Fluencify legal
Public Creator Notice
You do not need a Fluencify account for this Notice to apply. It explains how limited public creator information may be used for relevant invitations and human-assisted campaign matching, and how to object, correct or remove it.
- Version
- PUBLIC-CREATOR-2026-07-10
- Effective and last updated
- 10 July 2026
Want us to stop? Email contact@fluencify.io with the subject “Public creator request” and include the platform and public handle. We will pause relevant use while we verify and handle the request, suppress the handle from re-ingestion where appropriate, and normally remove the profile after an upheld objection.
1. Who is responsible
Fluencify AB, org. no. 559484-6254, Solparksvägen 3, 169 54 Solna, Sweden, is the controller for the public-creator discovery activity described here. You can contact us at the address above or at contact@fluencify.io.
2. Why we may use public creator information
We help brands and agencies work with creators. We may consider limited public information to identify a creator whose publicly presented work appears relevant to a campaign, invite that creator to join Fluencify, reduce irrelevant outreach and help authorised personnel perform human-assisted campaign matching.
Our proposed legal basis is the legitimate interests of Fluencify, participating brands and creators in finding relevant, voluntary commercial opportunities. That interest is limited by your expectations and rights. Public availability does not remove GDPR protection and does not authorise unrestricted copying, indefinite profiling, sale of a dataset or use for unrelated purposes.
3. Data, sources and collection date
| Category | Examples | Source category |
|---|---|---|
| Profile | Public handle, profile name, bio, avatar and profile URL | Public social profile or public creator website |
| Public content | Public post URL, caption, thumbnail, video/image/audio and publication date | Public post or provider returning that public post |
| Public metrics | Follower, view, like, comment and other visible engagement counts | Public platform or data-source provider |
| Derived descriptors | Broad content topics, style, language and an estimated age band | AI-assisted analysis followed by human use |
| Provenance and rights | Source, collection/refresh time, notice status, correction, objection and suppression records | Fluencify's audit and rights workflow |
Source providers may include social-platform APIs or public pages and services such as ScrapeCreators, Apify, Supadata, YouTube Data API, DataImpulse-proxied public pages and similar reviewed sources. The provider used for a record depends on the platform and collection route. You may ask for the source information attached to your record.
4. What we do not intend to collect or infer
For this purpose, we do not need and must not intentionally create:
- special-category, biometric, health, ethnicity, religion, sexuality or political labels;
- criminal-offence, personality, attractiveness or free-form appearance scoring;
- precise home location or private contact details obtained from brokers;
- exact inferred age where a broad age-risk band is sufficient;
- copies of private content or content obtained by bypassing access controls; or
- information for model training, sale of a creator dataset or unrelated future use.
Public content can incidentally reveal sensitive or intimate information. Access and processing should be minimised, and a request concerning such content will receive heightened attention.
5. AI assistance and likely effects
Automated tools may transcribe public content, generate embeddings, suggest non-sensitive topics or style, assign a broad age-risk band and rank possible relevance to a campaign. Providers used in these flows may include Google Gemini, OpenAI, Anthropic and Braintrust for the specific technical function described in our provider records.
AI output can be inaccurate or biased. It is a non-binding suggestion for authorised human users and must not be the sole basis for a decision that produces legal or similarly significant effects. A possible consequence is that a creator is shown to an authorised Fluencify user for review, invited to join, or not surfaced for a particular opportunity. It does not guarantee eligibility, selection, work or compensation.
We do not target suspected minors for outreach. Where age is unclear, the record should be excluded or escalated for human age-risk review rather than treated as an adult because of an automated estimate.
6. Recipients and disclosure
Public creator data may be accessed by authorised Fluencify personnel and service providers that support hosting, storage, search, AI analysis and security. A limited profile may be shown to an authorised brand or agency user evaluating a relevant campaign match. We do not grant customers an unrestricted right to bulk-download, resell or use the public-creator corpus for unrelated purposes.
Some providers and authorised support teams may process data outside the EEA. We use an applicable GDPR Chapter V transfer mechanism, such as an adequacy decision or the European Commission's Standard Contractual Clauses, where a restricted transfer occurs. Contact us for route-specific information.
7. When we provide this information
We publish this stable Notice so it can be found before or independently of contact. At first direct contact, we aim to identify Fluencify, explain why the person was contacted, link directly here and provide an immediate opt-out. If there is no earlier contact or disclosure, we aim to provide Article 14 information within one month where contact details permit. Before identifiable profile data is disclosed to a customer, notice must have been provided or a specific, documented legal exception must apply.
We do not rely on the size of a dataset alone as a blanket reason to avoid individual transparency. We keep the applicable notice version, source, collection/refresh date, delivery route and objection status with the workflow record.
8. Freshness, retention and suppression
- Source facts should be refreshed at least every six months.
- An inactive candidate profile should be deleted after 12 months.
- Raw provider or AI payloads have a target maximum of 30 days unless a recorded lawful need applies.
- An upheld objection ordinarily results in prompt deletion or anonymisation and durable suppression of the source handle.
- A minimal suppression record may remain to prevent the same profile being collected or contacted again.
9. Your rights and how to use them
Subject to the GDPR's conditions and exceptions, you may request access, correction, deletion, restriction and information about your data and its source. You may object to processing based on legitimate interests. We will pause challenged non-marketing use while assessing the objection unless the law permits otherwise. An objection to direct marketing is absolute and marketing to that person will stop.
We do not need a passport merely because a profile is public. Start by giving the platform and handle; we will request only proportionate additional proof if needed to avoid deleting someone else's record. We normally respond within one month and explain any lawful extension or exception.
You may complain to Integritetsskyddsmyndigheten at imy.se or to the competent privacy authority where you live or work. The full Privacy Policy contains additional information about security, transfers, rights and providers.