European Privacy Policy

Last Updated: February 5, 2024

This Disco ("we", "us", or "our") is committed to protecting the privacy and security of your personal data. This privacy policy outlines how we collect, use, process, and protect the personal information of our users ("you" or "your") in European Economic Area, Switzerland and the United Kingdom in accordance with the General Data Protection Regulation (GDPR). This document contains information on how we collect, store, process, transfer, share use data that identifies or is associated with residents of the European Economic Area (“EEA”), Switzerland, and the United Kingdom (“UK”) (“personal data”) and information regarding our use of cookies and similar technologies. Please ensure that you have read and understood this European Privacy Policy before accessing or using the Website, App, or Services.

Purposes and Legal Bases for Our Using of Your Information

We do not sell your personal data – such as your name and contact information – to third parties to use for their own marketing purposes. Disco uses the information we collect for our legitimate interests which include the following:

Deliver our services: to provide you and the communities on disco the service we offer, communicate with you about your use of Disco, respond to your inquiries, provide troubleshooting, and for other customer service purposes.

Performance of a Contract: to fulfill an agreement between you and us, you and Disco communities, or you and a third-party offering services on Disco.

Personalization: to personalize your experiences while using Disco.

Analytics: to gather metrics to better understand how users access and use Disco; to evaluate and improve Disco, and to develop new products and services.

Comply with the law: to comply with legal obligations, as part of our general business operations, and for other business administration purposes.

Prevent Misuse: where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person or violations of the Terms of Service or this Privacy Policy.

- Provide our Services
- Personalization  
- Analytics  
- Comply with Law  
- Prevent Misuse

Interactions with the Disco platform

- Personalization  
- Analytics

Payment information such as your credit or debit card, payment authentication code, billing address and the date and time of the transaction.

- Performance of a contract
- Prevent misuse

Purpose of data collection

Profile information (first name, last name, email and any other information you provide to the communities on Disco)
Communication
Content you upload / add to Disco

Personal Data Collected


Data retention
We retain your personal data only as long as necessary to provide you with our services and as required by applicable laws. The criteria used to determine our retention periods include the length of time we have an ongoing relationship with you and whether there is a legal obligation to which we are subject.


Data storage and data transfer

Disco is headquartered in Canada, and has operations, entities and service providers in Canada and throughout the world. As such, we and our service providers may transfer your personal information to, or access it in, jurisdictions (including the United States) that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it, including through: putting in place appropriate written data processing terms and/or data transfer agreements, using the standard contractual clauses as approved by the European Commission June 4, 2021, or following an adequacy decision by the EU Commission.

We share your personal data with selected third parties, including payment processors and service providers, to fulfill our services. A list of our subprocessors can be found at https://trust.disco.co. When transferring data outside the EEA, we ensure appropriate safeguards are in place.

What Personal Information can I access?
Through your account settings, you may access, and, in some cases, edit or delete the following information you’ve provided to us:name and password email address user profile information, including images you may have uploaded to the site
The information you can view, update, and delete may change as the Services change.  If you have any questions about viewing or updating information we have on file about you, please contact us at privacy@disco.co

I'm in the EU and I have an inquiry

VeraSafe has been appointed as Disco's representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, VeraSafe can be contacted in addition to privacy@disco.co, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P

I'm in the UK and I have an inquiry

VeraSafe has been appointed as Disco's representative in the United Kingdom for data protection matters, pursuant to Article 27 of the United Kingdom General Data Protection Regulation. If you are located within the United Kingdom, VeraSafe can be contacted in addition to or instead of privacy@disco.co, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via
telephone at: +44 (20) 4532 2003.

Alternatively, VeraSafe can be contacted at:

VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom