FAQs
Flowcode
Flowpage
FlowcodeTV
Flowcode Pro
Sign In
Sign Up
the dtx company
PRIVACY POLICY
Effective Date December 17, 2020
1. INTRODUCTION - how this privacy policy works
This Privacy Policy (including the Notice at Collection) covers how we use the personal information we obtain in connection with our websites (Sites), Flowpages, and other services, features, content, technology and applications (desktop and mobile), including, for example, our QR codes known as Flowcodes (all of which we refer to as our Services). We help participating companies (Brands), creators of Flowcodes and/or Flowpages (Creators) build connections. Sometimes we do this – and provide other aspects of our Services to Brands, Creators and other consumers using our Services – by collecting information through Flowpages, Flowcodes or through the websites, applications or other online properties of Brands and Creators that use our Services.
If you represent a Brand or are a Creator or a consumer who uses our Services, this Privacy Policy sets out how we look after your personal information and contains information regarding your privacy rights when using our Services or otherwise interacting with dtx. dtx respects your privacy and is committed to protecting your personal information.
References to dtx in this Privacy Policy are to the dtx company and its business operations, including Flowcode and Flowpage.
For the purposes of the relevant privacy and data protection law, if you are located in the United Kingdom or Europe, the dtx company is considered the controller of your personal information. This means that we are responsible for deciding how we store and use personal information about you and providing you with the information contained in this Privacy Policy.
This Privacy Policy only applies to dtx’s handling of your personal information. Brands, Creators and other third parties collect and handle personal information pursuant to their own policies and procedures, which differ from this Privacy Policy and for which they are responsible.Clicking on those links or enabling those connections may allow third parties to collect or share personal information about you. Often, these third parties will act as separate and independent controllers of your personal information. We do not control these third-party websites and are not responsible for their privacy policies and procedures. When you leave our website, we encourage you to read the privacy policy and cookie notice of the websites you visit.
By using a Site or other Services, such as by scanning a dtx-powered QR code (such as one labeled Flowcode or Flowpage), creating a personalized QR code (“Personal QR code”) or creating a Flowpage (“Personal Flowpage”), you acknowledge the collection and handling of your information as described in this Privacy Policy.
For a PDF of this Privacy Policy, click here
The types of information we collect are described in our Notice at Collection below. You share some of that information with us using the information collection technology described below. We also may use that technology to collect information about you automatically. We may also receive personal information from Brands, Creators, service providers, and data partners, as well as from publicly available sources such as websites. If you share your Personal QR code or you share any other QR code (including through your Personal Flowpage) with another person who then scans that QR code, we may collect information from that person’s device in the same categories of information as described in the Notice at Collection and this Privacy Policy, and that collection of information will be subject to the terms of this Privacy Policy. In addition, if a Personal Flowpage uses our contact collection, COVID form or other information collection widget, another person (for example, a Flowpage visitor) may enter additional information into that widget. In that case, our own collection and handling of such information will be subject to the terms of this Privacy Policy, but the Flowpage Creator’s handling of the information will be subject to their own privacy policies and practices.
It is important that you read this Privacy Policy together with any other privacy policy or notice we provide on specific occasions so that you are aware of how and why we are using your personal information. This Privacy Policy also does not form part of any contract of services.
We will update this Privacy Policy from time to time and may also notify you in other ways from time to time about how we handle your personal information.
2. NOTICE AT COLLECTION - how we collect and use your personal information
This Privacy Policy sets out how we collect and use your personal information, the personal information that we collect and the purposes for which we collect it.
Our Services are not directed at and should not be used by children under the age of 16. If we learn that we have collected the personal information of a child under the age of 16, we will delete it or take other steps if required under applicable law. Please inform us if you believe we have collected the personal information of a child under the age of 16 by emailing us at [email protected]
The legal basis for our collection and use of your personal information
We will only use your personal information when the law allows us to. If you are based in the United Kingdom or Europe we will only use your personal information if we have one of the following legal bases:
Personal Information collected when you scan one of our QR Codes:
Personal Information collected in other contexts through use of our Sites or interactions with our business contacts or other counterparties:
Collection and Disclosure of California Personal Information During Past 12 Months
We describe in the two charts below the categories of California personal information we have collected, and the categories of third parties to whom we have disclosed such information for a business purpose, during the 12 months leading up to the effective date of this Privacy Policy:
Information collected when you scan a Flowcode: | |
---|---|
Category of personal information collected | Categories of third parties to which it was disclosed for a business purpose |
Identifiers, such as IP address | Affiliates, customers, and service providers, contractors or agents who perform functions on our behalf, such as data storage and hosting providers, email service providers, analytics providers, network and system management providers, communications tools, IT support providers, CRM providers, incentive providers, accounting services. Brands |
Commercial information, such as information about your use of our QR codes | Same as first row |
Internet or other electronic network activity information, such as technical data about your device and information about your use of QR codes and your interactions with our Sites and Services, and with Brands, Flowcodes and Flowpages | Same as first row |
Inferences drawn from any of the above information | Same as first row |
Other personal information | |
---|---|
Category of personal information collected | Categories of third parties to which it was disclosed for a business purpose |
Identifiers, such as your name, username, email address, phone number and address | Affiliates, customers, and service providers, contractors or agents who perform functions on our behalf, such as data storage and hosting providers, email service providers, analytics providers, network and system management providers, communications tools, IT support providers, CRM providers, incentive providers, accounting services. Brands, Creators |
Professional or employment-related information, such as your title | Same as first row |
Commercial information, such as information you provided to us in your communications (some of which is personal information) and information about your purchases or interactions with our Services | Same as first row |
Financial information such as your payment card number | Handled directly by payment card processors and payment service providers |
Internet or other electronic network activity information, such as technical data about your device and your interactions with our Sites and Services, and with Brands and Flowpages | Same as first row |
Inferences drawn from any of the above information | Same as first row |
3. COOKIE NOTICE – what cookies we use as part of our Services
Through our Sites and other Services (including on Flowpages and in some Brands’ online properties and communications), we and third parties collect information from your device by automated means such as cookies, web beacons, local storage, JavaScript, mobile-device functionality and other computer code.
