1. Redirection of the request

We will first inform the Government Authority that we are not the original source of social media data. The original source of the social media data is managed and stored by the social networks. Creatosaurus does not permanently store social media data received from social networks, except in very limited cases, as Creatosaurus relies on real time APIs to retrieve the data which enables this information to be displayed in the services, and therefore, we are not the appropriate entity to receive these requests. We will then attempt to redirect the request to the relevant customer so the customer may directly respond to the request. We may need to provide the customer’s basic contact information to the Government Authority for these purposes.

2. Notification

In the event that redirection is not possible, we would attempt to notify the customer unless we are legally prohibited from doing so. This would provide the customer with an opportunity to manage the request and seek a protective order or other appropriate remedy.

3. Reviewing the legality and enforceability of the request

Where we are compelled to respond, we would review the request to assess whether it is lawful and enforceable in the jurisdiction of the Creatosaurus entity or Affiliate that controls the records that are the subject of the request, and determine if the request may need to be challenged. If the request is not lawful and enforceable, we will notify the Government Authority that we are unable to disclose any data.

4. Incompatibility with GDPR requirements

If Creatosaurus is legally prohibited from notifying the customer of the request, and we have reason to believe that the request is incompatible with European data protection requirements and conflicts with our existing contractual commitments to our customers, we will notify the customer of our inability to comply with European Data Protection Laws, and the customer will have the right to immediately suspend any further processing of personal data and/or terminate its agreement with Creatosaurus.

5. Minimizing the data provided

If it is determined that Creatosaurus is required to provide information in response to a valid and legally binding request and/or order from a Government Authority, only the minimum information will be provided to the extent legally permissible.

6. Information Request - Statistics

The table below sets out the number of Government Authority information requests that Creatosaurus receives annually.

United States National Security Requests - Creatosaurus has not received any United States national security requests, which include U.S. National Security Letters (“NSLs”) and requests issued under the Foreign Intelligence Surveillance Act (“FISA”).