Privacy Policy of 4 MB Technologies

This Privacy Policy outlines how we collect, use and share personal data of people who use or are connected to our services, are interested in 4 MB Technologies or its services, or to whom we wish to market our services. This privacy policy also provides you with information on your rights as a data subject and how to reach us if you have any questions.

This privacy policy does not apply to the practices of other businesses that 4 MB Technologies does not own or control, including other companies’ websites, services and applications (“Third Party Services”) that you can access through the Services or to individuals that 4 MB Technologies does not manage or employ. We encourage you to review the privacy policies of any third party services you access or use. Please note that we cannot take responsibility for the content or privacy policies of third party services, and any third party policies linked to this privacy policy are only for informational purposes only.

Please note that our privacy practices are subject to the applicable laws of the regions in which we operate. Accordingly, some additional region-specific terms will only apply to individuals in those locations, or as required by applicable laws. If you are a United States resident of California, Virginia, Colorado, Connecticut or certain other U.S. states, please see the sections titled California Privacy Rights, and Virginia/Colorado/Connecticut and certain other U.S. State Privacy Rights for specific disclosures with respect to our collection, use, and disclosure of your information and additional rights you have under applicable U.S. laws.

Accessibility: If you are having trouble in accessing this privacy policy, please write us at privacy@qrcode-stt.com

Contact information

This privacy policy describes the policies and procedures of 4 MB Technologies, Stentenberg str 31, 51702 Bergneustadt, Germany for the collection, use, and disclosure of personal data about you for which either of us act as the data controller, or for which we act as joint controllers, in accordance with the European Data Protection Regulation (“GDPR”) and other applicable laws.

If you have any questions or concerns regarding privacy when using the Services of 4 MB Technologies and wish to use your rights, such as to object to the processing or have your personal data removed, please send us a detailed message to privacy@qrcode-stt.com. We will make every effort to resolve your concerns.

4 MB technologies Services

4 MB technologies collects personal data about you from the following sources, as described in this privacy policy, when you (1) register for the Site, mobile app and the Services, through your user account with 4 MB technologies and Scan to Tell (STT), including registering through a third-party service (your “Account”); (2) use the Services; or (3) view or interact with the 4 MB technologies QR Code, article QR code, production QR code, or other 4 MB Technologies product on a third-party website. We collect the following types of information from you, some of which might be considered personal data under applicable law:

When you register for a STT web and STT app

When you create an account, we only ask for your email address to register. Providing your rest of the personal data, such as your name, phone number, company name, industry, email address, phone number and sign-in information, is voluntarily. It is not compulsory to provide this data to use our services. However, once you enter any one of these data, we collect this and process it to optimise and provide you best of our services. If you create an account using your login information from a third-party account, such as Google, we will access and collect the personal data about you that the third-party account provides (which is based on your privacy settings with the third-party account), so that you can log into your account with us. We use your contact information to send you information about our services and communicate with you about your account, your activities on our site and services and policy changes. You may unsubscribe from receiving certain types of these messages through your account settings or sending us email at privacy@qrcode-stt.com with your Email and login details, although 4 MB technologies reserves the right to contact you when we believe it is necessary, such as for administrative and account management purposes.

We may receive a confirmation when you open an email from us. We use this confirmation to improve our customer service.

You have the opportunity to add sub-users to your account. If you create a sub-user, the following personal data of the sub-user will be processed: Name, email address, IP address of the user’s device, date and time of sub-user creation and other login information.

Most of our features of the services allow registered users to provide their own content to the services, such as written descriptions of URLs, comments, images and video, pdf files, certificates. Unless you request deletion of your personal data as described in this privacy policy, all content submitted by you to the services may be retained by 4 MB technologies, even after you terminate your account and may continue to be shared by third parties, as described in this privacy policy.

When you create STT article / product QR Code, production QR code and personal QR code

Main feature of our service is to upload and embed all of the digital data in text, images, videos, web links, pdf files, article / product variations and its combination, in one QR Code for the product / article and also to include production related data like, variation combination, vendor details, batch number, manufacture date, expiry date, date of QR Code creation and so on. 4MB Technologies collects and stores all of the uploaded data, the generated QR Codes and their URLs, and any external URL added. We associate this information with your Account. 4MB technologies also collects and stores your IP address, your geolocation data (which we derive from your IP address), the time and date on which you created the QR Code or any of our product, and if you share a 4MB Technologies product on a social networking platform, the name of the platform and your username on that platform.

When you scan the STT generated QR Code and use the STT app

By scanning the STT generated QR Code without or with STT app, we collect the date and time for the scan, your IP address, your location based on you IP address. When you register and use our app, only Email address is mandatory to register it. All of your other personal information are voluntarily to provide. We collect and store these information. When you register and login to STT app using a third party services, like google, we collect and save the data form the third party provides depending upon your privacy setting with the third party. While saving your physical stuff in your customised wallet in the STT app, we collect and save the uploaded, images, texts, your expiry or any other alarms as well as the uploaded files.  We use and process this data for optimising and providing you best of our services. Notification for your added expiry and other alarms are sent to you via push up notification, which you can turn off from the app setting. To provide you the best services we can send you the message appearing as push up notification, in your home screen, in your wallet, in your inbox or anywhere else in the app, which may contain not limited to text, image, video, file and the web links.

When communicating for a particular product

4 MB Technologies provides the unique feature to the STT app user and the STT web users, to do product specific chat. App user can send more than one message to the company for a particular product with the same STT generated article / product QR Code, and likewise company can reply to the customers. The two-way communication goes on for the specific product as long as both parties willing to do so. 4 MB technologies, collects and store the messages from both side (company and customer), use and process it to optimise and provide you best of our services.

Geo location of the user

When a user scans the STT generated QR Code, with or without the STT app, we collect the user location data based upon the user’s IP address. We collect, use and process it to optimise and provide best of our services. Also, the web users get the QR Code location wise scanning data based upon the user IP address. 4MB Technologies does not guarantee for the exact location wise scanning data. As this data is collected on IP address based, there may be the places (countries and cities) shown in your home scanning analytics dashboard which you cannot expect.

When you interact with a 4 MB Technologies product

4 MB Technologies automatically collects personal data about the interaction (such as clicks or views) with every 4 MB Technologies product created through the services either our app.qrcode-stt.com links or our app or one of our branded domains on a third-party website. This information includes, but is not limited to: 1i) the IP address and location derived from the IP address; (2) internet or other electronic network activity information like the referring websites or services; (3) the time and date of each access; (4) device settings, such as browser type, operating system, and language; and (5) cookies, as described in our cookie policy, and mobile advertising identifiers. As described in this privacy policy, we use this personal data to provide the services, to understand and analyse how our services are used and to identify trends, and to detect, deter and prevent malicious, fraudulent or unlawful activity. Please see the “Information we share” section below for a description of how we may share information we collect when you create, view or interact with 4 MB Technologies products.

