Product licenses and terms of use

Skylum Privacy Policy

“Skylum” is a trading name of Shinyfields Limited, a Cyprus company with registration no. HE 256351 and an address at 4 Spyrou Kyprianou, office 401, 4001 Mesa Geitonia, Limassol, Cyprus, which operates itself and through certain affiliates, including Skylum Software USA, Inc., a Nevada corporation and Photolemur, Inc., a Delaware corporation (collectively, “Skylum,” “we,” “our,” or “us”). We take your privacy very seriously and are committed to protecting and respecting it.

Effective Date: May, 6 2026

This privacy policy (“Privacy Policy”) governs data collection, processing and usage practices of Skylum. Please read it together with the applicable product end user license agreement for the Skylum software product you received, the terms of use of any Skylum service to be provided to you, as well as the terms of use for any Skylum website you have visited. The Privacy Policy sets out the basis on which any Personal Data (as defined below) collected from you will be processed by us. You may provide Personal Data through your use of any website where this Privacy Policy is posted (a “Website”), or through your downloading, accessing, and/or use of, any Skylum software, applications, SaaS products, third party products or applications we make available for purchase, access and/or use, and codes or trial versions of our products or those of our suppliers (“Products”). This Privacy Policy also describes your choices regarding use, access and correction of your Personal Data. If you do not agree with the data practices described in this Privacy Policy, you should not use the Website or Products.

For European Union (“EU”) users, this Privacy Policy is subject to the provisions of the General Data Protection Regulation ("GDPR") and other applicable privacy laws. Under the GDPR, Shinyfields Limited is a data “Controller”, you are a “Data Subject” with certain protected privacy rights concerning your Personal Data, and Skylum may use “Processors” to the extent necessary to provide you with the Products and related services described herein.

Skylum will take commercially reasonable steps to maintain compliance with GDPR requirements. Any Processor shall be required to process Personal Data in accordance with its respective agreement with the Controller.

If you wish to comment or ask questions regarding this Privacy Policy, please write to [email protected].

This Privacy Policy does not apply to third party websites that you may be able to access via links on the Website, links within Products and/or activities offered by third parties. It does apply to Skylum’s use of Personal Data which is collected when you download Products through any website of an authorized provider or authorized reseller. However, Skylum is not responsible for the collection or use of your Personal Data by any third party when you use other websites.

The following explains our views and practices regarding your Personal Data.

Definitions

“Anonymous Data” means information that is not associated with or linked to your Personal Data. We may create Anonymous Data from (i) automatically gathered information or (ii) Personal Data, but after excluding information (such as your name) that may identify you.

“Personal Data” means information that you voluntarily submit to us which may identify you (or for business users, an end user) as an individual, such as your name, e-mail address, phone number, postal address, and similar information about yourself or your business. Personal Data can also include information that is publicly available or provided to us by third-party sources such as social media platforms, business partners, marketing partners, or publicly available databases. Personal Data also includes Navigational Information or Payment Information where such information can directly or indirectly identify an individual.

“Navigational Information” refers to information about your device and your interactions with our Website, such as your IP address, geographical location, browser type, length of visit and pages viewed.

“Payment Information” includes any credit or debit card, banking or other account information you submit when making a purchase. When you purchase a Product from us, we collect and process payment information from you using third party PCI-compliant service providers.

“Sensitive Information” includes credit or debit card numbers, bank account information, government identification numbers, precise geolocation data, biometric identifiers, health information, and other categories of information that may be treated as sensitive personal information under applicable privacy laws. Except for Payment Information processed for transactions, we do not intentionally collect sensitive personal information from users unless required to provide our services.

Your data that we collect and our sources of that data

We will collect the following data about you:

