Fiverr Enterprise’s Privacy Policy

Last Updated: January 2024

This Privacy Policy (“Privacy Policy”) describes how we, Fiverr Enterprise, operated by Fiverr International Ltd., (together, “Fiverr Enterprise”, “we”, “our” or “us”) use, collect, process and store personal data  in the following use cases:

  1. When you visit our site at enterprise.fiverr.com (the “Site”) and app at app.enterprise.fiverr.com (collectively, the “App”).
  2. When you register, make use of, or interact with, our App or any services offered in the App or in connection with Fiverr Enterprise (the “Services”).
    1. When you create an account and make use of the App and Services.
    2. When you contact us for customer support.
  3. When you interact with us with respect to our services via various sales and marketing channels such as events, webinars, or other business activities as well as when we receive your data from third parties in connection with such activities.

By using the App and our Services, you acknowledge that you have read and understood this Privacy Policy. “Personal data” or “personal information” means any information that can be used, alone or together with other data, to uniquely identify any living human being.

All capitalized terms not defined herein shall have the meaning set forth in the Customer Terms of Service.

Table of contents:

  1. What information we collect, why we collect it, and how it is used
  2. How we protect and retain your personal data
  3. How we share your personal data
  4. Additional information regarding transfers of personal data
  5. Specific Provisions for EU, EEA and UK Users 
  6. Use by children
  7. Interaction with third-party products
  8. Log files
  9. Analytic tools
  10. Specific provisions for US Residents
  11. Other Privacy Information
  12. How to contact us

This Privacy Policy may be updated from time to time, any changes we make to this Policy will be posted on this Site, we will also take any other steps, to the extent required by applicable law, including notifying you about material changes.

1. What Information We Collect, Why We Collect It, and How It is Used

Specific personal data we collectWhy is the personal data collected and for what purposes?Legal basis (EU users)Retention period
When you visit our website
Cookies, analytic tools and log files and additional information automatically collected when you use our Site. For more information about how we use cookies, please read our cookies policy.Marketing, analytics, analysis, market research, product enhancement.Consent
Legitimate interest (e.g. essential cookies)
As long as it is necessary and relevant for our operations. Please note that we may retain it for a longer or shorter period in accordance with this policy and applicable laws.
When you register, make use of, or interact with, our App and Services
When you create an account and make use of the App and Services
  • Full name
  • Profile picture
  • Education
  • Professional skills
  • Payment method
  • Professional experience
  • Tax information
  • Any other data you decide to provide
  • Log files and additional information automatically collected when you use our App ans Services (such as, web logs, clicks, IP address, device and connection information, settings, etc.)
  • To be able to create an account
  • To be able to log in
  • To be able to enjoy features available to registered users only
  • To monitor, analyze and optimize your use of our services, including analyzing annual usage trends, and providing you and our business partners with new functionality and features.
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. 

Legitimate interest (e.g. to create an account)
As long as it is necessary and relevant for our operations.Please note that we may retain it for a longer or shorter period in accordance with this policy and applicable laws.  
When you contact us (e.g. customer support, need help, submit a request)
  • Account details
  • Any data you decide to provide
  • To assist you with your query
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Legitimate interest (e.g. respond to a query sent by you)
As long as it is necessary and relevant for our operations. Please note that we may retain it for a longer or shorter period in accordance with  this policy and applicable laws.  
When you interact with us with respect to our services via various sales and marketing channels as well as when we receive your data from third parties in connection with such activities
  • Full name
  • Email
  • Phone number
  • To establish a business connection
  • To send marketing communications
Depending on the context, legitimate interest, pre-contractual discussions or consent.As long as it is necessary and relevant for our operations.Please note that we may retain it for a longer or shorter period in accordance with this policy and applicable laws.

Finally, please note that some of the above mentioned personal data will be used for operating, monitoring, and facilitating the use of the Services, to improve the Services, to contact the users of the Services, for detecting, taking steps to prevent, and prosecution of fraud or other illegal activity, to identify and repair errors, to conduct audits, and for security purposes. Personal data may also be used to comply with applicable laws, with investigations performed by the relevant authorities, law enforcement purposes, and/or to exercise or defend legal claims. In certain cases, we may or will anonymize or de-identify your personal data. “Anonymous Information” means information which does not enable identification of an individual user, such as aggregated information about the use of our services. We may use Anonymous Information and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them).

