Compliance
At Uscreen, we strive to be compliant with all essential laws that protect the private information of our customers and your end users.
End users can permanently delete their accounts so that the Uscreen platform is compliant with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
โน๏ธ INFO: The GDPR is a law in the European Union that oversees what companies can do with clients' personal information from the European Economic Area (EEA). The CCPA gives California consumers more control over their personal information and what businesses collect about them.
Account Deletion Process
Users can permanently delete their accounts or ask you, as a site Admin, to delete their accounts for them. Whenever a user permanently deletes an account, all of their private information is deleted from Mailchimp, Drip, and your store, including subscriptions, invoices, analytics, etc.
We will disassociate all identifying information and preserve the integrity of as much non-identifying data as we can. This means you will not lose sales history if a user deletes their account, however, you will lose their identifying information (name, email, etc.).
To delete an account, users will have to:
Sign in to their account on your website
Navigate to the User Dashboard: Profile page
Scroll down to the Danger Zone
Click Delete My Account
Confirm and complete the process
๐ Learn more about Deleting a User's Account
๐ NOTE: For members who purchased via mobile apps, you should advise them to cancel their in-app subscription first before deleting their account, as app store subscriptions are managed separately.
GDPR Compliance Guidelines
If you run an online business, odds are you have already heard and read about the GDPR, even if you are not in Europe. After this breakthrough law came into effect, other laws like Brazil's LGPD and California's CCPA have been brought forward as well, modeled largely after the GDPR, but each with its own differences.
โน๏ธ INFO: As a technology provider, we are constantly improving our system to provide you with the necessary tools to manage your store's data, including personally identifiable information, but the responsibility to use them effectively ultimately resides with the Store Owner.
End-users' accounts can be deleted and their information anonymized, aka the "right to be forgotten", from the People area, or the customer can delete their account directly from the Dashboard.
Emails
Emails comply with soft opt-in principles that allow you to send follow-up marketing emails to users who purchased on your site.
๐ Learn more about the Soft Opt-in Principle
Users are opted into emails when purchasing on Uscreen, but can opt out of any email they receive or directly from their dashboard.
Marketing tools like our Email Broadcast, where a purchase is not made, will show an opt-in checkbox since a prior relationship has not been established.
๐ Learn more about Email Broadcasts
Our system automatically filters your contacts to safeguard your email reputation. It filters out any contact who hasn't been active or opened any of your emails in 12 months. This precautionary measure helps minimize the likelihood of bounced and spam reports.
๐ Learn more about Spam Account Prevention & Removal
๐ NOTE: The opt-in checkbox is a mandatory field on your checkout page as it is part of our GDPR compliance system. It dynamically appears based on the user's geo-location.
Cookie Compliance
Uscreen automatically uses several essential cookies that are necessary for the platform to function properly:
Session tracking: Manages user sessions and login status
Country and IP tracking: Used for location-based features and security
Offer tracking: Applied during checkout processes
Email tracking: Used during checkout processes
You may consider adding a cookie consent pop-up to your site. Since Uscreen does not provide a built-in cookie consent feature, you'll need to implement a third-party solution.
๐ Learn more about Adding a Cookie Consent Banner
For a complete list of cookies used by Uscreen, please refer to our Essential Cookies at Uscreen article.
Terms & Conditions
All stores have a default terms of service page that users must agree to before making purchases. When users sign up on your website, they must "agree to any terms & conditions" as part of the account creation process before they can continue and complete their purchase.
Similarly, when users sign up through your mobile apps with in-app purchases, they're required to agree to the Terms of Service and Privacy Policy during the account creation step.
๐ Learn more about the Terms of Service Page
Data Storage and Security
Uscreen implements robust encryption and security protocols:
All data transferred between viewers and our servers is encrypted using the Transport Layer Security (TLS) protocol
Your storefront URL is secured by SSL certificates, ensuring all connections between web servers and customer browsers are encrypted
We provide free SSL certificates for all domains, automatically renewing them
For payment security:
We're PCI DSS compliant and use validated third-party providers like Stripe and PayPal
We don't store, process, or transmit cardholder data on our systems
Additional content protection includes:
Token-signed URLs prevent unauthorized downloads
IP concurrent session limits reduce password sharing
reCAPTCHA protection on sign-in and checkout pages
๐ Learn more about the Security Settings
Additional Recommendations for Compliance
Update Your Privacy Policy and Terms of Service
Review and update your VOD's privacy policy and terms of service, and consult with legal counsel
Ensure your policy clearly explains how you handle user data and cookies
Review Your Subprocessors
Review third-party subprocessors you're sending data to and determine whether these services are compliant with the GDPR
Set up proper data processing agreements with these services
Implement a Cookie Consent Banner
Add a cookie consent pop-up to inform your customers about tracking cookies
Ensure your banner is visible, accessible, and provides clear choices for users
Create a Data Retention Policy
Establish clear guidelines for how long you retain user data
Regularly review and delete data that's no longer needed
Document Your Compliance Efforts
Keep records of your compliance measures
This documentation can be valuable if you ever face questions about your practices
For more information on GDPR Compliance and Uscreen, check out our Blog post.
๐ NOTE: Please remember that we are not qualified to provide consulting services towards legal compliance. To be extra safe, you may want to hire a consultant or lawyer to ensure you have the necessary procedures in place for compliance.
FAQs
Do I need to comply with GDPR if I'm not based in Europe?
Do I need to comply with GDPR if I'm not based in Europe?
Yes, if you collect and store any EU residents' personal data, that includes anything as simple as processing names and email addresses of customers signing up to your VOD service.
What happens to user data when an account is deleted?
What happens to user data when an account is deleted?
When an account is deleted, all identifying information (name, email, etc.) is permanently removed for GDPR and CCPA compliance. Invoices and records will show as "Deleted User" with a number. This process is irreversible, and the data cannot be recovered.
Can I disable specific cookies on my Uscreen site?
Can I disable specific cookies on my Uscreen site?
Uscreen does not currently have a feature to disable specific cookies, so end-users will need to accept the full cookie track or not use the site.
Where is Uscreen user data stored?
Where is Uscreen user data stored?
While we mainly store data in US-based servers and global CDN servers, Uscreen is always committed to adhering to the GDPR and other data privacy laws.