Privacy Policy

This Privacy Policy describes how CreativePlay Network ("we," "us," or "our") collects, uses, and shares information about you when you use our B2B marketplace platform and related services (the "Service"). By using our Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide to Us

Account Information

When you create an account, we collect:

• Name and business name
• Email address
• Phone number
• Business address
• Password (encrypted)
• Account type (Maker or Retail Buyer)
• Tax identification information (for sellers)

Profile Information

For Maker accounts, we collect additional information including:

• Business description and story
• Product catalogs and descriptions
• Images and media content
• Awards and certifications
• Social media links
• Wholesale pricing information

Payment Information

For subscription payments, we collect:

• Credit card details (processed securely through Stripe)
• Billing address
• Tax identification numbers where required

Communications

When you communicate through our platform:

• Messages between makers and retail buyers
• Support ticket contents
• Feedback and survey responses

1.2 Information We Collect Automatically

Usage Information

We automatically collect information about how you interact with our Service:

• Pages visited and features used
• Search queries and filters applied
• Products viewed and lists created
• Time spent on pages
• Click patterns and navigation paths

Device and Browser Information

• IP address
• Browser type and version
• Operating system
• Device type (desktop, mobile, tablet)
• Screen resolution
• Time zone and language preferences

Analytics Data

Through our analytics tools (Ahoy and HubSpot), we collect:

• Referral sources
• Session duration and frequency
• Geographic location (country/region level)
• Conversion events
• Page views and user journeys
• Form submissions and interactions
• Email engagement metrics

1.3 Information from Third Parties

Payment Processors

We receive limited information from Stripe about your payment transactions, including:

• Transaction status and history
• Subscription status
• Payment method type (last 4 digits only)

CRM Integration

If you're imported through our HubSpot integration, we may receive:

• Contact information
• Company details
• Previous interaction history

2. How We Use Your Information

2.1 To Provide Our Services

• Create and manage your account
• Process subscriptions and payments
• Enable connections between makers and retail buyers
• Facilitate messaging and communications
• Display product listings and profiles
• Manage team accounts and permissions

2.2 To Improve Our Platform

• Analyze usage patterns to enhance features
• Develop new functionalities
• Optimize search and discovery algorithms
• Personalize your experience
• Test new features (A/B testing)

2.3 For Communications

• Send transactional emails (order confirmations, password resets)
• Provide customer support
• Send product updates and announcements
• Marketing communications (with your consent)
• System notifications and alerts

2.4 For Safety and Security

• Detect and prevent fraud
• Monitor for security breaches
• Enforce our Terms of Service
• Protect users from harmful content
• Comply with legal obligations

3. How We Share Your Information

3.1 With Other Users

Certain information is shared with other users as part of the Service:

• Public Profiles: Maker profiles, including business information and product listings, are visible to retail buyers
• Messages: Communications sent through our platform are visible to the recipient
• Reviews and Ratings: If implemented, these may be publicly visible

3.2 With Service Providers

We share information with trusted third-party service providers:

• Stripe: For payment processing
• Fly.io: For application hosting and deployment
• Tigris: For object storage and file hosting
• Mailgun: For email delivery
• HubSpot: For CRM, analytics, and marketing automation
• Honeybadger: For error monitoring

3.3 For Legal Reasons

We may disclose information when required to:

• Comply with legal obligations or court orders
• Respond to government requests
• Protect our rights, property, or safety
• Protect the rights and safety of our users or others
• Investigate fraud or security issues

3.4 Business Transfers

If we merge with or are acquired by another company, your information may be transferred to the new entity. We will notify you before your information becomes subject to a different privacy policy.

3.5 Aggregated Information

We may share aggregated, non-personally identifiable information publicly or with partners for business purposes, such as industry reports or platform statistics.

4. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy:

• Account Information: Retained while your account is active and for 30 days after deletion
• Transaction Records: Retained for 7 years for tax and legal compliance
• Communications: Retained for 2 years or as required by law
• Analytics Data: Retained for 2 years in aggregated form
• Marketing Data: Retained until you unsubscribe or request deletion

5. Your Rights and Choices

5.1 Access and Portability

You have the right to access the personal information we hold about you. You can request a copy of your data in a structured, machine-readable format.

5.2 Correction

You can update or correct your information through your account settings or by contacting us.

5.3 Deletion

You can request deletion of your account and personal information. Note that we may retain certain information as required by law or for legitimate business purposes.

5.4 Marketing Communications

You can opt out of marketing emails by:

• Clicking the unsubscribe link in any marketing email
• Updating your communication preferences in account settings
• Contacting us directly

5.5 Cookies and Tracking

You can control cookies through your browser settings. Note that disabling cookies may limit your ability to use certain features of our Service.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit (SSL/TLS)
• Encryption of sensitive data at rest
• Regular security audits and testing
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses approved by regulatory authorities
• Ensuring recipients maintain adequate data protection standards
• Limiting transfers to what is necessary for service provision

8. Children's Privacy

Our Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete that information.

9. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about the categories and specific pieces of personal information we collect
• Right to Delete: You can request deletion of your personal information
• Right to Opt-Out: You can opt-out of the sale of your personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at hello@creativeplaynetwork.com.

10. European Privacy Rights

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Access: Right to access your personal data
• Rectification: Right to correct inaccurate data
• Erasure: Right to be forgotten
• Restriction: Right to restrict processing
• Portability: Right to data portability
• Objection: Right to object to processing
• Automated Decision-Making: Right not to be subject to automated decision-making

Our legal bases for processing include:

• Consent (for marketing communications)
• Contract (to provide our services)
• Legitimate interests (to improve our services and ensure security)
• Legal obligations (to comply with laws)

11. Cookies and Similar Technologies

11.1 Types of Cookies We Use

Essential Cookies

Required for the Service to function properly (e.g., authentication, security, user preferences).

Analytics Cookies

Help us understand how users interact with our Service to improve functionality. This includes:

• First-party analytics cookies from our own domain
• HubSpot tracking cookies for user behavior analytics and marketing attribution
• Session recording and heatmap data to improve user experience

Marketing Cookies

Used by HubSpot to track marketing campaign effectiveness and personalize your experience:

• Track which marketing campaigns brought you to our site
• Personalize content based on your interests
• Measure the effectiveness of our advertising
• Remember your preferences and previous interactions

Preference Cookies

Remember your settings and preferences (e.g., language, time zone).

11.2 Managing Cookies

Most browsers allow you to control cookies through settings. You can:

• Block all cookies
• Block third-party cookies only
• Clear cookies when you close your browser
• Accept cookies from specific websites

12. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes by:

• Updating the "Effective Date" at the top of this policy
• Sending you an email notification
• Displaying a prominent notice on our Service

Your continued use of our Service after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

For privacy-specific inquiries, you can also contact our Data Protection Officer at: privacy@creativeplaynetwork.com

15. Data Protection Officer

While not currently required by law for our operations, we take privacy seriously and have designated a team member to oversee data protection matters. You can contact them at privacy@creativeplaynetwork.com for any privacy-related concerns or to exercise your rights under applicable privacy laws.