This information may include unique browser identifiers, IP address, browser and operating system information, device identifiers (such as the Apple IDFA or Android Advertising ID), geolocation, other device information, Internet connection information, as well as details about your usage and interactions with the relevant website, application, email or other online property (for example, the URL of the third-party website from which you came, the pages and content on our Site that you view, how frequently you access or use the Services, and how you engage with or navigate our Services (including the links you click on), error logs, and other similar information). In some cases (such as cookies), the tools described here involve storing unique identifiers or other information on your device for later use.
In addition, when you point the camera on any modern phone or tablet at a QR code, you’ll either be given an option to take some action, or your device will automatically take that action. For example, when you point the camera at the QR code above, you’ll see the option to visit a webpage. Some QR codes can do other things, like download some content or install an app.
When you use a dtx-powered QR code, we may collect some information about that interaction via cookies. For example, a Brand could display a dtx-powered QR code on a billboard, in an ad on TV, on the Brand’s product, or anywhere else, along with an invitation to scan it to get a coupon, find out more information about a product, or purchase a product (“Brand Destination”). If you scan it, your phone may visit a dtx Site (such as flowto.it, flwc.de or shop2.it) for a split second while on its way to the Brand Destination. At the dtx Site we may collect information, such as the IP address of your device, the time of the scan, information about the browser your device uses and about your device’s operating system. dtx may also use cookies and the other information collection technologydescribed above on that dtx Site and at the Brand Destination to collect information.
These technologies help:
How to opt-out of cookies
To opt out of the non-essential cookies, please select ‘Cookie Settings’ on our pop-up banner to view the full list of cookies in use and manage your preferences.
To learn more about interest-based advertising generally, or to opt out of targeted, interest-based ads by some of our current ad service partners, visit aboutads.info/choices from each browser you use.
For mobile devices, please read your operating system's instructions for complete instructions.
In addition, you may be able to set your browser to refuse certain types of cookies, or to alert you when certain types of cookies are being used. Some browsers offer similar settings for HTML5 local storage and other technologies. However, if you block or otherwise reject our cookies, local storage, JavaScript or other technologies, certain websites (including some of our own Sites) may not function as expected.
If you replace, change, upgrade or reset your browser or device, or delete your cookies, you may need to use these opt-out tools again. We do not respond to browser-based do-not-track signals.
QR Codes
When you point the camera on any modern phone or tablet at a QR code, you’ll either be given an option to take some action, or your device will automatically take that action. Some QR codes can do other things, like download some content or install an app.
When you use a dtx-powered QR code, we may collect some information about that interaction. For example, a brand could display a dtx-powered QR code on a billboard, in an ad on TV, on the brand’s product, or anywhere else, along with an invitation to scan it to get a coupon, find out more information about a product, or purchase a product (“Brand Destination”). If you scan it, your phone may visit a dtx Site (such as flowto.it, flwc.de or shop2.it) for a split second while on its way to the Brand Destination. At the dtx Site we may collect information, such as the IP address of your device, the time of the scan, information about the browser your device uses and about your device’s operating system. dtx may also use cookies and the other information collection technology described above on that dtx Site and at the Brand Destination to collect information. If you scan the QR Code using a dtx mobile application, dtx may also associate your geolocation at that time with your scan.
4. DATA TRANSFER – how we share your information
We share your information with third parties as follows:
Whenever we transfer your personal information out of the United Kingdom or Europe, we ensure a similar degree of protection by using at least one of the following safeguards:
Please contact us at [email protected] if you would like further information on the specific mechanism used by us when transferring your personal information out of the United Kingdom or Europe.
5. DATA SECURITY – how we protect your personal information
dtx have put in place appropriate technical and physical safeguards to protect your personal information and prevent your personal information from being accidentally lost or used, altered or accessed in an unauthorised way. We have put in place procedures to deal with data security breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.
Third parties will only process your personal information where they have agreed to treat the personal information confidentially and in a secure manner. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to access it.