Uses across devices

We use the information we collect to make inferences that a unique individual has created or interacted with 4 MB Technologies and STT links, QR Codes or Links on different devices so that we can detect, deter and prevent malicious, fraudulent or unlawful activity and analyse how users use our services. For example, if you create a 4 MB Technologies product (e.g an article/product QR Code) on a computer connected to your residential WIFI network, and you soon thereafter clicked on a 4 MB Technologies product on a mobile device connected to the same WIFI network, we may infer that a single individual created and clicked on the 4 MB Technologies product because both events were associated with the same IP address in the same time period.

Other use cases

We also may use personal data to pursue legitimate interests, such as direct marketing, research (including marketing research), network and information security, prevention of fraudulent, malicious and unlawful activities, or any other purpose, as disclosed to you at the time you provide personal data or we contact you for the first time.

Information we share

The services are designed to help you share information with others. The following categories of personal data generated through your use of the services are shared publicly, within 4 MB Technologies and with the following categories of third parties for the business purposes described below.

4 MB Technologies and its Partners

Personal data related to your account and possible subscriptions for services of 4MB Technologies will be shared within 4 MB Technologies and its partner Eageltech solutions (in UK) to be used for our joint purposes as described under “Data Sharing and Joint Processing within 4MB Technologies”. Please note that if you hold a STT Account(s) and/or use 4 MB Technologies services managed by us or other 4 MB Technologies entities, such personal data is combined with personal data collected in connection with 4 MB Technologies services. Sharing and combining the personal data is based on 4 MB Technologies’s legitimate interests in finding interactions generated from performing, planning, and developing business in the company, and in promoting sales by cross and up-selling complementary products.

4 MB Technologies products you create

Much of your activity on and through the services is public by default. For example, when you create a STT Product QR Code, the all of the data you have uploaded to this product QR Code are publicly available, including the possibly included personal data.

Account information

Where permitted by law, if you register a 4 MB Technologies or STT account with an email address on a domain owned by an organization, (for example, an employer or educational institution where you have an email account), we may share your email address and information about your account, such as the number of QR Code you have created, with that organization to explore the organization’s interest in creating or managing an enterprise account or for related purposes.

Customer support

We use various tools for communication and to provide you with customer support. To use customer support, you must provide at least one valid email address. This data processing can include the following data: Name, email address, contract information, job title, employer, payment information, communication data. Data is processed to provide the services, offer customer support, communication with interested persons, responding to inquiries and customer relationship management. If the purpose of the contact is to conclude a contract or if you already have an account then we retain your information as needed to verify and provide you access to the services. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law. Personal data collection in connection with customer support will be shared within 4 MB Technologies to be used for our joint purposes as described under “Data Sharing and Joint Processing within 4 MB technologies.”

Email verification

We use an email verification service. The email address of a user is processed for the purpose of verification and to filter invalid and spam email addresses/domains. All email addresses which are provided to the verification service by us are automatically deleted after the verification process.

Email marketing

For some services, we use email marketing providers to send transactional emails. When you register for our services, the data you enter during registration is transferred to our email marketing provider. This enables us to send you relevant emails, e.g. to confirm your registration or unsubscribe from our services. Further personal data may be stored and evaluated as a result, especially the user’s activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and operating system). For this purpose, your data will also be stored by our email marketing provider. Your data will not be passed on to third parties for the purpose of sending mails within the scope of using our services, nor will the vendor obtain the right to pass on your data.

Information you select to share

When creating a 4 MB Technologies product, you can share that 4 MB Technologies product through third party services. Any information that you select to distribute through third party services, such as a social network post you create, may then become accessible to users of those services. We recommend that you review the terms of services and privacy policies of such third party services that you access through the services since 4 MB technologies does not control and is not responsible for the privacy practices of these third party services.

Information shared with the service providers

We may employ and contract with third parties to perform certain tasks on our behalf and under our direction (our “Service Providers”). We may need to share information about you with our service providers in order to fulfil certain business purposes, like providing our product with research and analytics on user behaviour and providing advertising products and services to users, processing payments, and providing email marketing and support services. Our agreements with these service providers authorize them to use your information only as necessary to provide services to us. Transfers to subsequent third parties are covered by our agreements with our service providers.

Payment processing

For the transmission and verification of purchases, the data processed include bank account details, billing/shipping address, card expiration date, customer name, CVC code, date/time/amount of transaction, device ID, email address, IP address/location, customer ID, payment card details, tax ID/status, unique customer identifier. We share your data in these cases to allow the payment processing services necessary to process the payments for your account.

Service optimisation

We use a variety of third-party vendors in order to optimize our service. Vendors are used to evaluate the flow of visitors to our online offerings and may include behaviour, interests or demographic information about visitors as pseudonymous values. With the help of these analyses, we can recognize, for example, which online offer, content or functions of our products are most frequently used or invite re-use. Likewise, we can understand which areas need optimization. Software may be used for analysing and optimizing online offerings based on feedback functions and pseudonymously performed measurements and analyses of user behaviour. In addition to web analytics, we may also use testing procedures, for example, to test and optimize different versions of our online offering or its components.

This processing may include IP address, random unique identifiers, experiment and event data associated with these identifiers (such as device type, variation and experiment IDs, browser and OS version and elements of the site being tested), device screen resolution, device type (unique device identifiers), operating system, browser type, geographic location (country only), preferred language, mouse events (movements, location and clicks), referring URL and domain, pages visited, date and time when website pages were accessed. The legal basis for the processing of personal data is the user’s given consent. In certain cases, your data will be processed on the basis of our legitimate interests of providing efficient, economical and recipient-friendly services and the improvement of our service.

Single Sign in

For some services, we allow users to select to use single sign in services such as Google, Single Sign on Services allow users to log in to other online presences with their profile without having to create separate accounts.

Tax and legal

Your personal data may be transferred to third parties for tax and legal reasons. Possible recipients are professionals (e.g. lawyers, tax consultants and auditors). In addition, data may be transferred to authorities (e.g. tax authorities) for tax and legal reasons. Such data transfer only takes place to recipients who are legally bound to secrecy.

The data may include the email address, IP address of the user’s device, date and time of registration, login information, address, contract information, payment information.

We have a legitimate interest in sharing personal data with professional consultants and auditors for the purpose of appropriate tax and legal consultation, and in some cases we are legally required to share this data.

Trust safety and compliance

We may share certain STT links, QR Codes, related URLs, and the data collected when you create or interact with a 4 MB Technologies product to help, detect, deter and prevent malicious, fraudulent or unlawful activity.

With your consent

 We will share information about you when you direct or otherwise instruct us to do so, such as when you share QR Codes or content with others through the services, if you intentionally use or direct us or the services to interact with third parties, or if we notify you that the information you provide will be shared in a particular manner and you provide such information (like sharing/posting it with a third-party service).