• Data you give us. You give us Personal Data:
  • by filling in forms on the Website. For instance, you give Personal Data when we create a user profile for you that enables access to Products or any services provided by us under a subscription agreement;
  • when you download Products;
  • if you agree to receive marketing communications from us;
  • if you ask to receive personalized online content;
  • when you report a problem with the Website or Products;
  • if you complete a survey or provide comments, opinions or feedback, for example, about Products or the Website;
  • if you contact or correspond with us for any other reason, for example, to find out more about a product or any support services we offer;
  • when you transmit to us or upload content including, but not limited to: photographs, opinions, comments, and other communications. Uploaded content may include photographs, images, or other visual media that contain identifiable individuals. Such images may be provided directly by users or by contributors who supply content for use within our Products. Skylum processes such content solely for the purpose of delivering the requested functionality of the Products, such as image editing, enhancement, or storage. Skylum does not use such images for facial recognition, biometric identification, or profiling; or
  • when you apply for a job with us.
• Data we collect about you. When you visit the Website or use Products we will automatically collect the following Personal Data and Anonymous Data:
  • technical information, including the type of device and its unique device identifier you use or access the Website or Products with, the Internet Protocol (IP) address used to connect your device to the Internet, any login information, browser type and version, time zone, browser plug-in types and versions, operating system, mobile network information and platform;
  • information about your visit to the Website including the full Uniform Resource Locators (URLs), clickstream to, through and from the Website or Products (including date and time), pages you viewed, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;
  • information about your use of Products and Website including the services that you have viewed, the duration spent using those services and data files uploaded to Products; and
  • usage reports in relation to use of Products, including user activity.
• Data provided by the Organization. For business users, the organization you work for or represent (the “Organization”) will give us information when:
  • Signing up to Products to enable us to create a user profile so that you (and/or your end users) may access Products under a subscription or enterprise agreement. This information may include your name, company email address, job title, team, location, end user information and any other information your Organization designates for collection.
• Data we receive from Third Parties. We may receive Personal Data about you from third party sources including:
  • Business partners with which we offer co-branded services or engage in joint marketing activities.
  • Resellers and distributors of Products and products compatible with Products.
  • Social media websites and social media applications.
  • Other third party sources such as search engines, certification bodies, regulatory bodies, risk assessors, online data providers, and industry journals.

Purpose and legal basis for processing your personal data

We, either directly or through our Processors, will, use the Personal Data held about you for the purposes stated below:

• To fulfill a contract, or to take actions connected to a contract. This applies if you have registered to use Products (whether paid, or as a free trial) or any Website. This includes:
  • Providing you with those Websites and Products that you registered to use, and any other services or products that you have requested, using information you provided to us as well as details of what we are providing to you (e.g., Product name, version, software keys, and other technical and non-technical details).
  • Verifying your identity and doing what is necessary to enable us take payments from bank, credit/debit cards or other payment source (e.g., PayPal), using a third party payment processing and online order fulfillment processor.
  • Sending necessary communications by e-mail or other means, for example, related to payments or expiration of a subscription.
  • Providing customer service or support.
• As required to conduct our business and pursue our legitimate interests, in particular:
  • Providing you with the Websites and Products you registered to use and any other products and services you have requested, or that your Organization has requested you register for or use, with use of information you or your Organization provided to us as well as details of what we are providing to you or your Organization (e.g., Product name, version, software keys, and other technical and non-technical details).
  • Improving security of the Websites and Products, and identifying and preventing fraud and software piracy.
  • Investigating and responding to any comments or complaints that you may send us directly or through social media.
  • Identifying and fixing any problems encountered by users of our Websites and Products, such as correcting unexpected errors and known issues.
  • Analyzing your use of the Websites and Products and measuring their effectiveness so that we may engage and retain more users. We have a legitimate interest in better understanding how they are being used, improving how the Websites and Products are presented, and the manner in which users engage with them.
  • Analyzing your use of the Websites and Products, and your interaction with communications we send you, so that we may tailor and customize our Websites, Products, and marketing communications sent to you.
  • Sending you information about Products and other services and special offers. Where required by applicable law, such communications will only be sent with your consent. Skylum does not sell or disclose your personal data to third parties for their own independent marketing purposes. However, we use analytics and marketing cookies that may share certain identifiers (such as IP address, cookie IDs, and device information) with our analytics and advertising partners. Where required by applicable law, these cookies are used only with your consent, which you may provide through our cookie management tool. In jurisdictions where consent is not required, such processing will be carried out in accordance with applicable law. You may withdraw or modify your consent at any time as described in our Cookies Policy.
  • Using automated systems (including machine learning and analytics tools) to analyze aggregated usage of the Websites and Products in order to improve our services and user experience. These systems are not used to make automated decisions that produce legal or similarly significant effects concerning individuals.
  • Conducting surveys and other market research to collect and analyze information about our customers, their interests, the effectiveness of our marketing campaigns, and customer satisfaction (but only where your consent is not required).
  • Checking the validity of any payment information you have submitted, such as bank account or credit/debit card number, or other payment method that you have submitted (e.g., PayPal), in order to prevent fraud, noting that we use third parties to resell our Products, process payments and/or fulfill orders, and that they have their own privacy policies which may be in effect with regard to your transaction.
  • For business users, using information provided to Skylum by your Organization in accordance with our agreement with the Organization, which may include all or some of the following: your name, name of the Organization, job title, team, Organization address, Organization phone number and Organization email address, Organization, end user information, or bank, credit or debit card or other payment details which have been provided to us. We may use any of this information for any of the purposes identified here as being useful or necessary in conducting our business and pursuing our legitimate interests.
  • Using information in connection with legal claims, compliance, regulatory and investigative purposes, including disclosure of information as required by law enforcement authorities or any litigation.
• Provided you have given us your consent:
  • Sending you information about Products and new products and services of ours or our business partners, special offers and similar information, and sharing your information with third parties for their own marketing purposes (where your consent is required).
  • Placing cookies, pixels, beacons and using similar technologies on our Websites, Software Products or in e-mail communications, in accordance with our Cookies Policy, and using the information provided to us when those technologies are used.
  • Using automated systems (including machine learning) to analyze the way you use the Websites and Products, in order to improve our services and the user experience (where your consent is required).
  • Conducting surveys and other market research to collect and analyze information about our customers, their interests, the effectiveness of our marketing campaigns, and customer satisfaction (where your consent is required).
  • At other times when we ask you for consent, we will use the information for the purposes which we explain at that time.
• For legal reasons:
  • Responding to requests by government or law enforcement authorities conducting an investigation.
  • To detect, prevent, or otherwise address fraud, security or technical issues and software piracy (e.g., to confirm that software is genuine and properly licensed).