Where relevant under applicable laws, all processing of your personal information will be justified by a “lawful ground” for processing. In the majority of cases, processing will be justified on the legal basis that:

  • you have provided your consent for us to use your personal information for a specific purpose;
  • our use of your personal information is necessary to perform a contract or take steps to enter into a contract with you (e.g. to provide you with services which you have purchased);
  • the processing is necessary to comply with a relevant legal obligation or regulatory obligation that we have (e.g. fraud prevention); or
  • the processing is necessary to support our legitimate interests as a business (e.g. to improve our services to you), subject to your overriding interests and fundamental rights and provided it is conducted at all times in a way that is proportionate.

2. How We Protect and Retain Your Personal Information

  1. Security. We have implemented technical, organizational and security measures designed to protect your personal data. However, please note that we cannot guarantee that the information will not be compromised as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.
  2. Retention of your personal data. In addition to the retention periods mentioned above, in some circumstances we may store your personal data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your personal data or dealings. 

3. How We Share Your Personal Data

In addition to the recipients described above, we may share your personal data as follows:

  1. With our service providers to facilitate our Services, provide the Services on our behalf to you, operate the App and Site, opening and operating your account as well as providing ancillary services. This includes, among others, hosting services, billing and payment processors and vendors, fraud detection and prevention services, CRM systems, IT SaaS services, session recording, communication systems, mailing systems, data optimization and marketing services, data enrichment services, legal and financial advisors and technical consultants. Consistent with applicable legal requirements, we take appropriate technical and organizational measures to require third parties to adequately safeguard personal information.
  2. With our business partners with whom we jointly offer products or services, where applicable. We may also share personal data with our affiliated companies.
  3. When you are invited by us to create a freelancer account and join our catalog, other users looking to hire a freelancer can browse and see your profile information such as education, skills, and top clients. When you engage with clients on the platform or otherwise communicate with them, further information will be shared with them.
  4. With other end usersusing the same Account. When you sign in to your user account your information will be shared with the admin of the Account and other end users of your Account. 
  5. To the extent necessary, with regulators, courts or competent authorities, to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order.
  6. If, in the future, we sell or transfer, or we consider selling or transferring, some or all of our business, shares or assets to a third party, we will disclose your personal data to such third party (whether actual or potential) in connection with the foregoing events.
  7. In the event that we are acquired by, or merged with, a third party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your personal data in connection with the foregoing events.
  8. Where you have provided your consent to us sharing or transferring your personal data (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality).

4. Additional Information Regarding Transfers of Personal Data

  1. Storage: AWS – New York – US.
  2. Access from Israel: Access from Israel is covered by the European Commission’s Adequacy Decision regarding Israel. You can read more here: ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
  3. Internal transfers: Transfers within the Fiverr group will be covered by an internal processing agreement entered into by members of the Fiverr group (an intra-group agreement) which contractually obliges each member to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred to.
  4. External transfers: Where we transfer your personal data outside of the EEA and the UK (for example to third parties who provide us with services), we ensure additional data transfer mechanisms to facilitate the transfer (for example, standard contractual clauses, EU-US Data Transfer Framework, etc.) and apply additional organizational and technological measures, as needed..

5. Specific Provisions for EU, EEA and UK Users

This section of the Policy applies to you if you are in the EU, the European Economic Area (EEA), or the UK.

  1. For certain activities on the App, Fiverr International Ltd. is the Controller (within the meaning of the EU and UK General Data Protection Regulation (“GDPR”)) for the processing of personal data as described in this Privacy Policy. 

