If you are under 18 years old, please read our dedicated Child-Friendly Privacy Notice before creating an account with us or using our platform.
WeAre8, Pbc. and its affiliates, subsidiaries (WeAre8 Media Ltd in UK, WeAre8 Greece Plc in GR, Weare8 Australia Pty Ltd in AU) and related entities (“WeAre8”, “we, “our”) is committed to protecting the privacy and security of the personal data we collect about our B2B clients’ customers and representatives, as well as from your end customers and users of our services (“you/your”).
This privacy notice is applicable on a global scale, including to data subjects located across the world, and was built following the highest data protection standards from the applicable data protection regulations: these Data Protection Laws include the UK General Data Protection Regulation UK General Data Protection Regulation (“UK GDPR”) and / or EU General Data Protection Regulation (“EU GDPR” - EU Regulation 2016/679), the CCPA (California Consumer Privacy Act) and the Australian Privacy Act 1988 ( (whichever is applicable) and the Data Protection Act 2018 (“DPA 2018”).
The purpose of this privacy notice is to explain what personal data we collect about you either when your business become a client, you become a user, use our mobile application, watch our ads and receive remuneration for it, interact with our website, and contact us by telephone, email or other sources. In this privacy notice, we are also explaining what data we collect from our brands. When we do this, we are the Data Controller.
This Privacy Notice does not apply to third party platforms that may be accessible through hyperlinks on the website, or your relationship with the brands we partner with, which have their own privacy statement that we encourage you to review. Linking to a third-party site or partner does not mean that we endorse the site, any products or services described on the site or provided by them, or any other material contained in a third-party site. To the extent any linked platforms you visit are not owned or controlled by us, we are not responsible for the sites’ content, any use of the sites, or the privacy practices of the sites. Please review the privacy statement on those other brands’ platform to see how they handle your information.
Please read this privacy notice carefully as it provides important information about how we handle your personal information and your rights. If you have any questions about any aspect of this privacy notice you can contact us using the information provided below or emailing us at firstname.lastname@example.org.
Personal data we collect
We collect the following information from a variety of sources, including information that you give us directly (for example, when you post information or register on the website or platform), information that we receive from affiliates and other third-party sources (including other website, social media and platform users), information we receive from our business clients through the SAM-I system, and information automatically collected when you visit our platform and navigate through our platform (such as via cookies, pixels or web beacons), information we collect from you through our mobile application, SDK, external social media platforms, in telephone or email communication, in connection with social networking, or at one of our events.
We collect the following information from our website and platform users, and from our brand’s end-customers:
When user pay-outs exceed certain threshold (defined by country of residency) we are obligated to collect w9 or w-8ben or other Country specific tax documents for tax purposes:
When we collect influencer/consumer information and analytics we are getting from provided social accounts and from 8Stage on our own:
When we perform behavioural tracking and mapping activities while you use our platform and website:
More rarely, when we onboard brands as clients/partners, we may collect personal data that is embedded among business data, such as:
When we engage with investors who are natural persons, we may collecttheir:
Does WeAre8 Collect Information From Children?
WeAre8 does not intentionally collect information from children under 13 years of age, and children under age 13 should not submit any information to us nor access our platform. Even though we have an age gate that keeps children under 13 years of age from accessing our platform, it is still possible that such controls are bypassed, in which case, if we become aware that a child has provided us with information without parental consent, or a parent or guardian of a child contacts us through the contact information provided below, we will use reasonable efforts to delete the child’s information from our databases.
However, children between the age of 13 and 18 may use our app and benefit from watching our videos under the condition that consent and validation from a parent or guardian is obtained.
Purposes for which we use personal data and the lawful basis
When providing services to you, we may use your personal data for the following purposes and on the following lawful bases:
Where personal data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.
Sharing your data
8Stage: we share your information with the audience on the platform that you specifically identify as well as anyone when you share public content. All details about your public profile may be shared with other platform users.
We share your information such as opinions on brands, life habits and preferences with our partner brands in order to make it possible to provide you with our services and process your payment, as part as our service agreement. When we do it so, we make sure to fully anonymise your personal data and to only share aggregated data that cannot be traced back to you by any mechanism or process.
We may disclose your information to third parties who help us with our business functions, such as service and payments providers or suppliers, and with business partners. Such third parties are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. Examples of these service providers include entities that process credit card and other types of payments, help us moderate content posted on the platform, provide web hosting and cloud-based data storage services, or analytics services, or who assist with marketing functions. These services providers may be located around the world and in countries where privacy rules are different or less stringent than rules in the country where you reside.
In addition, we may share your information if necessary to protect the safety, property, or other rights of us, our customers, or employees, or when otherwise required by law. We may also share your information with your consent in certain circumstances.
We reserve the right to transfer information we have about you in the event we sell, transfer, or engage in another transaction involving all or a portion of our business or assets, or undertake another form of corporate change, including bankruptcy. Following such a sale, transfer, or transaction, or corporate change, you may contact the entity to which we transferred your information with any inquiries concerning the processing of that information.