Where we have a legal basis to use your Personal Data without consent (as we have described above), this policy fulfils our duty to process Personal Data fairly and lawfully, given the nature of our relationship with you, by giving you notice and an explanation of the way in which your Personal Data will be used. If consent is required for our use of your Personal Data, then by checking or ticking the consent box or otherwise communicating affirmatively with us, you consent to use of that Personal Data for the purposes covered by the specific consent you gave.

Please note that we may create, collect, use and share non-personal Anonymous Data in connection with the Website or Products.

How we use your personal data

In addition to the uses identified elsewhere in this Privacy Policy, we, either directly or through our Processors, may use your Personal Data to:

• improve your browsing experience by personalizing the Websites;
• promote use of our products or services to you and share promotional and information content with you in accordance with your communication preferences;
• provide anonymized, statistical information about our users to our business partners;
• send information to you regarding changes to our Privacy Policy or other legal agreements; or
• meet legal, accounting, or reporting requirements imposed on us.

We, either directly or through our Processors, also use information collected through our Products for the following purposes:

• to provide and improve the Products (which may include the detection, prevention and resolution of security and technical issues);
• to respond to customer support requests; and
• otherwise in accordance with the Products’ license terms.

We use Navigational Information to operate and improve the Websites and the Products. We may also use Navigational Information alone or in combination with Personal Data to provide you with personalized information about Skylum and its affiliates.

If collected by us, we, either directly or through our Processors, use Payment Information you provide solely to confirm your ability to pay and to collect payment. We also use our Processors, resellers, distributors and third-party service providers to manage payment processing and fulfil orders; you may be required to agree to their own terms when supplying payment and other information to resellers and third-party service providers. Skylum processes personal data only to the extent necessary for the purposes described in this Privacy Policy and seeks to limit collection and retention of personal data to what is reasonably necessary to provide our Products and services.

When you use our products

We use analytics software to allow us to better understand the functionality of our Products on your computing devices, and may use cookies installed on your computer to facilitate this process. Analytics software may record information such as how often you use the Product, the events that occur within the Product, aggregated usage, performance data, and to identify the source of the application download.

We may send push notifications to the Products from time to time in order to update you about events or promotions. You may turn off notifications from within the Product.

We may link information we store within the analytics software to Personal Data you submit when purchasing Products or interacting with our Website. We do this to improve services we offer you, to share information and marketing materials about our Products and those of others, and to improve our marketing, analytics and site functionality.

Marketing

With your consent, we would like to provide you with information about products, services and opportunities which may be of interest to you. We, either directly or through our Processors, may provide such information to you by email or through personalized online content and advertising through the Website, social media platforms or our online partners. If you initially consent to receive these materials by ticking the appropriate boxes, you can change your mind at any time by notifying us through [email protected], or, if applicable, in the unsubscribe link contained in the relevant marketing communication. We, either directly or through our Processors, may contact you regarding products of others that may be of interest to you, but we will not provide your Personal Data to other businesses for their marketing purposes.

AI Tools

AI Assistant. We provide an AI Assistant feature that enables users to request photo enhancements or modifications using natural language prompts. No data is transmitted to external services or third-party platforms during processing. Use of the AI Assistant is voluntary. When user engages with the AI Assistant, we process the following data which may include personal data: automatically generated textual description of the photo the user has selected for enhancement (generated by our systems automatically to contextualize the request); user-submitted prompt or query sent to the AI Assistant; response generated by the AI Assistant in response to the user’s prompt; user-provided rating or feedback, if any, related to the interaction with the Assistant. These data points may be associated with session-level identifiers or anonymous analytics data. We do not use this data to identify natural persons. The prompt, the Assistant’s response, any user-provided rating, and the automatically generated image description are associated only with the relevant image — not the user. The AI Assistant is designed exclusively to assist with image editing tasks. It does not expect, require, or is intended for processing any sensitive personal data. Users are discouraged from entering any non-photo-related or sensitive content. The processing of this data is carried out for the following purposes: to provide the AI Assistant functionality as requested by the user; to monitor and improve the performance, relevance, and accuracy of AI outputs; to support internal product development and model refinement. All user prompts sent to the AI Assistant are logged for quality assurance, feature improvement, and safety analysis. We do not use AI Assistant data to create behavioral profiles, infer characteristics, or identify any individual. The data is not used for automated decision-making that produces legal or similarly significant effects.

AI photo editing features. In addition to our in-house AI Assistant, we offer advanced AI photo editing features. These features are powered by external generative AI service providers that process images temporarily to generate enhancements based on the user’s request. These service providers may include cloud computing providers, artificial intelligence model providers, and infrastructure vendors that support image processing and generation functionality. When you activate one of these features, the selected photo and user input is securely transmitted to our third-party AI partners for the sole purpose of generating the requested enhancement (e.g., object removal, background expansion etc.). In some cases, limited technical metadata may also be transmitted to our AI partners as part of the service request, strictly for operational purposes. We do not permit these providers to use your data for any purpose other than delivering the requested functionality.

Facial images submitted through our Services (e.g., for refinement, enhancement, or editing) are used exclusively to deliver the requested functionality. These images are not analyzed, retained, or repurposed for facial recognition, identity matching, profiling, targeted marketing, or behavioral analytics. Any facial analysis conducted is performed in-memory and is not written to persistent storage or shared with external parties. Images may be temporarily stored only as needed to return results (original or modified) to the user. Such temporary processing is limited to the duration necessary to generate and deliver the requested output. Skylum does not and will never use facial images or associated data to identify users or track their behavior. Skylum does not collect, store, or use biometric identifiers such as facial geometry templates for the purpose of identifying individuals. Data you submit—such as images, videos, or other content—may be temporarily cached or securely stored where necessary to deliver the Service, investigate support issues, or ensure compliance with our terms of use.

Disclosure of your personal data

We may share your Personal Data with third parties in accordance with this Privacy Policy, including:

• other companies under our control or that are under common control with us may have access to your Personal Data, including Processors, but will adhere to this Privacy Policy;
• service providers, including Processors (for example, analytics services, payment service providers, order fulfilment partners, software developers, IT support service providers), business partners, suppliers and sub-contractors, for the performance of any contract we enter into with you, or who provide you with marketing communications;
• analytics and search engine providers that assist us in the improvement and optimization of the Website or Products;
• government or other law enforcement agencies, in connection with an investigation of unlawful activities or for other legal reasons (includes your location information);
• if we sell any business assets or receive loans or investment into our business, we may disclose your Personal Data to the prospective buyer, lender or investor;
• if Skylum or substantially all of its assets are acquired by another entity, your Personal Data will be disclosed and will be among the transferred assets;
• to our legal and other professional advisors for the purposes of taking advice; and
• if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce any contract between you and us or between the Organization or us; or to protect the rights, property or safety of Skylum, our users, or others.

Skylum does not sell personal information for monetary compensation. However, certain data disclosures, such as sharing identifiers with analytics or advertising partners, may be considered a sale or sharing under certain privacy laws. Where applicable law grants individuals the right to opt out of such disclosures, Skylum provides mechanisms to exercise those rights as described in this Privacy Policy.