Under applicable EU regulations, you have the following rights in respect to your personal data: 

  • to obtain information about how and on what basis your personal information is processed and to obtain a copy;
  • to rectify inaccurate personal information;
  • to erase your personal information in limited circumstances where (a) you believe that it is no longer necessary for us to hold your personal information; (b) we are processing your personal information on the basis of legitimate interests and you object to such processing, and we cannot demonstrate an overriding legitimate ground for the processing; (c) where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal information; and (d) where you believe the personal information we hold about you is being unlawfully processed by us;
  • to restrict processing of your personal information where: (a) the accuracy of the personal information is contested; (b) the processing is unlawful but you object to the erasure of the personal information; (c) we no longer require the personal information for the purposes for which it was collected, but it is required for the establishment, exercise or defence of a legal claim or (d) you have objected to us processing your personal information based on our legitimate interests and we are considering your objection;
  • to object to decisions which are based solely on automated processing or profiling;
  • where you have provided your personal information to us with your consent, to ask us for a copy of this data in a structured, machine-readable format and to ask us to share (port) this data to another data controller; or
  • to obtain a copy of or access to safeguards under which your personal information is transferred outside of the EEA.
  • You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.
  • Please note that the right of access and the right to erasure do not constitute absolute rights and the interests of other individuals may restrict your right of access or erase in accordance with local laws.
  1. You can exercise your rights by contacting us at service-ent@fiverr.com. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

6. Use by Children

We do not offer our products or services for the use by children and, therefore, we do not knowingly collect personal data from, and/or about children under the age of eighteen (18). If you are under the age of eighteen (18), do not provide any personal data to us without involvement of a parent or a guardian. For the purposes of the GDPR, we do not intend to offer information society services directly to children. In the event that we become aware that you provide personal data in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us at service-ent@fiverr.com.

7. Interaction With Third Party Products

We enable you to interact with third party websites, mobile software applications and products or services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect personal data from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.

8. Log Files

We use log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet Service Provider (ISP), date/time stamp, referring/exit pages, clicked pages and any other information your browser may send to us. We use such information to analyze trends, administer the App, track users’ movement around the App, and gather demographic information.

9. Analytic Tools

  • Google Analytics. The App uses a tool called “Google Analytics” to collect information about use of the App. Google Analytics collects information such as how often users visit this App, what pages they visit when they do so, and what other websites they used prior to coming to this App. We use the information we get from Google Analytics to maintain and improve the App, our services and our products. Google’s ability to use and share information collected by Google Analytics about your visits to this App is restricted by the Google Analytics Terms of Service, available at marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available at www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at tools.google.com/dlpage/gaoptout/.
  • Firebase Analytics. We also use “Google Analytics for Firebase”. We use the information we get from Google Analytics for Firebase to maintain and improve our App(s). Finally, please note that Google Analytics for Firebase’s terms (available at firebase.google.com/terms/) shall also apply.
  • Pendo and Logrocket.The App uses Pendo and Logrocket in order to better understand our users’ needs and to optimize this service and experience as well as analyze users’ behavior on the App. Pendo and Logrocket use cookies and other technologies to collect data on our users’ behavior and their devices (e.g, device’s IP address, device type (unique device identifiers), browser information, etc.). For further details, please see Pendo’s privacy policy at www.pendo.io/legal/privacy-policy/ and Logrocket privacy policy at logrocket.com/privacy.
  • Crazy Egg. The App uses Crazy Egg to collect information about use of the App, such as information like how visitors navigate around the Site and interact with the web pages. For more details please visit Crazy Egg’s privacy policy at www.crazyegg.com/privacy.
  • Facebook Pixels and SDKs. We use Facebook pixels or SDKs, which are tools that provide help to website owners and publishers, developers, advertisers, business partners (and their customers) and others integrate, use and exchange information with Facebook, as such the collection and use of information for ad targeting. Facebook’s ability to use and share information is governed by the Facebook Tools Terms, available at: www.facebook.com/legal/technology_terms. You can prevent your data from being used by Facebook Pixels and SDKs by exercising your choice through these mechanisms: www.aboutads.info choices or www.youronlinechoices.eu.
  • Google Signals. The App uses a tool called “Google Signals” to collect information about use of the App. When we activate Google Signals, some existing Google Analytics features are updated to also include aggregated data from Google users who have turned on “Ads Personalization” (Ads Personalization available at support.google.com/ads/answer/2662856/). Audiences that we create in Google Analytics and publish to Google Ads and other Google Marketing Platform advertising products can serve ads in cross device-eligible remarketing campaigns to Google users who have turned on Ads Personalization. Google Analytics collects additional information about users who have turned on Ads Personalization, base across device types and on aggregated data from users who have turned on Ads Personalization. The data is user based rather than session based. The Cross Device reports include only aggregated data. No data for individual users is ever exposed. You can modify your interests, choose whether your Personal Data is used to make ads more relevant to you, and turn on or off certain advertising services in the Ads Personalization link above.
  • Facebook Custom Audience Through our services, we allow third party advertising partners to set technologies and other tracking tools to collect information regarding your activities and your device (e.g., your IP address, mobile/website identifiers, page(s) visited, location, time of day). These advertising partners will use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third party websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We allow access to other data collected by the services to share information that may be useful, relevant, valuable or otherwise of interest to you. If you prefer not to share your Personal Information with third party advertising partners, you may let us know.

