General Principles

a) Whoreceives my data?

Within AdBox Social, those that need your data to fulfil our contractualand legal obligations will receive access to it.


Processors used by us may also receive data for these purposes. Theseare companies in the categories of IT services, telecommunications, and salesand marketing. Where we use processors to provide our services, we takeappropriate legal precautions and corresponding technical and organizationalmeasures to ensure the protection of personal data in accordance with therelevant legal provisions.


Data is only passed on to third parties within the framework of legalrequirements. We only pass on users' data to third parties if this isnecessary, for example, for contractual purposes or on the basis of legitimateinterests in the economic and effective operation of our business or you haveconsented to the transfer of data.


b) Howlong will my data be stored?

As far as necessary, we process and store your personal data for theduration of our business relationship, which also includes, for example, theinitiation and execution of a contract.


In addition, we are subject to various storage and documentationobligations, which result from the minimum statutory retention periods amongothers. The retention and documentation periods specified there are 2 to 8years.


c) Howdo we secure your data?

Our websiteuses SSL or TLS encryption to ensure the security of data processing and toprotect the transmission of content or contact requests that you send to us. Wehave also implemented numerous security measures (“technical and organizationalmeasures”) for example encryption or need to know access, to ensure the mostcomplete protection of Personal Data processed through this website.


Nevertheless,internet-based data transmissions can always have security gaps, so thatabsolute protection cannot be guaranteed. And databases or data sets thatinclude Personal Data may be breached inadvertently or through wrongfulintrusion. Upon becoming aware of a data breach, we will notify all affectedindividuals whose Personal Data may have been compromised as expeditiously aspossible after which the breach was discovered.


d) Aredata transferred to a third country or to an international organization?

We may transfer your Personal Datato other companies and/or business partners, remote working employees and  staff members as necessary for the purposesdescribed in this Privacy Policy. In doing so, your Personal Data may betransferred to so called third countries. In order to provide adequateprotection for your Personal Data when it is transferred, we have contractualarrangements regarding such transfers. We take all reasonable technical andorganizational measures to protect the Personal Data we transfer.


e) SpecialCategory Data

Unlessspecifically required when using our services and explicit consent is obtainedfor that service, we do not process special category data.


f) COPPA (Children OnlinePrivacy Protection Act)

When it comes to the collection of PersonalInformation from children under the age of 13 years old, the Children’s OnlinePrivacy Protection Act (COPPA) puts parents in control. The Federal TradeCommission, United States’ consumer protection agency, enforces the COPPA Rule,which spells out what operators of websites and online services must do toprotect children’s privacy and safety online. We do not specifically market tochildren under the age of 13 years old. We donot request Personal Information from minors and children and do not knowinglycollect such data or pass it on to third parties.



The CAN-SPAMAct is a law that sets the rules for commercial email, establishes requirementsfor commercial messages, gives recipients the right to have emails stopped frombeing sent to them, and spells out tough penalties for violations. To be inaccordance with CANSPAM, we agree to the following: If at any time you wouldlike to unsubscribe from receiving future emails, you can email us, and we willpromptly remove you from ALL correspondence.


h) Controls For Do-Not-Track Features

Most web browsers and some mobile operating systemsand mobile applications include a Do-Not-Track ('DNT') feature or setting youcan activate to signal your privacy preference not to have data about youronline browsing activities monitored and collected. At this stage no uniformtechnology standard for recognising and implementing DNT signals has beenfinalised. As such, our website does not currently respond to DNT browsersignals or any other mechanism that automatically communicates your choice notto be tracked online. If a standard for online tracking is adopted that we mustfollow in the future, we will inform you about that practice in a revisedversion of this policy.

i) Automateddecision-making

Automateddecision-making is the process of making a decision by automated means withoutany human involvement. Automated decision-making including profiling does nottake place.


j) DoNot Sell

We do notsell your Personal Data.


Your Rights and Privileges

a) Privacyrights

Under the GDPR, you can exercisethe following rights:

  • Right to information
  • Right to rectification
  • Right to object to processing
  • Right to deletion
  • Right to data portability
  • Right of objection
  • Right to withdraw consent
  • Right to complain to a supervisory authority
  • Right not to be subject to a decision based solely on automated processing.


If you haveany questions about the nature of the Personal Data we hold about you, or ifyou wish to exercise any of your rights, please contact us.


b) Updatingyour information

If youbelieve that the information, we hold about you is inaccurate or that we are nolonger entitled to use it and want to request its rectification, deletion, orobject to its processing, please do so by contacting us.


c) Withdrawingyour consent

You canrevoke consents you have given at any time by contacting us. The legality ofthe data processing carried out until the revocation remains unaffected by therevocation.


d) AccessRequest

In the eventthat you wish to make a Data Subject Access Request, you may inform us inwriting of the same. We will respond to requests regarding access andcorrection as soon as reasonably possible. Should we not be able to respond toyour request within thirty (30) days, we will tell you why and when we will beable to respond to your request. If we are unable to provide you with anyPersonal Data or to make a correction requested by you, we will tell you why.


e) Complaintto a supervisory authority

You have the right to complain about ourprocessing of Personal Data to a supervisory authority responsible for dataprotection.


Validityand questions

This Privacy Policy is the current and validversion. However, we want topoint out that from time to time due to actual or legal changes a revision tothis policy may be necessary. If you would like to talk to us regarding ourprivacy practices, please contact us using.


Effective Date

Friday, April 28, 2023