Where we store your personal data

Products can be accessed and used worldwide. We may store and hold data collected in accordance with this Privacy Policy on systems located outside the European Economic Area (“EEA”), and may process it outside the EEA, including in instances where the Organization using Products is not based in the EEA, or where Products are accessed by a user who is not a resident of the EEA.

For EEA Residents Only: If Skylum itself is transferring your Personal Data to others outside the EEA, we will adhere to legal requirements to implement safeguards in relation to the transfer. Transferring your Personal Data to certain countries outside the EEA may not require additional safeguards, for example where the country has the benefit of an “adequacy decision” issued by the European Commission. If there has been no adequacy decision for the country (as is the case for the USA), that means that the laws of these countries are not deemed to provide adequate protection for your Personal Data. In those circumstances, we may implement any mechanism that is approved under data protection laws to ensure that your Personal Data is treated by those third parties in a way that is consistent with EU, Swiss and UK laws on data protection. These measures could include the following: implementing appropriate safeguards for international data transfers as permitted under applicable data protection laws, including the European Commission’s Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms; and/ or implementing EU GDPR standard contractual clauses with the recipient. For more information, please contact us at [email protected].

Security

All information you provide to us is stored on secure servers. We use technical and organizational measures to safeguard your Personal Data. If you have a user name and a password which enable you to access Products, you are responsible for keeping these access details confidential. Please do not share your user name or password with anyone.

Along with anyone with whom we share your Personal Data, we maintain appropriate technical and organizational measures for an appropriate level of security in respect of all Personal Data we process. However, the transmission of information via the internet is not completely secure. While we take reasonable measures to protect your Personal Data, we cannot guarantee the security of data transmitted to the Website or Products, and you acknowledge that any transmission of data is at your own risk. Once we have received your information, we use procedures and security features which are appropriate to the type of Personal Data you have provided to make reasonable commercial efforts to prevent unauthorized access or inadvertent disclosure.

Retaining personal data

Even if you request that we erase your data, we may still need to keep it under some circumstances, or may keep it as Anonymous Data. We will retain your Personal Data only for as long as reasonably necessary to fulfil the purposes described in this Privacy Policy, including to satisfy legal, accounting, or reporting obligations. For example, information associated with customer accounts or subscriptions may be retained for the duration of the relevant subscription relationship and for a limited period thereafter to comply with legal obligations, resolve disputes, or enforce our agreements. If we anonymize your Personal Data so that it can no longer be associated with you, we may use such information without further notice to you. If we are processing Personal Data as part of a Subscription Agreement and you have not agreed that we may use your data for marketing purposes, we will retain your Personal Data on record for no more than the duration of the Subscription Agreement and 6 years thereafter.

Your rights

You have the following rights with regard to your Personal Data:

Access. You have the right to access data we hold about you. This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.

Rectification or erasure. You have the right to request that we rectify or delete any Personal Data that we hold about you, unless we have the legal right to retain it, and you may withdraw your consent to our use of your Personal Data. This right does not extend to non-Personal Data. Further, if you request that we erase certain Personal Data required for use of a Product or to enable us to provide services to you, you may no longer be able to use the Product or receive the services. Finally, we will likely need to retain your Personal Data to enable us to carry out any contract with your Organization, and your rights under applicable law to request erasure may be limited accordingly.

Restriction. You also have the right to restrict us from processing your Personal Data if the data is inaccurate, the processing is unlawful, or we no longer need your Personal Data for the purposes for which we hold it.

Data portability. If the legal basis that we rely on for processing your Personal Data (as we describe in the section PURPOSE AND LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA) is either consent, or the performance of a contract with you, or if your Personal Data is being processed automatically then, to the extent feasible and that it does not adversely affect the rights of others, you have the right to ask us to provide you with the Personal Data that you have provided to us, in a structured, commonly used and machine-readable format. This could include data that we hold that results from observation of your use of the Websites or Products.

Object / change of preferences. You have a right to request that we stop processing your Personal Data where we are relying on a legitimate interest (or those of a third party). You also have the right to object where we are processing your Personal Data for direct marketing purposes. For example, if you have given your consent to receive updates from us, but have changed your mind, you have the ability to opt out from receiving future marketing communications by clicking the relevant link in any communication you receive, or by contacting us directly.

Unsubscribe From Our Communications. You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, updating your communication preferences, or by sending us an email at [email protected]. Customers may not opt-out of receiving administrative emails related to their account with us or the Products. Please allow at least 3 working days for opt-out request processing.

Complaints. If for any reason you are not happy with the way that we have handled your Personal Data, please contact us. If you are still unsatisfied, you may make a complaint to the Office of the Commissioner for Personal Data Protection of Cyprus.

U.S. STATE PRIVACY DISCLOSURES

Certain U.S. states provide their residents with specific rights regarding personal information. This section supplements the other information contained in this Privacy Policy and applies solely to residents of states whose laws provide such rights. The disclosures below are intended to provide additional information required under applicable state privacy laws. Where the same rights or disclosures apply across multiple states, we describe them collectively to avoid unnecessary duplication. If you are a resident of a state that provides specific privacy rights, the sections below provide additional information about the rights and protections that may apply to you under applicable state law.

WHAT RIGHTS DO I HAVE IN MY STATE?

California Residents (California Consumer Privacy Act / California Privacy Rights Act)
This section applies to California residents whose personal information is processed by Skylum and supplements the other information contained in this Privacy Policy. California law requires businesses to disclose the categories of personal information collected, the purposes for which such information is used, and the categories of third parties with whom the information may be shared. These categories include identifiers (such as name, email address, and IP address), commercial information (such as purchase history), internet or network activity information, device information, and other information described in the sections titled “Your data that we collect and our sources of that data” and “Disclosure of your personal data.”

Categories of Personal Information Collected, Sold, or Shared in the Preceding 12 Months:

Categories of Personal Information Collected, Sold, or Shared	Categories of Third-Party Recipients	Purpose for Disclosure
Identifiers (e.g., name, email address, IP address, cookie IDs, device IDs)	Analytics providers, advertising networks and platforms, social media platforms	Analytics, advertising, and measurement, including cross-context behavioral advertising where applicable
Internet or other electronic network activity information (e.g., browsing history, clickstream data, page interactions, product usage data)	Analytics providers, advertising networks and platforms	Analytics, measurement, and improvement of websites and products
Commercial and transaction information (e.g., purchase history, subscription details)	Payment processors, order fulfillment partners, resellers and distributors	Order fulfillment and payment processing
Professional or employment-related information (e.g., job title, company name, team)	Business partners engaged in co-branded services or joint marketing	Provision of enterprise services and business communications
Inferred information (e.g., preferences and interests derived from usage data)	Analytics providers, advertising networks and platforms	Analytics, personalization, and tailoring of marketing communications

Right to Data Portability. You have the right to request that we provide personal information we hold about you in a portable and, to the extent technically feasible, readily usable format.

Right to opt out of the “selling” or “sharing” of certain personal information. You have a right to opt out from future “sales” or “sharing” of personal information, each as defined in the CCPA. CCPA requires us to describe the categories of personal information we sell to or share with third parties and how to opt out of future sales or sharing. The CCPA defines personal information to include internet or other electronic network activity information which includes identifiers, such as IP addresses, cookie IDs, and mobile IDs. The law also defines a “sale” or “share” broadly to include simply making data available to third parties in some cases. We recognize certain browser-based opt-out signals, including Global Privacy Control (GPC) signals, where required by applicable law, as a valid request to opt out of the sale or sharing of personal information for the browser or device transmitting the signal. We do not knowingly sell or share the personal data of minors under 16 years of age.

Right to know or request categories of personal information. You have a right to request that we provide you details about the personal information we have collected about you. You also have a right to request additional data about our collection, use, disclosure, or sale of personal information, such as a list of the categories of personal information collected about you, and other related information for example the source of the information, categories of information shared or sold to third parties, and the purpose for sharing. For more information about the categories of personal information we collect and how we use and disclose such information, please see the sections titled ‘Your data that we collect and our sources of that data,’ ‘Disclosure of your personal data,’ and the table ‘Categories of Personal Information Collected, Sold, or Shared in the Past Year.’

Right to request correction. You have a right to request correction of inaccurate personal information.

Right to request deletion. You also have a right to request that we delete personal information under certain circumstances, subject to certain exceptions. For example, some information such as your purchase history and invoices, must be retained for tax and other business purposes.

Right to limit use and disclosure of sensitive personal information. You have a right to limit our use and disclosure of sensitive personal information for any purposes other than to provide the services or goods you request or as otherwise permitted by law. Note that we do not use or disclose sensitive personal information for any such additional purposes.

