Privacy Policy

Last updated: October 06, 2025

1. Introduction

ScanTacts ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital business card service.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

Personal Information You Provide:
  • Name and contact information
  • Email address
  • Phone number
  • Business information (company, job title)
  • Social media profiles (optional)
  • Profile photographs
  • Payment information (for premium services)
Automatically Collected Information:
  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Referring website
  • QR code scan analytics

3. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Consent: When you create an account and accept our terms
  • Contract: To provide our services to you
  • Legitimate Interests: To improve our services and prevent fraud
  • Legal Obligations: To comply with applicable laws

4. How We Use Your Information

  • To create and manage your digital business cards
  • To generate QR codes for your cards
  • To provide customer support
  • To send service-related communications
  • To process payments
  • To improve our services
  • To comply with legal obligations
  • To protect against fraud and abuse

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Service Providers: Third parties that help us operate our service
  • Legal Requirements: When required by law or court order
  • Business Transfers: In case of merger or acquisition
  • With Consent: When you explicitly agree to sharing

6. Your Rights (GDPR)

Under GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a portable format
  • Object: Object to certain processing activities
  • Restrict: Request restriction of processing
  • Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@scantacts.com

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security audits
  • Access controls and authentication
  • Employee training on data protection
  • Incident response procedures

8. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Until account deletion + 30 days
  • Business cards: Until manually deleted
  • Analytics data: 24 months
  • Financial records: 7 years (legal requirement)

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Privacy Shield certification (where applicable)

10. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect personal data from children. If we learn we have collected information from a child under 16, we will delete it immediately.

11. Contact Information

Data Controller: ScanTacts Ltd.

Email: privacy@scantacts.com

Address: [Your Business Address]

Data Protection Officer:
dpo@scantacts.com

Supervisory Authority:
You have the right to lodge a complaint with your local data protection authority.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.