We urge you to use a unique password for each of the Services, to keep them in a safe place and not to give them to anyone. Also remember to sign off your account and close your browser window when you have finished your visit to the Sites or your other use of the Services. However, no security method is perfect, and even if you take those steps, we cannot guarantee that any personal information will remain secure.
6. RETENTION – how long we keep your personal information for
In general, we will retain your information in identifiable form only for the time necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the potential risk of harm from unauthorised use or disclosure of your personal information, the amount, nature, and sensitivity of the personal information and the purposes for which we process your personal information, to determine if we can achieve those purposes through other means, and the applicable legal requirements.
Information may persist in copies made for backup and business continuity purposes for longer than original copies.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
7. PRIVACY RIGHTS – what rights you have regarding your personal information
If you are a resident of Nevada:
Under a Nevada privacy law, certain Nevada residents may opt out of the “sale” (as defined in that law) of certain categories of information about them for monetary consideration to a person for that person to license or sell such information to additional persons. As of the effective date of this Privacy Policy, we do not engage in such “sales” of information covered by that law. However, if you are a qualifying Nevada resident, you may submit a request to opt out of future “sales” by us under that Nevada law by writing to us as described below. We reserve the right take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.
If you are a resident of California:
This section applies only to “personal information” about California residents, as that term is defined in the California Consumer Privacy Act (CCPA), and it supplements the information in the Notice at Collection and the rest of this Privacy Policy. Personal information about individuals who are not residents of California may be handled differently and is not subject to the same California rights described below. This section also does not apply to personal information that we handle solely on behalf of a Brand or Creator, even when such information is about a resident of California.
Californians have a right to direct us not to “sell” certain personal information as that term is defined under the California Consumer Privacy Act or CCPA. You can exercise that right by completing our CCPA Data Requests Form or emailing us at [email protected]
CCPA Information and Deletion Rights
If you are a California resident, California law may permit you to request that we:
Certain information is exempt from such requests under applicable law. You also may have the right to receive information about the financial incentives that we offer to you (if any). You also have certain rights under the CCPA not to receive discriminatory treatment by dtx for the exercise of your CCPA rights. To request to exercise those CCPA rights, please email us at [email protected]. For security and legal reasons, dtx may not accept requests that require us to access third-party websites or services. We do not respond to browser-based do-not-track signals or similar mechanisms. We will take steps to verify your identity before responding to your request, which may include confirming that the browser in your possession matches the one associated with the relevant QR Codes, requesting that you respond to an email that we send to you, or otherwise verifying your name, email address or other information that will help us to confirm your identity.
If you are an agent making a request on behalf of a consumer, you must verify that you are authorized to make that request, which may include requiring you to provide us with written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney. We also may require the consumer to verify their identity directly with us.
CCPA “sale” of California personal information
dtx does not “sell” and has not “sold” personal information in the way those terms are conventionally defined. For example, we do not sell email lists or any other personal information in exchange for monetary value from a purchaser. However, the CCPA defines a “sale” in very specific terms, that may encompass some situations when a website or application uses third-party cookies and similar technology for its own analytics or advertising purposes, even when the website or application pays the third-party provider (not vice versa). dtx, like most companies, does use those sorts of services.
For that reason, prior to the effective date of this Privacy Policy, dtx is considered to have engaged in such “sales” (as defined in the CCPA) of what the CCPA calls “identifiers” (like IP addresses), “internet or other electronic network activity information” (like information regarding an individual’s browsing interactions with a website or application), and “commercial information” (like the fact that a browser visited a particular page) to our analytics and advertising vendors. These practices continue today.
To make a do-not-sell request, please email us at [email protected]. You will need to follow the steps in our email response to complete your request. To exercise more specific choices regarding our use of some of our analytics and advertising vendors, please use the controls described in the Cookies and Other Information Collection Technology section of our Privacy Policy. dtx has no actual knowledge of selling the personal information of minors under 16 years of age.
California Shine the Light Disclosure
The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we shared certain categories of “personal information” with third parties for their “direct marketing purposes” (as defined in the Shine the Light law) in the prior calendar year. To exercise that right, please contact us as described below.
If you are located in Europe or the United Kingdom:
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
Under certain circumstances you have the right to:
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party, please contact us.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any unauthorised people.
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
8. MARKETING – what choices you have regarding marketing you receive from us
You can unsubscribe from dtx marketing emails at any time. If you have established an online account with our Services, you may also be able to login to that account to access or change your personal information, or to use certain privacy preference settings.
If you do not want us to see or access your device location, you can turn off location sharing on your device, change your device privacy settings, or change your device’s location settings for our application. Please note that disabling such features may result in you not being able to access or receive some of the present or future content available in the Services.
If you would like to opt out of receiving marketing or promotional emails from dtx, please contact [email protected] or follow the instructions in those messages. Please note that if you opt out, we may still send you non-promotional or non-marketing messages, such as communications regarding Services you have requested.
9. CONTACT DETAILS – how to get in touch with us
If you have any questions about this Privacy Policy including any requests to exercise your legal rights, please contact us via: