the dtx company dba Flowcode
Effective Date October 30th, 2023
To understand dtx’s handling of personal information, you need to know a few things about how our QR codes work:
When you point the camera on any modern phone or tablet at a QR code, you’ll either be given an option to take some action, or your device will automatically take that action. For example, when you point the camera at the QR code below, you’ll see the option to visit a webpage. Some QR codes can do other things, like download some content or install an app.
Personal Information that could be collected or generated when you scan one of our QR Codes (including on a Flowtag):
Personal Information collected in other contexts, such as through other use of our Sites or interactions with our business contacts or other counterparties:
We use personal information for the following purposes:
The California Consumer Privacy Act (“CCPA”) defines the “sale” of personal information to include selling user data to random third parties for money, like a data broker does. But it also defines “sale” and “sharing” in a broader sense that includes some common practices that we have engaged in during the last 12 months. For example, under the CCPA, these terms include the use of certain advertising services, like when we pay an ad tech company to place a cookie on the browser of a visitor to our website so that the user can see an ad for our services on other websites. The ad tech company can see the website visitor’s IP address and other browser/device/cookie data as part of that process. Under the CCPA, we also are “selling” personal information when we allow vendors that assist us with our Services (like certain analytics providers) to also use IP addresses and browser/device/cookie data to improve their services in certain ways. The terms “sale” and “sharing” also cover some of our other uses of other advertising services, like if we were to pay a third-party website to serve ads for us to individuals that we specify by giving that website a list of those individuals’ email addresses (or hashes of those email address). This would be considered a “sale” and “sharing," even though we’d be the ones who would pay for it. We don’t engage in other “sales” or “sharing” of California personal information (as those terms are defined under the CCPA), but we do engage in other disclosures of personal information about Californians and others, as described further below. We don’t “sell” or “share” personal information (as those terms are defined under the CCPA) if we have actual knowledge that the consumer is less than 16 years of age. Californians can opt out of our CCPA “sales” and “sharing” by following the instructions on our Your Privacy Choices form.
This information may include unique browser identifiers, IP address, browser and operating system information, device identifiers (such as the Apple IDFA or Android Advertising ID), geolocation, other device information, Internet connection information, as well as details about your usage and interactions with the relevant website, application, email or other online property (for example, the URL of the third-party website from which you came, the pages and content on our Site that you view, how frequently you access or use the Services, and how you engage with or navigate our Services (including the links you click on), error logs, and other similar information). In some cases (such as cookies), the tools described here involve storing unique identifiers or other information on your device for later use.
These technologies help:
For example, in some cases, we assist with the collection of information by advertising services provided by third parties. We and ad services may track your online activities over time by collecting information through automated means such as cookies, and we or they may use this information to show you ads that are tailored to your individual interests or characteristics, your prior visits to certain websites, or other information we or they know, infer, or have collected from people like you.
In general, we will retain your information in identifiable form only for the time necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Because we may collect and use the same category of personal information for different purposes and in different contexts, there is not typically a fixed retention period that always will apply to a particular category of personal information. Therefore, to determine the appropriate retention period for personal information, we may consider factors such as the potential risk of harm from unauthorized use or disclosure of your personal information, the amount, nature, and sensitivity of the personal information, the purposes for which we process your personal information, to determine if we can achieve those purposes through other means, and the applicable legal requirements. Examples of how long we normally intend to retain personal information that we collect about residents of California in certain situations are set forth below. Information may also persist in copies made for backup and business continuity purposes for longer than original copies.
We disclose your information to third parties as follows:
When applicable, we comply with legal requirements for transfers of personal information to third countries, such as by making transfers under the following conditions:
Please contact us at [email protected] if you would like further information on the specific mechanism used by us when transferring your personal information out of the United Kingdom or Europe.
We will only use your personal information when the law allows us to. If you are based in the United Kingdom or Europe, when we act as a data controller we will only use your personal information if we have one of the following legal bases:
We urge you to use a unique password for each of the Services, to keep them in a safe place and not to give them to anyone. Also remember to sign off your account and close your browser window when you have finished your visit to the Sites or your other use of the Services. We use various physical, technical, and organizational safeguards in an effort to protect personal information. However, no security method is perfect, and even if you take those steps, we cannot guarantee that any personal information will remain secure.