The countries we are likely to disclose your information to include the UK, countries in the EEA, the USA, Australia. It is necessary that we share your personal data outside the UK, the European Union, or European Economic Area in order to provide you with our services. However, we will only share it with organisations in countries benefiting from a European Commission adequacy decision or on the basis of International Data Transfer Agreements approved by the Secretary of State, which contractually oblige the recipient to process and protect your personal data to the standard expected within the UK/EU/EEA. A copy of the model clauses can be provided on request. For Australian customers, we will take reasonable steps to ensure your data is handled consistently with the Australian Privacy Principles by any overseas recipients we disclose it to.
Whenever we engage and share your personal data with third-parties, we make sure to conduct a thoroughly due diligence assessment to guarantee any data will be shared in accordance with the highest UK GDPR/EU GDPR standards, and to sign the appropriate agreements.
Our platform allow you to connect you social network account. This is required for you to become a verified 8Creator and to publish content on our platform. WeAre8 will collect certain information from your social media account including your profile information (such as name, username, email address, profile picture, followers, following).
How long we keep your data
We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.
At the end of the retention period, your personal data will be securely deleted or anonymised, for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning.
You can delete your account at any time. When you delete your account or content you have posted on the Platform, that content (such as profile information, photos, and status updates) will no longer be viewable to the public or Platform users. However, your information will continue to be stored in our internal systems for our administrative purposes. In addition, information that other users have posted about you will remain on the Platform. We also participate in interest-based or behavioral advertising. This means that you may receive advertising on our website or other platform that are tailored to how you browse.
If you want to understand specific retention periods for specific types of personal data we hold from you, you may ask us for a copy of our Data Retention and Destruction Policy.
How we protect your data
We implement appropriate technical and organisational measures to protect data that we process from unauthorised disclosure, use, alteration or destruction.
In addition to the technical and organisational measures we have put in place, there are a number of simple things you can do to in order to further protect your personal information;
If you want to know more about the technical measures we adopt to protect data, you may ask us for a copy of our Information Security Polciy.
Your rights and options
You have the following rights in respect of your personal data:
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
If you wish to exercise your rights, please contact us at email@example.com. We will respond to your requests for access and correction within a reasonable time.
The California Consumer Privacy Act (CCPA)
If you live in California, you have certain rights concerning your personal information under the CCPA, such as:
• The right to know what personal information we have collected, used, and stored in the past 12 months;
• The right to know how we have been using your personal information in the past 12 months;
• The right to know what the purpose of using your personal data is;
• The right to ask us to delete your personal data from our database;
• The right to opt-out from any activities considered to be a “sale” of personal data under the CCPA: we do not sell, trade, share, or rent personal data for commercial purposes. However, we do engage in personal data sharing activities that could be considered “sales” under the CCPA, such as sharing commercial information, identifiers, or virtual network activity with third-parties. If you wish to opt-out from these activities (“sales”), please contact us at firstname.lastname@example.org, or ,alternatively, if you’re in the EU, at email@example.com.
• The right to not be discriminated against when exercising any of your rights concerning privacy.
You can find a detailed description of what kind of personal data we collect from you and how we use it in our activities in the past 12 months by reading our “Personal Data We Collect” and Purposes for which we use personal data and the lawful basis” sections of this Privacy Notice.
How to complain
If you live in the UK, you have the right to lodge a complaint with the relevant supervisory authority, if you believe we are infringing the data protection laws or you are concerned about the way in which we are handling your personal data.
The supervisory authority in the UK is the Information Commissioner’s Office who can be contacted using the information provided at: https://ico.org.uk/concerns/ or by telephone on 0303 123 1113.
If you are a resident of an USA state that has passed a Data Protection Law (such as California, Maryland, Colorado, Virginia and more), your data protection rights may be enforced by the Attorney General or district attorneys in your location.
If you are a resident of California, you have the right to lodge an online consumer complaint under the CCPA with the Attorney General at https://oag.ca.gov/contact/consumer-complaint-against-business-or-company.
If you are a resident of Australia, you have the right to lodge a complaint under the Privacy Act 1988 (so long as you have raised your concerns with us first) to the Office of the Australian Information Commissioner at firstname.lastname@example.org or by post, to:
Office of theAustralian Information Commissioner
GPO Box 5218,Sydney NSW 2001
If you have any questions, or wish to exercise any of your rights, then you can contact:
Weare8 Australia Pty Ltd
LEVEL 11 , 139 MACQUARIE STREET
WeAre8 Media Ltd
3 Bloomsbury Place
Weare8 Greece PLC
224 W 35th St
Ste 500 PMB 195
New York, NY 10001
Alternatively, you can email us at email@example.com
If you arein the EU, WeAre8 EU data protection representative contact details are:
DataRep (Data Protection Representative Limited)
DataRep, 24 Lagoumitzi str, Athens, 17671, Greece
All communications must be addressed to ‘DataRep’.
Changes to this privacy notice
We may update this notice (and any supplemental privacy notice), from time to time as shown below. We will notify of the changes where required by applicable law to do so.
Last modified: March 2, 2023. You can find previous versions of this notice here.