Privacy Policy

This Privacy Policy includes important information about your personal data and we encourage you to read it carefully.

Welcome

We provide a QR code ecosystem for the internet. Businesses of all sizes use our platform and services to create QR codes and manage their marketing campaigns online. Unitag cares about the security and privacy of the personal data that is entrusted to us.

This Privacy Policy (“Policy”) describes the “Personal Data” that we collect about you, how we use it, how we share it, your rights and choices, and how you can contact us about our privacy practices. This Policy also outlines your data subject rights, including the right to object to some uses of your Personal Data by us.

“Unitag”, “we”, “our”, or“us”, means the Unitag entity responsible for the collection and use of personal data under this Privacy Policy. It differs depending on your country.

“Personal Data” means any information that relates to an identified or identifiable individual, and can include information about how you engage with our Services (e.g. device information, IP address).

“Services” means the products and services that Unitag indicates are covered by this Policy, which may include Unitag-provided apps.

“Business Services” are Services provided by Unitag to entities (“Business Users”) who directly or indirectly provide us with “End User” Personal Data in connection with those Business Users’ own business and activities.

“Sites” means Unitag.io and the other websites that Unitag indicates are covered by this Policy. Collectively, we refer to Sites, Business Services and End User Services as

Depending on the context, “you” means End Customer, End User, Representative or Visitor:

When you directly use an End User Service (such as when you scan a QR code managed by Unitag Services), for your personal use, we refer to you as an “End User”

When you do business with Unitag (e.g. when you create a QR with the Unitag platform) we refer to you as “Business User”

When you are acting on behalf of an existing or potential Business User (e.g. account administrator) we refer to you as “Representative”

When you visit a Site without being logged or otherwise communicate with Unitag, we refer to you as a “Visitor”

1. Personal data that we collect and how we use and share it

1.1 End users

We provide End User Services where do not act as a service provider to Businesses but instead provide the Services directly to you for your personal user (e.g. Scan of a QR code). See here for further information on the legal bases which we rely on for using (processing) your Personal Data.

Personal data that we collect about End Users

Scanning a QR code. When you scan a QR code we receive Personal Data that is used to redirect you to the desired content generated by a Business User

How we use and share personal data of End Users

Services. We use your Personal Data to provide the End User Service to you, including security, support, personalisations and messages related to the End User Service (e.g. redirecting you to the correct website upon scanning a QR code). We also use your Personal Data for our fraud and security detection and mitigation Business Services and might share Personal Data with Business Users in relation with the Business Services. The use of this Personal Data is subject to the Business Users’ privacy policies.

1.2 Representatives and Business Users

To provide Business Services, we collect, use and share Personal Information from Representatives of our Business Users (e.g. a business owner). If the Representative is the only employee of a Business User, we refer to you as Business User

Personal data that we collect about Representatives and Business Users

Registration and Contact Information. If you register for a Unitag account for a Business User, we collect your name and account log-in credentials

Identification Information. If you are an owner of a Business User or you are expected to be an administrator of a Business User, re require that you provide contact details, such as name, postal address, phone number and email address to fulfil partner and regulatory requirements. We may also collect financial and personal information about you, such as your ownership interest in the Business User. You may also choose to provide bank account information.

1.3 Visitors

When you visit our Sites, we generally receive your Personal Data either from you providing it to us or through our use of cookies and similar technologies

Personal data that we collect about Visitors

Forms. When you choose the fill a form on the Site, we will collect the information included in the form, usually your contact information and other information about your questions related to our Services

2. More ways we collect, use and share personal data

In addition to the ways we collect data, use and share Personal Data that are described above, we also process your Personal Data as follows.

2.1. Personal Data Collection

Online activity. Depending on the Service you use and Business Users’ implementation of our Business Services, we will collect information about:

Devices and browsers across our Sites,

Usage data associated to those devices and browsers, including IP address, language used, time spent on Sites. For example the language used permits to redirect a User to the correct Site displayed in their language.

Communication and Engagement Information. We will collect any information you choose to provide us with, for example, through support tickets, emails or social media. When you respond to Unitag emails or surveys, we collect your email address, name and any other information you choose to include in the body of your email or responses. If you contact us by phone, we will collect the phone number use to call Unitag, as well as other information you provide during the call.

2.2. Personal Data Usage

In addition to the ways described above in which we use Personal Data, we use Personal Data in the following ways

Improving and Developing our Services. We use analytics on our Sites to help us analyse your use of our Sites and Services and diagnose technical issues. To learn more about the cookies that may be served through our Sites and how you can control our use of cookies and third-party analytics please see our Cookie Policy.

Communications. We will use the contact information we have about you to perform the Services, which may include sending code via email to authenticate you. If you are an End User, Representative or Visitor, we may communicate with you using the contact information we have about you to provide information about ou Services or for marketing purposes, provided we do so in accordance with applicable law, including any consent or opt-out requirements.

