Icon for VSCO

VSCO

VSCO is an image sharing social network and photography platform for iOS and Android.


Handling

Does the service allow third-party access to private personal data? Yes, not all parties specified

0/10

Decided Sept. 4, 2019 (revision history). This question accounts for 12% of the final score.

The policy allows sharing personal data with third-parties (not just critical service providers), and does not explicitly list the third-parties.

This may come in the form of outright data sharing or by using local third-party analytics software (such as Google Analytics, which collects a plethora of user information).

Note that whether the policy allows sharing aggregated user data does not affect this question.

If the personal data is encrypted when it passes through the third-party, it does not count as third-party access (as the data is inaccessible to that party).

If personal data has been made public by, for example, posting it to a blog, it does not count as private personal information (and is therefore not considered by this question).

Possible Options

Yes, not all parties specified0/10
Yes, all parties specified (including non-critical service providers such as advertisers)3/10
Yes, not all parties specified (but only to critical service providers)7/10
Yes, all parties specified (only to critical service providers)8/10
No10/10

Citation

We may share your information with third-party business partners, consultants and service providers that perform services on our behalf for the purpose of providing the Service to you (e.g., email providers, advertising networks, content or service fulfillment, analytics companies, etc.). Those business partners will be given limited access to your information that is reasonably necessary to deliver the Service. We may also share your information with our business partners who offer a service to you jointly with us, for example, when running a co-sponsored contest or promotion. From time to time, we may share your information with third parties who we think may offer you products or services you may enjoy.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Does the policy allow personally-targeted or behavioral marketing? Yes

0/10

Decided Sept. 4, 2019 (revision history). This question accounts for 12% of the final score.

Possible Options

Yes0/10
Yes, but you can opt-out3.5/10
Yes, but you must opt-in7/10
No10/10

Citation

Ads on our Service — We may permit third party online advertising networks to collect information about your use of our website over time so that they may play or display ads that may be relevant to your interests on our Service or on other websites or services.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


When does the policy allow law enforcement access to personal data? When reasonably requested

3/5

Decided Sept. 8, 2019 (revision history). This question accounts for 6% of the final score.

Possible Options

Always0/5
Not specified0/5
When reasonably requested3/5
Only when required by a court order or subpoena4/5
N/A (no personal data to share)5/5
Never (special legal jurisdiction)5/5

Citation

VSCO will disclose your information where required to do so by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our Terms of Use, or to protect the security or integrity of our Service; and/or (c) to exercise or protect the rights, property, or personal safety of VSCO, our Users or others.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Does the service allow you to permanently delete your personal data? No

0/5

Decided Sept. 8, 2019 (revision history). This question accounts for 6% of the final score.

Even if there is a reasonable delay before the data is fully deleted (as is common), the data still counts as "permanently deleted" and satisfies the parameters for this question.

Possible Options

No0/5
Yes, by contacting someone3/5
Yes, using an automated mechanism5/5
N/A (no personal information collected)5/5

Note

The policy does not specify whether a user can delete and export their personal data.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Collection

Does the service collect personal data from third parties? Yes

0/10

Decided Sept. 4, 2019 (revision history). This question accounts for 12% of the final score.

This includes the use of data brokers and independent verification authorities (such as background check providers).

Possible Options

Yes0/10
Only for critical data7/10
No10/10

Citation

We may receive information about you from third parties. For example, if you access our websites or Service through a third-party connection or log-in, for example, through Facebook Connect, by “following,” “liking,” adding the VSCO application, linking your account to the VSCO Service, etc., that third party may pass certain information about your use of its service to VSCO. This information could include, but is not limited to any information that you have permitted the third party to share with us, and any information you have made public in connection with that service. We may use this information to find your contacts on the Service, to let you know what your contacts are doing on the Service, and to let your contacts know what you are doing on the Service. We may also use it to suggest additional users or friends you may want to follow or connect with. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to VSCO’s websites or Service. You may also unlink your third party account from the Service by adjusting your settings on the third party service.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Does the policy list the personal data it collects? Yes, generally

7/10

Decided Sept. 4, 2019 (revision history). This question accounts for 12% of the final score.