We reserve the right to remove or add new analytic tools.

10. Specific Provisions for US Residents

This section of the Policy applies to you, if you are a US resident, depending on where you live and subject to certain exceptions.

Do Not Track Notice: Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers.  Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers  

During the last twelve (12) months, we have collected the following categories of personal information from users:

  • Information that you chose to upload or otherwise provided by you to Fiverr Enterprise, which may include: (i) Identifiers and personal information, such as name, postal addresses, online identifiers, email addresses, phone number; (ii) characteristics of protected classifications, such as gender; facial image; audio, electronic or similar information; (iii) professional or employment-related information; (iv)education information; (v) commercial information; (vi) Audio or other sensory information, for example if you provide audio-based services on Fiverr Enterprise.
  • Information we collect when you use Fiverr Enterprise, including (i) Identifiers and personal information, such as online identifiers, internet protocol (IP) addresses, access device and connection information such as browser type, version, and time zone setting and browser plug-in types and versions; (ii) commercial information, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies; (iii) Internet or other electronic network activity information, including, but not limited to log-in and log-out time, the duration of sessions, the content uploaded and downloaded, viewed web-pages or specific content on web-pages, activity measures; (iv) Location information.
  • Information that we collect or receive from third parties, such as data provided by customers when they invite you to use the Platform, payment providers, advertisers, and third-party accounts you link with the Platform including: (i) Identifiers and personal information, such as name, online identifiers, email addresses, internet protocol (IP) addresses, access device and connection information such as browser type, version, and time zone setting and browser plug-in types and versions; (ii) Professional or employment-related information; (iii) Internet or other electronic network activity information, including, but not limited to log-in and log-out time, the duration of sessions, the content uploaded and downloaded, viewed web-pages or specific content on web-pages, activity measures; (iv) Commercial information; and (v) Location information.
  • Inferences drawn from any of the information identified above to create a profile about you.

We use the personal information that we collect or receive for the business purposes as described above under the Section titled “How We Share Your Personal Data”.

We may disclose the above listed categories of personal information to third parties for business purposes as described above under the Section titled “What Information We Collect, Why We Collect It, and How It is Used” in this Privacy Policy. In the preceding twelve (12) months, we have disclosed all the categories of personal information detailed above for business purposes.

You are entitled to the following rights, subject to certain exceptions, in relation to personal information related to you:

  • You have a right to request access to the personal information we have collected about you over the past 12 months, including: (i) the categories of personal information we collect about you; (ii) the categories of sources from which the personal information is collected; (iii) the business or commercial purpose for collecting your personal information; (iv) the categories of third parties with whom we have shared your personal information; (v) the specific pieces of personal information that we have collected about you.
  • You have a right to request that we delete personal information related to you that we collected from you under certain circumstances and exceptions.
  • You have a right to correct the personal information you provided us with.
  • You have a right to opt out of selling your personal information.
  • You have a right to opt out of targeted advertisement.
  • You also have a right not to be discriminated against for exercising your rights.
  • You also have a right to submit your request via an authorized agent. If you use an authorized agent to submit a request to access or delete your personal information on your behalf, the authorized agent must: (1) be a person or business entity registered with the relevant Secretary of State to conduct business in the relevant state; (2) provide proof of such registration; and (3) provide documentation or other proof indicating that they are authorized to act on your behalf. We may also require you to verify your identity directly with us, and directly confirm with us that you provided the authorized agent permission to submit the request.

To make such requests, we kindly ask you to contact us at service-ent@fiverr.com

11. Other Privacy Information

Where the services are made available to you through an organization (e.g. your employer), that organization is the administrator of the services and is responsible for the accounts over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this policy. 

12. Contact Us

If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at service-ent@fiverr.com.