Right to designate an authorized agent. You may designate an authorized agent to make a request on your behalf. We may require the authorized agent to provide proof of authorization and may also require you to verify your identity directly with us.

Right against discrimination. You have a right to not be discriminated against for exercising your rights set out in the CCPA.

Right to notice. You have a right to receive notice of our practices at or before collection of personal data. This Privacy Policy serves as our notice at collection for purposes of the California Consumer Privacy Act and California Privacy Rights Act. If you would like to exercise any of the rights mentioned above, please email us at [email protected].

Shine the Light Law. Under California’s “Shine the Light” law, California customers who provided personal information to us may request information about whether we have disclosed personal information to any third parties for their direct marketing purposes. You may request further information about our compliance with this law by emailing [email protected]. Please note we are required to respond to one request per customer per year and we only respond to requests sent to this email address.

California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. Please send a detailed description of the specific content or information you wish to have removed via email to [email protected]. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.

Residents of Other U.S. States with Comprehensive Privacy Laws. Residents of certain U.S. states—including Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia—may have rights under applicable state privacy laws. Many of these laws provide similar rights regarding personal data. The scope of these rights may vary by state and may be subject to certain limitations or exceptions under applicable law. To avoid unnecessary duplication, we describe these rights collectively below. Skylum will comply with applicable state privacy laws to the extent they apply to our processing of personal data. The availability and scope of these rights may vary depending on the state in which you reside and the specific circumstances of our processing of your personal data.

Subject to applicable law, residents of these states may have the right to:

• Confirm whether we process personal data about you and access that data;
• Request correction of inaccuracies in your personal data;
• Request deletion of your personal data;
• Obtain a copy of your personal data in a portable and readily usable format;
• Opt out of the processing of personal data for purposes of targeted advertising;
• Opt out of the sale of personal data;
• Opt out of profiling in furtherance of decisions that produce legal or similarly significant effects;
• Appeal a decision regarding a request to exercise your privacy rights.

Where required by applicable law, you may also have the right to file a complaint with your State Attorney General. Some state privacy laws provide residents with the right to opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects. Where such processing activities occur, Skylum will honor applicable opt-out requests in accordance with the requirements of the relevant state privacy law. Where required by applicable state law, we may also recognize certain browser-based privacy signals, including Global Privacy Control (GPC) signals, as valid requests to opt out of targeted advertising or the sale of personal data for the browser or device transmitting the signal.

Requests to exercise these rights may be submitted by contacting us at [email protected]. We may take reasonable steps to verify your identity before responding. We will respond to verified consumer requests within forty-five (45) days of receipt. Where reasonably necessary, we may extend this response period once by an additional forty-five (45) days and will notify you of the reason for the extension. If we decline to take action on your request, you may have the right to appeal our decision by contacting us at [email protected]. We will review and respond to appeals in accordance with applicable law. To the extent Skylum maintains deidentified data, Skylum will maintain and use such information in deidentified form and will not attempt to reidentify it except as permitted by applicable law. Skylum will also contractually require any recipients of such deidentified data to comply with the same obligations. We will not discriminate against residents for exercising any rights described in this section. Please note that the rights mentioned above do not extend to non-Personal Data.

Do not track

Some web browsers include a “Do Not Track” (DNT) feature that signals to websites that a user does not want their online activity tracked. Because there is currently no universally accepted standard for responding to DNT signals, our Websites do not currently respond to them. However, where required by applicable law we may recognize browser-based privacy signals such as Global Privacy Control (GPC).

Children and young people’s information

We do not knowingly collect personal information from children under the age of 16 or knowingly permit them to create accounts or use our services, and we comply with applicable privacy laws relating to minors, including laws that provide additional protections for individuals under the age of 16. If you have concerns about this Website or Products, wish to find out if your child has accessed our services, or want us to remove your child’s Personal Data from our servers, please write to [email protected]. If we discover that personal information has been provided by a child under the age of 16, we will take reasonable steps to delete such information in accordance with applicable laws.

Changes to our privacy policy

Any changes we make to our Privacy Policy will be posted on this page and when possible, we will also notify you by e-mail. Continued use of the Website and/or Products will signify that you agree to such changes.

How to contact us

Questions, comments and requests regarding our Privacy Policy are welcome and should be addressed to Skylum USA 142 W 57th St, New York, NY 10019, by email to [email protected].