Data Subject Access Request Page

Updated 12.23.19

EU and California Data Subject Rights

The California Consumer Privacy Act (CCPA) provides certain rights to California consumers – including the right to know the personal information that we may have about you, and the right to delete that information.  Similarly, EU data subjects have certain rights, including: a) The right to be informed about the types of data being processed and the legal basis for processing; b) the right to access and see the data being processed; c) the right of rectification, to make corrections to data subject to processing; d) the right to erase data; e) the right to restrict processing of data; f) the right of data portability; g) the right to object to the processing of data and f) the right not to be subject to automated decision-making. Collectively, we refer to those rights as EU and California Data Subject Rights.

ShareThis is committed to data protection, and we want EU and California consumers to be able to understand the information that we may have about them and/or the devices that they may use to access the Internet.  We generally ask only for the minimum information necessary to help us process EU and California Data Subject Rights and will keep information pertaining to your request for up to two years. If you are a customer or publisher of ShareThis with a login and password to the ShareThis platform, we ask that you first direct your request to the person or persons at your organization that administers the relationship with ShareThis.

If you make a subject access request as set out in this policy, you are entitled to see and delete the personal information that we have about you including any digital identifiers such as cookie IDs and mobile advertising IDs that ShareThis may store. We will generally attempt to confirm your request within 10 days and to fulfill your request within the time frame proscribed by applicable law.

Verifying EU and California Data Subject Rights

We may take steps to verify your request and may require you to demonstrate or attest via affidavit that you own or control the computer or device from which you are making such requests – particularly where you are seeking access to or deletion of pseudonymous personal information such as digital identifiers.

We will fulfill requests we are able to verify so long as we are not prohibited from doing so by applicable law and/or the information is not essential to us for billing, fraud prevention or security purposes. We will share our reason(s) for denying your request in the event that we are unable to fulfill your request. If we are unable to fulfil your deletion request, we may invite you to make a request to opt-out at our privacy policy.

California Data Subject Rights

Under the CCPA, your request to see the personal information that we have about you may include: (1) specific pieces of personal information that we may have about you; (2) categories of personal information we have collected about you; (3) categories of sources from which the personal information is collected; (4) categories of personal information that we sold or disclosed for a business purpose about you; (5) categories of third parties to whom the personal information was sold or disclosed for a business purpose under the CCPA; and (6) the business or commercial purpose for collecting or selling personal information. Most of this information is described at least generally in our privacy policy. California data subjects may also call us on our toll free CCPA privacy hotline at 1-800-272-1765.

CCPA Access and Deletion Requests made via Authorized Agents

California data subjects may make an access or deletion request via an authorized agent by having such agent follow the process below. Please note that we will request any authorized agent demonstrate that they have been authorized by you to make a request on your behalf. And we will directly verify your request and/or require you to complete an affidavit as described above. We request that any authorized agent provide us with contact details such as an email address and phone number so that we may ensure a timely response to the consumer.

Making an EU and California Data Subject Rights Request

Step 1: Locating Your Information

Providing us with your email address and telephone number should be relatively straightforward. Please note that we will send you an email to the address(es) provided in order to help us confirm and verify your request.

Here’s what you need to do in order to share your digital identifiers.  As described in our privacy policy our website and services may drop text files called “cookies” that are placed on your computer or device. For more general information about cookies, please visit http://www.allaboutcookies.org/. Some of the cookies we place may provide a unique ID which helps our systems recognize your browser or device over time.  In order to find these cookies, please use your Internet browser to look for cookies named “ShareThis.com ” which is the domain used by ShareThis’ Website.

Please keep in mind that different cookies are placed on each browser that you use to access the Internet. As a result, if you use multiple browsers (for example, Google Chrome and Mozilla Firefox), you will need to locate our cookies for each browser. Your browser’s help section should provide an overview of how to locate your cookies. An internet search of how you may find cookies in your browser may also be helpful. If you need more assistance locating these cookies for your browser, please feel free to email us for assistance at privacy@sharethis.com.

Mobile Devices

Additionally, certain mobile devices (for example, mobile phones or tablets using the iOS or Android operating systems) generate persistent a “Advertising Identifier” per device, which, among other things, can be used by third parties for purposes of providing you with targeted advertising. On iOS devices, your Advertising Identifier may be referred to as an “IDFA,” “IFA,” or an “ID for Advertising.” On Android devices, your Advertising Identifier may be referred to as an “Advertising ID.” Please follow instructions from your mobile device manufacturer on how to locate your specific Advertising Identifier.

Step 2: Verification of the Information Provided

In order to make sure that we are only providing personal information to the correct person, we also will need to take reasonable steps to verify your request. We request that you provide screen shots of any cookies and mobile Advertising Identifiers for which you are submitting a request. We also request that you fill out and personally sign the affidavit we’ve prepared. By filling out and signing the affidavit, you’re promising ShareThis that you’re the person listed on the affidavit, and to demonstrate that you are indeed connected to the personal data and digital identifiers you located in Step 1.

Step 3: Contacting ShareThis

Once you have located your Digital Identifiers and can provide us with the ability to verify those Digital Identifiers, you should reach out to us. The easiest way to do so would be to email us at privacy@sharethis.com.  Please make sure to include the following information in your email:

California and EU data subjects can also make a request by mail, by sending a written request with all of the above-listed information to the following address:

ShareThis, Inc.
Privacy Officer, ShareThis
3000 El Camino Real
5 Palo Alto Square, Suite 150
Palo Alto, CA 94306