Last Updated: September 24, 2020
We call the Website, the Applications, and the Platforms together the “Services”.
Hopscotch provides social media management made easy. The Service is provided by Blue Fidelity Inc. and any references to “Hopscotch”, “we”, “us”, or “our” are references to Blue Fidelity Inc. (a Canadian corporation).
Information We Collect
Like most website operators, Hopscotch collects non-personally-identifying information of the sort that web browsers, platforms, and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Hopscotch's purpose in collecting non-personally identifying information is to better understand how Hopscotch's visitors use its services and to better provide related content to its visitors. From time to time, Hopscotch may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its service.
Hopscotch also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users. Hopscotch only discloses logged in user IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below.
Gathering of Personally-Identifying Information
Certain visitors to Hopscotch's services choose to interact with Hopscotch in ways that require Hopscotch to gather personally-identifying information. The amount and type of information that Hopscotch gathers depends on the nature of the interaction. For example, we ask visitors who sign up for an account at hopscotch.social to provide a name and email address. Those who engage in transactions with Hopscotch - by purchasing access to the Hopscotch paid service, for example - are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, Hopscotch collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor's interaction with Hopscotch. Hopscotch does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain service-related activities.
Connected Social Media Accounts
You, as a user, control how Content is generated, requested, submitted, or published and processed on our Services. When you use our Services, you may view, create, and analyze Content which will ultimately be published on the various Social Networks. As the user, you are the data controller of your Content and we are the data processor for such Content. Where we process Content, we do so at your direction and on your behalf in accordance with the instructions you give us through the Services. When you connect your social media accounts through our Services, we only access, process, and use the Content to provide our Services subject to the Terms and the various terms and conditions imposed by the Social Networks. This data will only be used by Hopscotch to provide you with the Service you expect and will not be shared with any third parties.
Processing of Content
When we receive or access data from our various Social Networks, we do so at your request and within each Social Network’s terms and conditions. As our user, you ultimately decide which Social Networks you want our Services to connect with and which Social Networks you want to share your data with. We process your Content, at your instruction, acting as a conduit between you and the Social Networks that you connect to our Services.
Access, Correction, and Deletion of Content
You should be aware that Hopscotch acts as a conduit between you and the various Social Networks. In several instances, the Content published via Hopscotch will not be in Hopscotch’s custody, and any Content that has been shared by you through any Social Networks via the Services may continue to be available to third parties and the public at large, as this Content is now under the control of the operators of the Social Networks.
An individual who seeks access to, or who seeks to correct or, amend inaccuracies in, or delete Content stored or processed by us on behalf of a user should direct his/her query to the Hopscotch user (the data controller) or to the Social Networks. Upon receipt of a request from one of our users for us to remove the data, we will respond to their request within thirty (30) days. Please note however that we may need to retain certain information on our systems for as long as you maintain an account for our Services, for record keeping purposes, to comply with our legal obligations, to resolve disputes, enforce our Terms, or as required or authorized by applicable law.
You may delete your account and associated data from Hopscotch by going to your Admin Settings page and clicking on the "Delete Account" button.
Third Party Services
In most cases, after you connect your Hopscotch account with a Third-Party Service, you can revoke our Services access to your data via the Settings page on the Third-Party Service's website. For example, users can revoke our Services access to their YouTube data via the Google security settings page at https://security.google.com/settings/security/permissions.
Third Party Payment Processor
Protection of Certain Personally-Identifying Information
Hopscotch discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on Hopscotch's behalf or to provide services available at Hopscotch's websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using Hopscotch's services, you consent to the transfer of such information to them. Hopscotch will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, Hopscotch discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when Hopscotch believes in good faith that disclosure is reasonably necessary to protect the property or rights of Hopscotch, third parties or the public at large. If you are a registered user of Hopscotch and have supplied your email address, Hopscotch may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what's going on with Hopscotch and our products. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. Hopscotch takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially personally-identifying and personally-identifying information.
Security and access to user data is of the highest importance to Hopscotch. Hopscotch implements and maintains industry-standard security policies and procedures that align with the National Institute of Standards and Technology (NIST) cybersecurity framework. Hopscotch follows industry best practices to protect personal information from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Account Data and Content we collect, use, process, and store, and the current state of technology. Account passwords are stored using a one-way salted hash and are not logged.
Hopscotch has several servers, distributed across multiple data center regions within the United States and Canada. Hopscotch currently uses DigitalOcean for its production data centers to provide the Hopscotch Services. DigitalOcean has been selected for its high standards of both physical and technological security, and has internationally recognized certifications and accreditations, demonstrating compliance with rigorous international standards, such as ISO 27001 and SOC. For more information about DigitalOcean certification and compliance, please visit the DigitalOcean Security website and the DigitalOcean Compliance website.
Traffic Optimization and Distribution
To enhance network security and speed of our Service, Hopscotch uses the CDN services provided by the technology partner CloudFlare Inc., based in the USA. For this purpose, all data passed to or from our Service pass through the worldwide network of CloudFlare, Inc. The use of CloudFlare's service is done in the interest of a secure and fast accessibility of our website. This service allows for static content distribution using servers located across different countries and to optimize performance. Hereby, the nearest data center is regularly used. CloudFlare may place a cookie in your browser to provide its services. The cookies do not correspond to any user ID, and do not store any personal data. For more information, please see CloudFlare's Privacy Statement.
An anonymous proxy is a server that functions as a relay between the user and a destination website. It hides the IP address of the user's machine from the website. To improve privacy and increase anonymity, Hopscotch uses an isolated environment in the Heroku cloud platform (PaaS) to proxy some user and server requests to external URLs. This includes images in social media posts that use a host that is not well known, some requests used by our "Add image from URL" and "Add free image" features, and all server requests to RSS Feed URLs. Only the necessary information is sent to our Heroku application to process the request and is not retained.
Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout the world. All applications run in self-contained environments that isolate processes, memory, and file systems using LXC while host-based firewalls restrict applications from establishing local network connections. Heroku utilizes the Amazon Web Service (AWS) technology and manages its infrastructure within Amazon’s ISO 27001 and FISMA certified data centers. Our proxy server applications run in AWS’s us-east-1 region, located in Northern Virginia in the United States. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. For additional technical information, please see Heroku's Security Policy.
Cookies and Similar Technologies
We may also automatically record certain information from your device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Service, the pages or other content you view or otherwise interact with on the Service, and the dates and times that you visit, access, or use the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message, to the extent permitted under applicable law.
If Hopscotch, or substantially all of its assets were acquired, or in the unlikely event that Hopscotch goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Hopscotch may continue to use your personal information as set forth in this policy.
Protection of Children
Our Services are intended for adults and should only be accessed by individuals of at least eighteen (18) years of age. Hopscotch does not intentionally collect personal data of persons under the age of eighteen (18). Hopscotch endeavors to adhere to the provisions of the Children's Online Privacy Protection Rule ("COPPA") and the General Data Protection Regulation of the EU ("GDPR").
Right of Access
You have the right to request that Hopscotch disclose certain information to you about our collection and use of your personal information over the past 12 months. To exercise your rights, please contact us at hopscotch.social/contact or create a support ticket. Hopscotch adheres to the provisions of the California Consumer Privacy Act (CCPA). We will not discriminate against you for exercising any of your CCPA rights.
Blue Fidelity Inc.
34 Yewfield Crescent
Toronto, ON M3B 2Y6