Compliance with Legal Obligations. We use Personal Data to meet our contractual and legal obligations related to Know-Your-Customer (“KYC”) laws, anti-terrorism and prohibitions on doing business with restricted persons or in certain business areas, and other legal obligations. We strive to make our Services sage, secure and compliant, and the collection and use of Personal Data is critical to this effort.

Minors. The Services are not directed to minors, including children under the age of 13, and we request that they do not provide Personal Data through the Services. In some countries, we may impose higher age limits as required by application law.

2.3. Personal Data Sharing

Compliance and Harm Prevention. We share Personal Data as we believe necessary:

To comply with applicable law

To enforce our contractual rights

To secure and protect our Services, rights, privacy safety and property of Unitag, you and others, including against other malicious or fraudulent activity and security incidents

To respond to valid legal process requests from courts, law enforcement agencies, regulatory agencies and other public and government authorities, which may include authorities outside your country of residence.

3. Legal bases for processing data

For the purposes of the General Data Protection Regulation, we rely upon a number of legal bases to enable our processing of your Personal Data.

a) Contractual and Pre-Contractual Business Relationships. We process Personal Data for the purpose of entering into business relationships with prospective Business Users and End Users and to perform the respective contractual obligations that we have with these Users. Activities include:

Creation and management of Unitag account and Unitag account credentials, including the evaluation of applications to commence or expand the use of our Services

Subscription to our Services

b) Legal Compliance. We process Personal Data to verify the identity of our Users in order to comply with fraud monitoring, prevention and detection obligations, laws associated with the identification and reporting of illegal and illicit activity, such as "Anti-Money Laundering ("AML") and Know-Your-Customer ("KYC")" obligations, and financial reporting obligations. For example, we may be required to record and verify a User’s identity for the purpose of compliance with legislation intended to prevent money laundering and financial crimes. These obligations are imposed on us by the operation of law, industry standards, and by our financial partners, and may require us to report our compliance to third parties, and to submit to third party verification audits.

c) Legitimate Business Interests. Where allowed under applicable law, we rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes for which we have a legitimate interest in processing your data:

Determine eligibility for and offer new Unitag products and services

Promote, analyse, modify and improve our Services, systems, and tools, and develop new products and services, including reliability of the Services

Respond to enquiries, send Service notices and provide customer support

Manage, operate and improve the performance of our Sites and Services by understanding their effectiveness and optimising our digital assets

Analyse and advertise our Services

Conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of, our business

4. Your rights and choices

You may have choices regarding our collection, use and disclosure of your Personal Data:

a) Opting out of receiving electronic communications from us

If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, our Business Users may still send you messages and direct us to send you messages on their behalf.

b) Your data protection rights

Depending on your location and subject to applicable law, you may have the following rights with regard to the Personal Data we control about you:

The right to request confirmation of whether Unitag processes Personal Data relating to you, and if so, to request a copy of that Personal Data

The right to request that Unitag rectifies or updates your Personal Data that is inaccurate, incomplete or outdated

The right to request that Unitag erase your Personal Data in certain circumstances provided by law

The right to request that Unitag restrict the use of your Personal Data in certain circumstances, such as while Unitag considers another request that you have submitted (including a request that Stripe make an update to your Personal Data)

The right to request that we export your Personal Data that we hold to another company, where technically feasible

Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time; and/or

Where we process your information based on our legitimate interests, you may also have the right to object to the processing of your Personal Data. Unless we have compelling legitimate grounds or where it is needed for legal reasons, we will cease processing your information when you object

5. Security and retention

We make reasonable efforts to provide a level of security appropriate to the risk associated with the processing of your Personal Data. We maintain organisational, technical and administrative measures designed to protect Personal Data covered by this Policy against unauthorised access, destruction, loss, alteration or misuse. Personal Data is only accessed by a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.

To help us protect personal data, we encourage you to use a strong password and never share your password with anyone or use the same password with other sites or accounts. If you have reason to believe that your interaction with us is no longer secure (e.g. you feel that the security of your account has been compromised), please contact us immediately

We retain your Personal Data as long as we are providing the Services to you or our Business Users (as applicable) or for a period during which we reasonably anticipate providing the Services. Even after we stop providing Services directly to you or a Business User with which you are doing business, and even if you close your Stripe account or complete a transaction with a Business User, we retain your Personal Data in order to comply with our legal and regulatory obligations. We may also retain it to allow for fraud monitoring, detection and prevention activities. We also keep Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our financial partners, and where data retention is mandated by the payment methods you used. In cases where we keep Personal Data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

6. Contact us

If you have any questions or complaints about this Policy, please contact us. If you are an End Customer (i.e. an individual doing business or transacting with a Business User), please refer to the privacy policy or notice of the Business User for information regarding the Business User’s privacy practices, choices and controls, or contact the Business User directly.