All general categories of collected personal data are listed, though not all types of personal data are explicitly mentioned (for example, the list might use a phrase like 'such as' when listing types of personal data).

Possible Options

No0/10
Only summarily3/10
Yes, generally7/10
Yes, exhaustively10/10
N/A (no personal information is collected)10/10

Citation

Analytics information — We may directly collect analytics data, or use third-party analytics tools to help us measure traffic and usage trends for the Service. These tools collect information sent by your browser as part of a web page request, including the web pages you visit, your browser add-ons, your browser’s width and height, and other information that assists us in improving the Service. We may collect and use this analytics information in aggregate form such that it cannot reasonably be manipulated to identify any particular individual user. Cookies information — When you visit the Service, we and our third party partners may send one or more cookies — a small text file containing a string of alphanumeric characters — to your computer that uniquely identifies your browser and lets VSCO help you log in faster and enhance your navigation through the site. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click and other actions you take on the Service), and allow us or our business partners to track your usage of the Service over time. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Service may not function properly if the ability to accept cookies is disabled. You can find out more about our use of cookies and similar technologies in our Cookie Policy. Log file information — Log file information is automatically reported by your browser each time you access a web page. When you use our Service, our servers automatically record certain log file information. These server logs may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information. Clear gifs/web beacons information — When you use the Service, we may employ clear gifs (also known as web beacons) which are used to anonymously track the online usage patterns of our Users anonymously. In addition, we may also use clear gifs in HTML-based emails sent to our Users to track which emails are opened and which links are clicked by recipients. The information is allows for more accurate reporting and improvement of the Service. Device identifiers — When you access the Service by or through a mobile device (including but not limited to smart-phones or tablets) or computer, we may access, collect, monitor and/or remotely store one or more “device identifiers.” Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by VSCO. A device identifier may convey information to us about how you browse and use the Service. A device identifier may remain persistently on your device, to help you log in faster and enhance your navigation through the Service. Some features of the Service may not function properly if use or availability of device identifiers is impaired or disabled. Location data — When you access the Service by or through a mobile device, we may access, collect, monitor and/or remotely store “location data,” which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device. Location data may convey to us information about how you browse and use the Service. Some features of the Service, particularly location-based services, may not function properly if use or availability of location data is impaired or disabled. Ads on our Service — We may permit third party online advertising networks to collect information about your use of our website over time so that they may play or display ads that may be relevant to your interests on our Service or on other websites or services. Typically, these third-party ad servers or ad networks use cookies and other tracking technology to compile information about your browser’s or device’s visits and usage patterns on the Service and on other sites around the Web, to send you the ads that appear on the Service, to measure the effectiveness of their ads and to personalize the advertising content. The VSCO Privacy Policy does not apply to, and we cannot control the activities of, third-party advertisers. For more information about your choices regarding the use of your personal information for online advertising, please see our Cookie Policy.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Is it clear why the service collects the personal data that it does? Mostly

7/10

Decided Sept. 8, 2019 (revision history). This question accounts for 12% of the final score.

This question deals with transparency. Even if the service uses data for reasons that aren't ideal for privacy, provided they list all of those uses, the service can still receive full credit for this question. However, if they are not explicit about their uses (by employing language like "such as"), a lower score is assigned.

Possible Options

No0/10
Somewhat4/10
Mostly7/10
Yes10/10
No personal data is collected10/10

Citation

We use or may use the data collected through cookies, log files, device identifiers, location data and clear gifs information to: (a) remember information so that you will not have to re-enter it during your visit or the next time you visit the site; (b) provide custom, personalized content and information, including advertising; (c) to provide and monitor the effectiveness of our Service; (d) monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns; (e) diagnose or fix technology problems; (f) help you efficiently access your information after you sign in; and (h) track User Content and Users to the extent necessary to comply as a service provider with the Digital Millennium Copyright Act; and (i) to provide advertising to your browser or device.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Does the service allow the user to control whether personal data is used or collected for non-critical purposes? No

0/5

Decided Sept. 8, 2019 (revision history). This question accounts for 6% of the final score.

Some services allow users to opt-out or opt-in to of non-critical collection or use of personal data, such as collecting data for personalized advertisements.

Possible Options

No0/5
On an opt-out basis, but only for some non-critical data/uses1.5/5
On an opt-out basis, for all non-critical data/uses3/5
N/A (no data used for non-critical purposes)5/5
On an opt-in basis5/5

Note

Because third-party advertisers are on the platform (and there is no way to opt-out of advertising), the user cannot control whether their personal data is used or collected for non-critical purposes.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Transparency

Does the policy require users to be notified in case of a data breach? Yes, eventually

5/7

Decided Sept. 4, 2019 (revision history). This question accounts for 8% of the final score.

Users will be notified in case of a data breach, but within an unspecified amount of time.

Note that all companies operating in the EU are subject to Art. 33 of the GDPR, which requires companies to notify their data protection authority of a data breach within 72 hours of discovering it.

Possible Options

No0/7
Yes, eventually5/7
Yes, within 72 hours7/7
N/A (the service collects so little personal data that notification would not be possible)7/7

Citation

In the event that any information under our control is compromised as a result of a breach of security, VSCO will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Is the policy's history made available? Only the date it was last modified

3/5

Decided Sept. 4, 2019 (revision history). This question accounts for 6% of the final score.

Possible Options

No0/5
Only the date it was last modified3/5
Yes, with revisions or a change-log5/5

Citation

VSCO may, in its sole discretion, modify or update this Privacy Policy from time to time, and so you should review this page periodically. When we change the policy in a material manner, we will update the ‘last modified’ date at the bottom of this page.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Will the affected users be notified when the policy is meaningfully changed? No

0/5

Decided Sept. 4, 2019 (revision history). This question accounts for 6% of the final score.

Possible Options

No0/5
Yes5/5
N/A (no personal data—or contact information—collected)5/5

Citation

VSCO may, in its sole discretion, modify or update this Privacy Policy from time to time, and so you should review this page periodically. When we change the policy in a material manner, we will update the ‘last modified’ date at the bottom of this page.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.


Does the policy outline the service's general security practices? Somewhat

1/3

Decided Sept. 8, 2019 (revision history). This question accounts for 4% of the final score.

The policy provides only a very vague overview of its security practices.

Possible Options

No0/3
Somewhat1/3
Yes2/3
Yes, including audits2.5/3
N/A (no personal data collected)3/3
Yes, including independent audits3/3

Citation

Keeping your information safe — VSCO cares about the security of your information, and uses commercially reasonable safeguards to preserve the integrity and security of all information collected through the Service. However, VSCO cannot ensure or warrant the security of any information you transmit to VSCO or guarantee that information on the Service may not be accessed, disclosed, altered, or destroyed. Your privacy settings may also be affected by changes to the functionality of VSCO’s distributors, such as social networks. VSCO is not responsible for the functionality or security measures of any third party.

Click here to suggest a change or to flag this conclusion as incorrect, or here for more information.



Warnings

VSCO has no warnings published on PrivacySpy. PrivacySpy publishes warnings when it learns a service has announced a data breach or is found misusing user data. If you believe a warning should be published for VSCO, submit one here.


Highlighted Policy Snapshot ALPHA

Highlighted policy snapshots are a highly experimental feature that provide an annotated version of the privacy policy (displayed in a simplified 'reader view') with automatically-generated highlights. This feature is still in its early stages, so apologies if things don't look right!

3.1/10

How we calculate ratings →


Version Added

Sept. 2, 2019

Ratings Updated

Sept. 15, 2019

Warnings

0

Maintained by

YuriiStasiuk

Original Location
Open in New Tab
Other Versions