The legal basis for processing of customer data for the services and related communications is that the processing is necessary for the performance of the requested service and management of the customer relationship subject to 4 MB Technologies Terms of Service. The legal basis for other communications with the customer, such as marketing, is our legitimate interests to promote sales and increase awareness of 4 MB Technologies services, and communicate with our interest groups. Where such communications require consent, for example if we wish to market via email our services to a new customer who is a natural person in the EU, the legal basis is your consent. The legal basis for improving, monitoring and analysing the services, and to prevent malicious, fraudulent or unlawful activity is our legitimate interests to ensure security and lawfulness of our services, including protecting data of our customers and users, and preventing unauthorized or wrongful use.

This personal data is used to authenticate users to allow access to 4 MB Technologies services, to identify users to provide customer support, and store events and log information about your use of the services for purposes of audit in case of a security or other incident to have a trail of actions performed by us and our users, to maintain support records, to promote sales and increase awareness of 4 MB Technologies’s services, and for purposes of service and product improvement, and to prevent malicious fraudulent or unlawful activity. The data is removed upon request, except for data (such as user name) stored in application logs and audit trails, which are deleted according to our standard data management cycle. We retain the personal data we receive as described in this privacy policy for as long as you use our Services or as necessary to full the purpose(s) for which it was collected, provide our services, resolve disputes, establish legal defences, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable legal obligations. Aggregated data sets that do not contain personal data are stored for an indefinite period for the purpose of business analysis. The personal data is erased from or anonymized in our systems upon request of the data subject or the customer they represent, or if the data is detected as irrelevant in our automated or manual system maintenance, or after 3 years following the last contact with the data subject, whichever occurs first.

Contracts, purchase orders and Invoicing

For any individual that acts as the contact person for our customer, supplier, partner or other entity that we conduct or wish to conduct business with, we process the following information

  • Basic information (such as name, title, company name, work location and contact information)
  • Business connections
  • Communications

The individual acting as the contact person in a primary source of information, but the personal data may also be collected from your employees, your colleagues, and our (other) customers, suppliers and partners. The personal data is used to discuss business, pursue business opportunities, send notifications related to our services and otherwise communicate with you, contracting, invoicing and making payments. The processing is based on our legitimate interests to comply with contractual obligations, or the terms of agreements we have (or have had), maintaining relationships, and operating our business. In addition, the invoicing related personal data will be used in accounting and reporting, which processing shall be based on our obligations under the law.

Websites and contact requests

4 MB Technologies process personal data gathered when you use or access our respective websites, including any and all subdomains of the sites (each “Site”, as applicable), respectively.

Each time site and our system are accessed, our system automatically collects data and relevant information from the computer system of the calling device.

The following data is collected:

  • Browser type and version used
  • The user’s operating system
  • The user’s internet service provider
  • The IP address of the user
  • Date and time of access
  • Web pages from which the user’s system accessed our website
  • Web pages accessed by the user’s system through our website

This data is stored in the log files of our system. This data is not stored together with other personal data of the user. The temporary storage of the IP address by the system is necessary for the delivery of the website to the computer of the user. For this purpose, the user’s IP address must be kept for the duration of the session. The storage in log files is done to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our IT systems. An analysis of this data for marketing purposes does not take place. The legal basis for the temporary storage and other processing described above of data and logfiles is our legitimate interest to maintain functionality and ensure security of our website.

If you subscribe to our newsletter, request materials available from the website, send us a contact request, interact with our chat bot or otherwise contact us, we will likely add you to our list of commercial contacts. Please see the section “Newsletter, Events and Marketing” of this privacy policy to learn more about personal data processing in that regard. Please note that our services and resources are designed for business customers only (and should not even be interesting to consumers), and thus we presume that everyone contacting us and interested in our services represent a business, not a private individual. Personal data derived from our websites and contact requests are deleted upon request of the contact, if the data is identified as out of date, or if the contact is no longer deemed a suitable candidate for our services.

If you connect with us using various social media platforms and/or professional networks, please note that 4 MB Technologies does not control or have influence over how those platforms process your personal data. We recommend that you contact those third-party platforms directly for information on their processing. Here are some links for your convenience:

Twitter: https://twitter.com/de/privacy
YouTube: https://policies.google.com/privacy?gl=DE&hl=en
LinkedIn: https://www.linkedin.com/legal/privacy-policy

Facebook: https://www.facebook.com/privacy/policy/?entry_point=facebook_page_footer

 

4 MB Technologies may use third-party APIs and software development kits (“SDKs”) to provide certain functions in our services. We use cookies and similar technologies for the following purposes: Technically necessary, comfort, statistics, and marketing. When we use cookies and/or similar techniques for processing personal data, the types of personal data processed may vary, depending on the categories of cookies or similar techniques. Non-essential cookies are used only with your consent. You have the option of preventing cookies from being used.

Please see our Cookie Policy to learn how 4 MB Technologies and its partners use cookies or similar technologies to analyse trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base.

Newsletters, events and Marketing

If you subscribe to our newsletter or for other materials (such as blogs, newsletters available on our websites), we will process the given contact information to send the newsletter or provide the materials. Such processing is based on your consent and the necessity to fulfil our obligation to provide the subscribed material(s). The contact information is retained and possibly shared as described below.

We use following information to communicate on and promote our services (as compatible with the original purposes, if data is collected in another occasion):

  • Basic information (such as name, title, company name, work location, contact information)
  • Basic business information
  • Business connections (to our former, current and potential customers and other relevant entities)
  • Expressed interest to our products and services (such as download of specific materials)
  • Communications
  • Events
  • Marketing preferences (such as subscribed newsletter(s))

The information is obtained from you (e.g. in connection with interaction we have with you, the subscription(s) and website forms, event registrations, demo requests or other contact requests and communications (including on third party platforms, such as LinkedIn), or our cooperation partners (for example, our referral partners may disclose us information on potential customers or organizers of events which we sponsor may disclose us information on participants). Subject to your (cookie) consent, this data may be combined with information on online activity data in our website domains. Such data is gathered with cookies, please see our cookie policies for detailed description.

The personal data above is used to generate leads, target marketing activities to the contacts representing potential and current customers (for example to help our sales teams to target their efforts to contacts with potential interest in our services) and other stakeholders (including our suppliers and partners), and to retarget and customize our marketing. Naturally, the data is used to provide product and service updates, announce new materials, invitations to our events, and otherwise market our products and services and provide related information in different channels, such as emails, phone calls, on social platforms and over display. For example, we may retarget relevant contacts by serving new retail content on LinkedIn based on previous engagement with retail content on the 4 MB Technologies and STT websites. In addition, personal data is used, as applicable, for business intelligence, market and customer analysis, reporting and statistical purposes, and to better understand how people interact with our websites and services.

Once we have obtained your consent, the processing is needed to carry out marketing and reach our current and potential customers. You have a right to prohibit use of your contact information in marketing at any time by using the available web-tools (such as the “unsubscribe” button at the end of newsletter) or by sending us a notice via email at privacy@qrcode-stt.com .

Personal data stored for marketing purposes are deleted upon request of the contact, if the data is identified as out of date, or if the contact is no longer deemed a suitable candidate for our services.

Data sharing and joint processing with in 4MB Technologies

Please note that if you hold a STT account(s) and/or use 4 MB Technologies services managed by other 4 MB Technologies entities, personal data collected by us is combined with personal data collected in connection with such other services. Sharing and combining the personal data is based on 4 MB Technologies’s legitimate interests in finding synergies generated from performing, planning, and developing business at the company level, and in promoting sales by cross and up-selling complementary products of group companies. The 4MB Technologies have combined their customer support services to provide more effective global customer support. Your inquiries can be answered by both STT and 4 MB Technologies employees and collaborators. You can assert your data subject rights with 4 MB Technologies as well as with STT. The primary responsibility under GDPR for the processing of data lies with the entity which you are contracting or which is communicating with you.

Personal data may be transferred outside the European Union and the European Economic Area (EAA), including, but not limited to, the United States of America as well as other locations and jurisdictions in which we conduct our business or our service providers are located. Such transfers are performed subject to standard data protection clauses adopted by the EU Commission in accordance with the GDPR, which are made available to the data subject upon request.

Business transfer

We may transfer and/or provide information about our users in connection with an acquisition, sale of company assets, or other situation where user information would be transferred as one of our business assets. You will be notified via email and/or a prominent notice on our website. In such a case, the acquirer of 4 MB Technologies may continue to use your information as set forth in this policy or as otherwise allowed by law.

Protection of 4 MB Technologies and others

4 MB Technologies may access, read, preserve, and disclose any information it collects when it has a good faith belief that doing so is reasonably necessary to (1) Comply with a law, regulation, or compulsory legal request, including process from a governmental law enforcement or national security agency, (2) Enforce this privacy policy or our terms of service, including investigation of potential violations hereof, (3) Detect, deter, prevent or otherwise address malicious, fraudulent or unlawful activity, (4) Respond to user support requests, or (5) Protect the rights, property or safety of 4 MB Technologies, its users and the public. This includes exchanging information with other companies and organizations for protection from malicious, fraudulent or unlawful activity.

Data analysis and business insights

Account, subscription and payment related personal data will be shared also within 4 MB Technologies to be used for our joint purposes. Please note that if you hold a STT Account(s) and/or use any 4 MB Technologies services such as STT, such personal data is combined with personal data collected in connection with such accounts and services. Sharing and combining the personal data is based on 4 MB Technologies’s legitimate interests in finding synergies generated from performing, planning, and developing business at the group level, and in promoting sales by cross and up-selling complementary products of group companies.

4 MB Technologies has joint business intelligence operations, making use of following personal data shared within 4 MB Technologies:

  • Account information, subscriptions to the services, and payment data,
  • User events, account creation, product usage and other usage data (such as logs, encodes, decodes, and page views) from sites and services,
  • IP address.

The data sources are the companies that are part of the 4 MB Technologies. The joint controllers also use for purposes of business intelligence data obtained through third party ads campaigns platforms such as information on page views, number of users, costs and clicks, but this information is aggregated or otherwise anonymized prior submittal for use of business intelligence and thus do not contain personal data.

The information is used to analyse the use, interest, and engagement in our site and other services to generate and extract relevant information for improving services, planning and developing our business, and communicating more efficiently and meaningfully with our current and prospective customers, for example by following means

  • We use emails for analysing an understanding on how many accounts each email or email domain is associated with to determine how many accounts a customer has, which is necessary for purposes of customer management.
  • We use certain criteria based on account type and use for selecting a group of accounts based on the criteria to tailor our marketing and sales activities, for example to provide them with special promotions or suggest services or subscriptions which would be more suitable for their use or they may find otherwise interesting.
  • We create aggregated reports and dashboards on usage of different services and features, for example, how many accounts were created per day or encodes were created by month, QR codes created, total scans performed, customers communicating messages, customer domain used, by types of accounts, and page views, which are necessary for service development, reporting and business planning.
  • We use email, product usage data, and page views for analysing if specific emails are active, or if they should be deactivated due to long term inactivity.

Insights, reports, mailing lists, and other results of the analysis are created based on the business need, and personal data possibly contained thereto are processed for the purposes of sales, marketing, and product development in accordance with this privacy policy.

The legal basis for the processing of data is our legitimate interests in synergies generated from performing, planning, and developing business in company level, and from cross and up-selling complementary products of the STT and 4 MB Technologies.

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

When a user deactivates the account (or we do it based on long-term inactivity), the account information is anonymized. Personal data related to payments is anonymized or erased after the retention period for accounting records and the limitation period of the possible out-standing payments (debt), whichever occurs later under the applicable laws, have passed. Subscription data, product usage data and similar data based on actions of the users is anonymized or erased after three (3) years have passed from the year during which the account was deactivated.

Web tracking statistics

We use web tracking solutions to continuously improve the content and our site from a technical, design and editorial point of view and to make it more convenient for you. Based on the statistical findings on browser type and operating system, we can optimize our web design.

By using these methods, we do not obtain any personal data about you, but rather only statistical information about the use of our websites and product. In this way, we learn, for example, which our websites content is particularly popular, at what times our website is used particularly intensively, via which pages our users reach our site, from where the user has dialled into the Internet before visiting the site, and which browsers and operating systems our users generally use when surfing on our websites. We use this information to continuously improve the content and our site from a technical, design and editorial point of view and to make it more convenient for you. The collected data is stored in a so-called tracking session together with an anonymous user ID (unique hash from browser properties and the current time). Additionally, the data collection and processing take place at all times without personal reference. The statistics are used to enable and enhance the functionality and performance of our website and services and to understand user behaviour to improve our website, services and customer experience. The tracking pixel data is stored on the users’ device for up to 12 months.

Customer support and management

4 MB Technologies works together to provide support services to our customers, and to administer and manage the customer relationships by sharing and using the following personal data:

  • Account information, subscriptions to the services, billing information, and payment data
  • Personal data included to the business information (if corporate customer) and accounting information
  • User events, account creation, product usage and other usage data (such as logs, encodes, decodes, and page views) from services
  • Credentials to customer support channel(s) and other tools we may provide
  • Communications with the customer
  • IP address
  • Social media profile information, interactions, contents and other user generated information

The data sources are the part of 4 MB Technologies. Subject to your consent, we collect information above from your use of our Site and Services by cookies and similar technologies (see our Cookie Policies) to be shared and used across 4 MB Technologies and STT. The joint controllers also use personal data obtained through following third party Ads campaigns platforms, received as described in this privacy policy.

We use the personal data we collect for a variety of administrative and business purposes including:

  • Respond to inquiries, questions and comments and provide customer and technical support, provide access to certain functionalities of our services
  • Provide centralized support for customers with extended support hours
  • Efficient and centralized sales related communication and activities with extended support hours
  • Maintain central platform for customer communication
  • Align on and more efficiently communicate with our current and prospective customers concerning our Services
  • Allow our customers to understand interactions with our services
  • Analysing customer and visitor’s website usage behaviour for better understanding of customers and visitors needs and wishes
  • To help detect, deter and prevent malicious, fraudulent or unlawful activity to protect our Services and customers, and malfunction of the sites and services
  • Manage payments and customer records
  • Use common financial planning and managing to align and implement group financial strategies and policies

We process your data to provide customer support, customer communications, to optimize and improve our service and the user experience, and to process and manage payments, or to the extent the purpose of the contact is to conclude a contract or if you already have an Account or otherwise use our service because such processing and contact is necessary to conclude the contract or provide the Service. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

When a user deactivates their account (or we do it based on long-term inactivity), the account information is anonymized. Payment data is anonymized or erased after the retention period for accounting records and the limitation period of the possible out-standing payments (debt), whichever occurs later under the applicable laws, have passed. Subscription data, product usage data and similar data based on actions of the users is anonymized or erased after three (3) years have passed from the account deactivation or last contact.

Marketing

4 MB Technologies works together to provide support services to our customers, and to administer and manage the customer relationships by sharing and using the following personal data

  • Account information and subscriptions to the services
  • Other contact details than connected to a registered account
  • Personal data included to the business information (if corporate customer)
  • User events, account creation, product usage and other usage data (such as logs, encodes, decodes, and page views) from services
  • Social media profile information, interactions, contents and other user generated information
  • Messaging content that individuals choose to share (e.g., social media messages, in-app messages, SMS)
  • Social media and messaging metadata (e.g., number of social media followers, number of posts, number of tweets)
  • Any content, communications, messages, data, and information sent or received by customer through the Services
  • Other individual information (e.g., age, gender, employer, profession, geographic location, education information, financial status, interests and preferences) available on social media or public sources

The data sources are the 4 MB Technologies and STT. The joint controllers also use personal data obtained through following third party Ads campaigns platforms, received as described in this privacy policy: Google Analytics & Ads, LinkedIn Ads & Marketing, Facebook Ads and Microsoft Advertising.

We use the personal data we collect for marketing purposes to:

  • Align on marketing operations and marketing strategies
  • Run common marketing campaigns
  • Serve end users with interest–based advertising, as well as to measure the effectiveness of advertising campaigns
  • Interact with (potential) customers and business partners to promote 4 MB Technologies services

We collect personal data for purposes above through tracking technologies of online marketing partners in connection with our QR Code services as identified in our cookie policy. The legal basis for processing personal data as necessary for marketing is our legitimate interests to promote sales and increase awareness of 4 MB Technologies services, and communicate with our interest groups. Where marketing requires consent under applicable mandatory laws, for example if we wish to market via email our services to a new customer who is a natural person in the EU, the legal basis is the recipient’s consent. If you have given us your consent to share your data with a third-party provider, the legal basis for the data processing is your consent. However, a third-party provider may also form part of our (pre)contractual services, in which case the legal basis for the data processing is that the processing is essential to provide the services. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

Facebook on line advertising platforms and tools

Use of Facebook comments

We use functions of Facebook Inc. (“Facebook”) to extend the functionality of our online presence. Users can use Facebook comments to comment on content on our online presence using their Facebook account. Personal data can be stored and evaluated, especially the activity of the user (especially which pages have been visited and which elements have been clicked on) as well as device and browser information (especially the IP address and the operating system). We do not have any information about the exact scope of the collection of personal data. For more information about Facebook’s collection and storage of data, please visit: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

The use of the Facebook comment Plug-In serves the improvement of the user friendliness of our online presence. We use this plug-in to offer an embedded comment function directly on Facebook without users having to leave our online presence.

Use of Facebook messenger customer chat

We use functionalities of the communication plugin Facebook Messenger Customer Chat to communicate with our users and customers. The plugin enables the integration of Facebook Messenger into the website. Users can communicate with our company at any time with all the functionalities of Facebook Messenger. Users can log into Messenger with their Facebook login or have a conversation as a guest user. The plugin automatically loads the last chat history between the user and our company and allows users logged into Facebook Messenger to continue the conversation from different accesses, even after leaving our website. Cookies from Facebook are stored on your terminal device in the process. The following personal data is processed by Facebook as a result:
  • Content provided by users during communication
  • User data
  • Unique identifiers, such as device ID, IP address
  • Name, last name
  • Data of the Facebook account used
For more information on how Facebook processes data, click here: https://www.facebook.com/legal/technology_terms https://www.facebook.com/about/privacy https://www.facebook.com/policies/cookies

Use of Facebook connect

We use Facebook Connect in order to enable Facebook social network users to log in to other online presences with their Facebook profile without having to create separate accounts there. In order to use Facebook Connect, the user needs a Facebook account. This is always protected by a user name and an individual password. If the user discovers the Facebook Connect logo on an online presence, he can start the login process by clicking on the button. In a pop-up or a new window, he can now enter the Facebook login data. After successful authentication, a connection is established between the Facebook profile and the respective online presence via which data can be transferred. The user can now make use of the services of the online presence without having to deposit a separate profile with the personal data there. The user has no way of preventing the transmission of this information when using Facebook Connect. The Facebook Connect login dialog basically shows which data is transmitted. Further information on the collection and storage of data by Facebook can be found here: https://en-gb.facebook.com/policy.php

Your personal data will be stored for as long as is necessary to fulfil the purposes of the use cases described in this privacy policy or as required by law, e.g. for tax and accounting purposes. Legal basis for the processing of personal data within products of Facebook. The legal basis for the processing of personal data within Facebook products is your consent. If you contact us via Facebook, we process the data you insert in your message for the purpose of responding to you.

Possibility of revocation of consent and removal from Facebook. You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation. The user can store settings in their Facebook which data may not be transferred. If the user already uses Facebook Connect, they can delete their user account. There is always the alternative possibility of registering directly with us in order to avoid such data transmission. You can prevent Facebook from collecting and processing your personal data by preventing the storage of third-party cookies on your computer, by using the “Do Not Track” feature of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

For more information about how Facebook can opt out of and opt out of Facebook, visit:
https://en-gb.facebook.com/policy.php

Use of google tag manager

Scope of processing of personal data

We use Google Tag Manager https://marketingplatform.google.com/intl/en/about/tag-manager. With Google Tag Manager, tags from Google and third-party services can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behaviour, capture the impact of online advertising and social channels, use remarketing and targeting, and test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user’s browser. It contains statements about which tags are to be triggered. Google Tag Manager triggers other tags that may themselves collect data. You will find information on this in the passages on the use of the corresponding services in this data protection declaration. Google Tag Manager does not access this data. Your personal data will be stored for as long as is necessary to fulfil the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by Google’s own statements to delete parts of the IP address and cookie information after 9 and 18 months respectively. For more information about the Google Tag Manager: please visit https://www.google.com/intl/en/tagmanager/faq.html; and see Google’s privacy policy: https://policies.google.com/privacy?hl=en 

Use of Google Ads conversion tracking

We use the functionalities of Google Ads Conversion Tracking to track how many visitors to our website came via Google Ads. The use of Google Ads Conversion Tracking serves us to track the origin of our website visitors. The following personal data is processed by Google:
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Date and time of the server request
  • IP address
However, since we do not control or materially influence the processing of your personal data by Google, we cannot provide any binding information on the purpose and scope of the processing of your data. Further information on the processing of data by Google can be found here https://policies.google.com/privacy

Use of google enhanced conversions

We use functionalities of Google Enhanced Conversion Tracking to improve the accuracy of your conversion measurement. The use of Google Ads Conversion Tracking serves us to track the origin of our website visitors. The following personal data is processed by Google as a result:
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Date and time of the server request
  • IP address
  • E-mail address
  • Phone number
  • First name
  • Last name
  • Country of residence
This data is secured by using a one-way hashing algorithm called SHA256. Hashed data maps the original string of characters to data of a fixed length. An algorithm generates the hashed data, which protects the security of the original text. This data can only be linked to a user, if the User has a Google Account for which the same email address is used and the user agreed to personalized advertising in their Google account. Your personal data will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law. However, since we do not control or materially influence the processing of your personal data by Google, we cannot provide any binding information on the purpose and scope of the processing of your data. Further information on the processing of data by Google can be found here https://policies.google.com/privacy

Use of Google analytics

Google Analytics uses cookies, which are text files placed on your computer, to help the website analyse how users use the site (e.g., to measure reach). In connection with the use of Google Analytics, location data (information on the geographical position of a device or person) may be processed in addition to metadata and communication data (e.g. device information and IP addresses). Usage data (e.g. access to websites, clicks, access times), contact data (e.g. email, telephone numbers), content data (e.g. entries in online forms) or inventory data (e.g. names, addresses) may also be processed. Google Analytics has been supplemented by the code “gat._anonymizeIp();” in order to ensure that IP addresses are collected anonymously (IP masking).

On our behalf, Google will use this information for the purposes of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet usage. Your personal data will be stored for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law.

Google Signals

We have activated Google Signals in Google Analytics. This special aspect of Google Analytics involves cross-device tracking. If you have permitted personalized ads in your Google account, your data can be analysed across multiple devices. The data is collected and linked to the Google account. This helps us to understand the behaviour of visitors and users and how you interact with our websites and products across multiple devices and sessions to improve our service and marketing measures.

Use of Google Optimise

We use Google Optimize to evaluate the flow of visitors to our online offerings and may include behaviour, interests or demographic information about visitors as pseudonymous values. With the help of these analyses, we can recognize, for example, which online offer, content or functions of our products are most frequently used or re-use. Likewise, we can understand which areas need optimization. In addition to web analytics, we may also use testing procedures, for example, to test and optimize different versions of our online offering or its components. This processing includes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses).

The IP addresses of the users are also stored. Generally, in the context of web analysis, A/B testing and optimization, no clear data of the users (such as e-mail addresses or names) are stored, but pseudonyms. This means that we, as well as the providers of the software used, do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

The purposes of this processing are reaching measurement (e.g. access statistics, recognition of returning visitors); tracking (e.g. interest/behaviour-related profiling, use of cookies); provision of our online offering and user-friendliness. Your personal data will be stored for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

Processing of personal data within Google products is based upon your consent. However, in some cases the use of a Google product may also form part of our (pre)contractual services, or our interest in providing our users with efficient, economical and recipient-friendly services and the improvement of our service.

Possibility of revocation of consent and removal from Google

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation. You may prevent the collection and processing of your personal data by Google by preventing the storage of cookies by third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker to Google and to prevent the processing of this data by Google by downloading and installing the browser plug-in available under the following link https://tools.google.com/dlpage/gaoptout?hl=en  In addition, you can object to processing on the basis of legitimate interest by sending an email to privacy@qrcode-see.com

Rights under GDPR

If you are a resident of the EEA or Switzerland, or otherwise subject to the GDPR, and we process your personal data, you have the right to ask for the following rights:

  • In all cases a right to be informed about processing by 4 MB Technologies that pertains to personal data based on which you may be identified, and access to a copy of such personal data (Art. 15 GDPR)
  • If the personal data that is being processed is incorrect or inaccurate, you are entitled to demand for the data to be corrected (Art. 16 GDPR)
  • Subject to the conditions set in the GDPR, you may demand for the deletion or limitation of the processing and have the right to object to the processing altogether (Art. 17, 18, and 21 GDPR).
  • If the processing is based on your consent or a contract and the processing of data is carried out using automated procedures, you may be entitled to data transferability (Article 20 GDPR)
  • If you have consented to the processing of your data by the data controller, you may revoke your consent at any time. The legality of the data processing carried out on the basis of the consent that was obtained prior to the revocation will not be affected.

Furthermore, you have a right to appeal to the competent supervisory authority (Art. 77 GDPR) if you deem the personal data processing by us to violate the GDPR or other applicable data protection laws.

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit

Graurheindorfer Straße 153

53117 Bonn

Tel. +49 228 997799 0

Fax +49 228 997799 5550

Email: poststelle@bfdi.bund.de

Website: http://www.bfdi.bund.de/

Contact details of authorities in other EU Member States can be found from the directory (https://edpb.europa.eu/ ) maintained by the European Data Protection Board.

Contact details for questions and exercising your rights

If you have any questions or concerns regarding privacy when using the services or wish to use your rights, such as object the processing or have your personal data removed, please send us a detailed message to privacy@qrcode-stt.com. In addition to email, you may exercise any of your rights by sending a request to us, our contact details are provided in “Contact us” at our website. We will make every effort to resolve your concerns. Once we receive your request, we will ask that you verify your identity such as by authenticating through your account. Please note that if you do not have a 4 MB Technologies or STT account, we have no way of identifying you or verifying that you created or clicked on a 4 MB Technologies product, or otherwise interacted with our Services. You may be entitled, in accordance with applicable law, to submit a request through an authorized agent. To designate an authorized agent to exercise your rights and choices on your behalf, please provide a written attestation, declaration, or permission that has either been physically signed or provided electronically per applicable law. In certain circumstances, we may be required by law to retain your personal data.

Tools available to exercise your rights

If you have a 4 MB Technologies or STT Account, you may access, correct, or request deletion of your personal data by logging into your account. For product/article QR Codes, production QR Codes, personal QR Codes and on app, the save products, once logged in to your account, you will be able to view a history of the QR Codes created and saved products. You can request a complete copy of the personal data we store about your account by sending us Email at privacy@qrcode-stt.com, with your Account Email and name. You can cancel your account at any time through your account settings page by cancelling the subscription. If you cancel your subscription, you will no longer be able to access or use the services. If you have an account but are unable to access it, you can contact us at privacy@qrcode-stt.com. We will respond to your request within a reasonable timeframe.

As a STT QR Code services user you can cancel the registration at any time by using the tools in the service or via an email to privacy@qrcode-stt.com. You can object to the storage of your personal data at any time. In this case, all personal data stored will be deleted to the extent permitted by law or no opposing legitimate interest prevails. To do so, please send an email to privacy@qrcode-stt.com .

Please note that in the interest of ensuring that existing 4 MB Technologies products continue to function for all of our users, the STT QR Codes that you have created and shared, keep them live and accessible until and unless you delete the generated QR Code from the delete option in every QR Code (article / product, production and Personal). Once you cancel your subscription with us, we do not delete your data, however it remains in active and non-accessible to the users. To activate your data, you should register with the same email address or send us detailed Email with your account details at privacy@qrcode-stt.com . In case of downgrading your package, you will be notified with the Email to delete the data to bring it under the downgraded packages allowances. At the end of the running package, or at the start of your downgraded package, we shall auto deactivate your data to bring in with in the downgraded package allowances. The deactivated data will not be deleted, however, it will not be accessible to any user. The 4 MB Technologies has the legitimate right to process this data to provide you best of our services. To access and re-activate this data, please upgrade your subscribed package and also send us detailed Email at privacy@qrcode-stt.com with your complete login details.

International transfer of personal data

Depending on your location, information about you may be transferred to the United States or other countries outside the EU or EEA or may be processed there. These data transfers are necessary to provide you with the services and functionalities you have requested as outlined in this policy.

To protect your personal data, we rely on appropriate legal basis for each data transfer. In particular, we use contractual safeguards such as Standard Contractual Clauses approved by the European Commission. Where applicable, we base data transfers also on adequacy decisions issued by the European Commission.

Please feel free to contact us for further information about international data transfers, including to obtain access to a copy of applicable safeguards.

California privacy rights

The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020, provides you with specific rights regarding your “personal information,” as that term is defined under the CCPA. This section describes the rights that California consumers have and explains how to exercise those rights. For the purposes of this section, personal information does not include: (1) information that is lawfully made available from federal, state or local government records; (2) de-identified or aggregated data; or (3) information excluded from the scope of the CCPA. To be clear, these rights are granted only to the extent that you are a California consumer and we are acting as a “business” under the CCPA with respect to your personal information. The rights in this section are not intended to grant you additional rights, but only your rights under the CCPA.

Information we collect; How we collect It? How we use It?

We have collected the following categories of personal information from consumers from the sources described in the privacy policy above, specifically the categories of sources identified in the subsection titled “4 MB Technologies Connections Platform Services” (under the section “4 MB Technologies Services”), and have shared such personal information with the following categories of third parties within the last twelve (12) months:

 

Category

Examples

Business or commercial purposes for collecting personal information

Disclosed in the Prior twelve (12) months for the following business purposes

“Sold” or “Shared” in the prior twelve (12) months for the following purposes

Categories of third parties with whom We disclose, sell, or share personal information

A:

Personal identifiers.

A real name, postal address, online identifier, Internet Protocol address, email address, account name.

To register your 4MB Technologies or STT account or create a STT QR Code.
To communicate with you
To provide customer support
marketing and advertising
service optimization and analytics
To detect, deter and prevent malicious, fraudulent or unlawful activity

For the security and integrity of our services, to verify or maintain the quality or safety of services, and to identify and repair errors
Undertaking internal research for service optimization
Providing advertising and marketing services
Auditing related to counting ad impressions to unique visitors.
For other business services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

 

None

Service providers who perform business services for us

 

B.

Personal information covered by the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Some personal information included in this category may overlap with other categories

A name, physical characteristics or description, address, telephone number, credit card number, debit card number, or any other financial information, medical information.

To register your 4MB Technologies or STT account or create a STT QR Code.
To communicate with you
To provide customer support
marketing and advertising
service optimization and analytics
To detect, deter and prevent malicious, fraudulent or unlawful activity

Helping to ensure the security and integrity of our services, to verify or maintain the quality or safety of our services, and to identify and repair errors
Undertaking internal research for service optimization,
providing advertising and marketing services,
auditing related to counting ad impressions to unique visitors.
For other business services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

None

Service providers who perform business services for us

C.

Protected classification characteristics under California or federal law.

 

Age and gender

Marketing and Advertising

 

None

Service providers who perform business services for us

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

To provide customer support
Marketing and advertising
service optimization and analytics.
To detect, deter and prevent malicious, fraudulent or unlawful activity

Helping to ensure the security and integrity of our services, to verify or maintain the quality or safety of our services, and to identify and repair errors
Undertaking internal research for service optimization
For other business services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

 

None

 

Service providers who perform business services for us

F.

Internet or other similar network activity.

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

To register your 4MB Technologies or STT account or create a STT QR Code.
To communicate with you
to provide customer support
marketing and advertising
service optimization and analytics
to detect, deter and prevent malicious, fraudulent or unlawful activity

Helping to ensure the security and integrity of our services, to verify or maintain the quality or safety of our services, and to identify and repair errors
Undertaking internal research for service optimization
Providing advertising and marketing services
Auditing related to counting ad impressions to unique visitors.
For other business services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

 

None

Service providers who perform business services for us

G.

Location data

Physical location.

To create a STT QR Code /link
When you interact with a 4 MB Technologies or STT link, to detect, as needed to provide services to our customers
marketing and advertising
service optimization and analytics
To detect, deter and prevent malicious, fraudulent or unlawful activity

Helping to ensure the security and integrity of our services, to verify or maintain the quality or safety of our services, and to identify and repair errors
Undertaking internal research for service optimization
providing advertising and marketing services.
Auditing related to counting ad impressions to unique visitors
For other business services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

 

None

Service providers who perform business services for us

H.

Inferences drawn from other personal information for profiling purposes.

Used to create a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities, and aptitudes.

When you interact with a 4 MB Technologies or STT link, as needed to provide services to our customers
marketing and advertising
service optimization and analytics.
To detect, deter and prevent malicious, fraudulent or unlawful activity

Helping to ensure the security and integrity of our services, to verify or maintain the quality or safety of our services, and to identify and repair errors
Undertaking internal research for service optimization
Providing advertising and marketing services.
Auditing related to counting ad impressions to unique visitors.
For other business services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

None

Service providers who perform business services for us

 

We do not use or disclose sensitive personal information, as that term is defined under the CCPA. The categories of personal information described above are anonymized or erased from our systems upon request, if the data is detected as irrelevant in our automated or manual system maintenance, or after 3 years following the last contact with the relevant individual, whichever occurs first.

Selling or Sharing of Personal Information

4MB Technologies does not “sell” or “share” your personal information to third parties, as those terms are used in the CCPA.

Rights to your information

  1. Right to Know
    As a California consumer, you have the right to request that we disclose certain information to you about our collection, use, disclosure, or sale/sharing of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Your Rights, below), and subject to certain limitations that we describe below, we will disclose such information. You have the right to request any or all of the following

 

  • The categories of personal information we collected about you.
  • The categories of sources from which the personal information is collected.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (see Data Portability Rights below).
  1. Right to delete

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Your Rights, below), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. However, we may retain personal information that has been de-identified or aggregated. Furthermore, we may deny your deletion request if retaining the information is necessary for us or our service provider(s) to perform certain actions set forth under the CCPA, such as detecting security incidents and protecting against fraudulent or illegal activity.

  1. Right to data portability

You have the right to request a copy of the personal information we have collected and maintained about you in the past 12 months. The CCPA allows you to request your information from us up to twice during a 12-month period. We will provide our response in a readily usable (and usually electronic) format.

  1. Right to correct

You have the right to request the correction of any personal information we maintain about you.

  1. Right to Non-discrimination

We will not discriminate against you for exercising any of your CCPA rights, including but not limited to, by:

  • Denying you goods or services.
  • Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Providing you a different level or quality of goods or services.
  • Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
  1. Exercising your rights

To exercise the rights described above, please contact us by using the following methods

After submitting a request, we will take steps to verify your identity in order for us to properly respond and confirm that it is not a fraudulent request. In order to verify your identity, we will ask, at a minimum, that you provide your name, email address, and relationship to us, so that we can seek to match this information with the information existing in our systems. When providing us this information, you represent and affirm that all information provided is true and accurate. Depending on the request, if we are unable to verify that the consumer submitting the request is the same individual about whom we have collected personal information, we may contact you for more information, or we may not be able to meet your request.

Only you, or an agent legally authorized to act on your behalf, may make a verifiable request related to your personal information. If you are making a request as the authorized agent of a California consumer, we will ask you to submit reliable proof that you have been authorized in writing by the consumer to act on such consumer’s behalf.

We will make every effort to respond to your request within 45 days from when you contacted us. If you have a complex request, the CCPA allows us up to 90 days to respond. We will still contact you within 45 days from when you contacted us to let you know we need more time to respond.

California “Shine the Light

In addition to the above rights, under California Civil Code Section 1798.83 (“Shine the Light”), California residents may have the right to request in writing from businesses with whom they have an established business relationship: (1) a list of the categories of personal information, as defined under Shine the Light, such as name, email address, and mailing address, and the type of services provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes; and (2) the names and addresses of all such third parties. To request the above information, please contact us by email at privacy@qrcode-stt.com . If you do not want your personal information shared with any third party who may use such information for direct marketing purposes, then you may opt out of such disclosures by sending an email to us at privacy@qrcode-stt.com

Contacting us

If you have questions or concerns about this privacy policy, your California privacy rights, or our information practices, please email us at privacy@qrcode-stt.com

Virginia / Colorado / Connecticut and certain other U.S. State privacy policy

The Virginia Consumer Data Protection Act, the Colorado Privacy Act, and the Connecticut Data Privacy Act and similar laws in other U.S. states (“State Privacy Laws”) provide their consumers with specific rights regarding their personal data. To the extent that you are a resident of one of these states, this section describes your rights under the State Privacy Laws and explains how you may exercise these rights.

The categories of personal data we process, our purposes for processing your personal data, the categories of personal data that we share with third parties, and the categories of third parties with whom we share it are set forth in the terms of the Privacy Policy above.

Rights to Your Information

In addition to the rights set forth in our privacy policy, the State Privacy Laws provide you with the following rights:

  • Right to know:You have the right to know whether we process your personal data and to access such personal data.
  • Right to data portability:You have the right to obtain a copy of your personal data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another business without hindrance, where the processing is carried out by automated means. You may request such personal data up to twice annually, subject to certain exceptions.
  • Right to delete:You have the right to delete personal data that you have provided by or that we have obtained about you. Please note that we may deny such a request if the requested deletion falls under an exception as set forth in the State Privacy Laws. Additionally, if you request deletion of your personal data and we have obtained such information from a third-party source, we may retain such data by keeping a record of the deletion request and the minimum data necessary to ensure that your personal data remains deleted from our records and that such retained data is not used for any other purpose, or we may opt you out of the processing of such personal data for any purpose except for those allowed under the State Privacy Laws.
  • Right to opt out:You have the right to opt out of the processing of the personal data for purposes of: (1) targeted advertising; (2) the sale of personal data; or (3) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. As of the latest date of the Privacy Policy:
    • We do not process personal data for the purposes of targeted advertising
    • We do not sell your personal data
    • We do not engage in profiling decisions based on your personal data that produce legal or similarly significant effects concerning you.
  • Right to correct:You have the right to correct imprecisions in your personal data, taking into account the nature of the personal data and the purposes for which we process it.
  • Right to non-discrimination:You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights. Unless permitted by the State Privacy Laws, we will not:
    • Deny you goods or services
    • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
    • Provide you a different level or quality of goods or services
    • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

How to Exercise Your Rights; Verifying Your Identity

To exercise any of your privacy rights, or if you have any questions about your privacy rights, you may contact us by emailing us at privacy@qrcode-stt.com

After submitting a request, we will take steps to verify your identity in order for us to properly respond and/or confirm that your request is not fraudulent. We may contact you for additional information as reasonably necessary to authenticate your request, but if we are ultimately unable to authenticate your request using reasonable commercial efforts, then we may not be able to comply with it.

Only you or your authorized agent may make a verifiable request related to your personal data. If you are making a request as the parent or legal guardian of a known child regarding the processing of that child’s personal data, we may ask you to submit reliable proof of your identity.

Response time, your right to appeal

We will make every effort to respond to your request within 45 days from when you contacted us. If you have a complex request, the State Privacy laws allow us up to 90 days to respond. We will contact you within 45 days from when you contacted us to inform you of the need for additional time and the reason for such extension. We may charge you a reasonable fee to cover administrative costs if your requests are manifestly unfounded, excessive, or repetitive.

If we decline to take action on a request that you have submitted, we will inform you of our reasons for doing so, and provide instructions for how to appeal the decision. You will have the right to appeal within a reasonable period of time after you have received our decision. Within 60 days (45 days for residents of Colorado) of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, we will provide you with a method for contacting your state attorney general’s office to submit a complaint.

Navada privacy rights

If you are a resident of Nevada, you have the right to opt out of the sale of certain personal data that we have collected (or may collect) from you to data brokers or other third parties. You can exercise this right by emailing us at privacy@qrcode-stt.com with the subject line “Nevada Do Not Sell Request.”

Children’s Privacy

We do not knowingly collect personal data from children. If we learn that we have collected personal data of a child under 13 (or older as required by applicable law), we will take steps to delete such information from our systems as soon as possible. If you believe we might have any personal data from or about a child under 13, please contact us at privacy@qrcode-stt.com

Changes to our Privacy Policy

We reserve the right to make changes to this privacy policy at any time. If we make material changes in the way we collect or use information, we will provide notice by posting an announcement on the services or sending you an email, and we will indicate when those changes will become effective. You are agreeing to any changes to the privacy policy when you use the Services after those changes become effective.