To opt out of the non-essential cookies on flowcode.com, please select ‘Cookie Settings’ from the link in that website’s footer to manage your preferences.
To learn more about interest-based advertising generally, or to opt out of targeted, interest-based ads by some of our current ad service partners, visit aboutads.info/choices from each browser you use.
For controls relating to the data collected from mobile applications, please read your operating system's instructions for complete instructions. Some of the options may be found here:
You can also opt out of Google Analytics and customize the Google Display Network ads by visiting the Google Ads Settings page from each browser. Google also allows you to install a Google Analytics Opt-out Browser Add-on for each browser.
If you replace, change, upgrade or reset your browser or device, or delete your cookies, or use a browser that automatically deletes cookies, you may need to use these opt-out tools again. We do not respond to browser-based do-not-track signals.
You can unsubscribe from dtx marketing emails at any time. If you have established an online account with our Services, you may also be able to login to that account to access or change your personal information, or to use certain privacy preference settings.
If you do not want us to see or access your device location, you can turn off location sharing on your device and browser, change your device privacy settings, and change your device’s location settings for our Sites and applications. Please note that disabling such features may result in you not being able to access or receive some of the present or future content available in the Services.
If you would like to opt out of receiving marketing or promotional emails from dtx, please contact [email protected] or follow the instructions in those messages. Please note that if you opt out, we may still send you non-promotional or non-marketing messages, such as communications regarding Services you have requested.
If you want to exercise any of these rights, please contact us.
All the rights described above (except the direct marketing opt-out) are subject to important exceptions.
You will not normally have to pay a fee to access your personal information (or to exercise any of the other rights). However, depending on which laws apply, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any unauthorized people.
All individuals also have a right to complain to their local data protection supervisory authority about any company’s handling of their personal information. If you have a concern about our data practices, we invite you to please contact us first so that we can do our best to address your concern.
To exercise a right to appeal a decision we have made regarding your personal information (such as under Colorado, Connecticut, or Virginia law), you can contact us at [email protected] with an explanation of why you believe we should reach a different decision. Your appeal under one of those laws will be reviewed by our privacy team, including in certain circumstances our General Counsel. We will respond with a decision and a written explanation of the reasons for the decision within 45 days of your appeal.
Collection and Disclosure of California Personal Information During Past 12 Months
CCPA Information and Deletion Rights
If you are a California resident, California law may permit you to request that we:
Certain information is exempt from such requests under applicable law. You also may have the right to receive information about the financial incentives that we offer to you (if any). You also have certain rights under the CCPA not to receive discriminatory treatment by dtx for the exercise of your CCPA rights.
To request to exercise those CCPA rights, please email us at [email protected]. For security and legal reasons, dtx may not accept requests that require us to access third-party websites or services. We do not respond to browser-based do-not-track signals or similar mechanisms. We will take steps to verify your identity before responding to your request, which may include confirming that the browser in your possession matches the one associated with the relevant QR Codes, requesting that you respond to an email that we send to you, or otherwise verifying your name, email address or other information that will help us to confirm your identity.
If you are an agent making a request on behalf of a consumer, you must verify that you are authorized to make that request, which may include requiring you to provide us with written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney. We also may require the consumer to verify their identity directly with us.
CCPA “sale” and “sharing” of California personal information
Your browser may also offer a way to activate the Global Privacy Control signal (“GPC”). Flowcode.com treats qualifying browsers for which the user has activated the GPC signal as having opted out of what CCPA calls a “sale” and “sharing” of any California personal information that is collected on that site from that browser using cookies and similar technology. You can override that treatment for a GPC-enabled browser by using the cookie controls available from the website’s footer.
California Shine the Light Disclosure
The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we shared certain categories of “personal information” with third parties for their “direct marketing purposes” (as defined in the Shine the Light law) in the prior calendar year. To exercise that right, please contact us as described below.
Our Services are not directed at and should not be used by children under the age of 16. If we learn that we have collected the personal information of a child under the age of 16, we will delete it or take other steps if required under applicable law. Please inform us if you believe we have collected the personal information of a child under the age of 16 by emailing us at [email protected].