Privacy Policy

Explrd Ventures LLC ("we", "us", "our", "Company") operates Sprykit™ Connect ("Service", "Platform"), a software-as-a-service platform for QR code generation, URL shortening, and landing page creation. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

1. Information We Collect

1.1 Information You Provide Directly

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, password, company name, and phone number
• Profile Information: Job title, profile picture, and other optional profile details
• Billing Information: Payment card details, billing address, and tax identification numbers (processed securely through our payment processor)
• Content: QR codes you create, URLs you shorten, landing pages you design, uploaded images, logos, and other files
• Communications: Messages you send to our support team, feedback, survey responses, and other correspondence
• Team Information: Details about team members you invite to your account, including their email addresses and assigned roles

1.2 Information Collected Automatically

When you access or use our Service, we automatically collect certain information:

• Usage Data: Pages visited, features used, time spent on pages, links clicked, search queries, and interaction patterns
• Device Information: Device type, operating system, browser type and version, screen resolution, and device identifiers
• Log Data: IP address, access times, error logs, and referring/exit pages
• Location Data: General geographic location derived from IP address
• Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies (see Section 7)

1.3 Analytics and Scan Data

When someone scans a QR code or accesses a shortened URL created through our Service, we collect:

• Scan Events: Date and time of each scan or click
• Device Information: Device type, operating system, browser type
• Location Data: Geolocation information (city, region, country) derived from IP address using third-party geolocation services (ipapi.co)
• IP Address: Internet Protocol address of the scanning device
• Referrer Information: Source of the scan (e.g., website, social media platform)
• User Agent: Browser and device characteristics

Note: This analytics data is provided to you (the QR code or link creator) as part of the Service. End users who scan QR codes should be aware that analytics may be collected.

1.4 Information from Third Parties

We may receive information about you from third parties:

• Authentication Services: If you use single sign-on (SSO) or social login, we receive information from your identity provider
• Payment Processors: Transaction and payment confirmation data from Stripe or other payment providers
• Business Partners: Information from companies that integrate with our Service
• Public Sources: Publicly available information to verify business details or prevent fraud

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Maintain the Service

• Create and manage your account
• Generate QR codes and shortened URLs
• Host and display landing pages
• Process and redirect QR code scans and link clicks
• Provide analytics and reporting features
• Enable team collaboration and access controls
• Store your content and preferences

2.2 To Process Payments and Subscriptions

• Process subscription payments and manage billing
• Prevent fraud and unauthorized transactions
• Issue invoices and receipts
• Handle refunds and payment disputes

2.3 To Communicate with You

• Send service-related notifications (e.g., account changes, security alerts)
• Respond to your inquiries and support requests
• Send administrative messages and updates about the Service
• Request feedback and conduct surveys (with your consent)
• Send marketing communications about new features and promotions (with your consent, and you may opt out)

2.4 To Improve and Develop the Service

• Analyze usage patterns to improve features and user experience
• Conduct research and development for new products and services
• Test and debug the Service
• Train machine learning models to enhance functionality
• Generate aggregated, anonymized analytics

2.5 For Security and Legal Compliance

• Detect, prevent, and investigate fraud, abuse, and security incidents
• Enforce our Terms of Service and Acceptable Use Policy
• Comply with legal obligations and respond to lawful requests
• Protect the rights, property, and safety of our users and the public
• Maintain audit logs and security monitoring

2.6 With Your Consent

We may use your information for other purposes with your explicit consent, which you can withdraw at any time.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 With Service Providers

We share information with third-party vendors who perform services on our behalf:

• Cloud Hosting: AWS, DigitalOcean, or similar providers for data storage and computing
• Payment Processing: Stripe for payment and subscription management
• Email Services: Email delivery providers for transactional and marketing emails
• Geolocation Services: ipapi.co for IP-based location data
• Analytics Tools: Services that help us understand Service usage
• Customer Support: Help desk and ticketing systems
• Security Services: Tools for fraud detection and security monitoring

These service providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures.

3.2 With Your Team Members

If you use our multi-tenant features, information may be shared with other members of your organization according to the permissions you configure.

3.3 For Legal Reasons

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders, warrants)
• Government or regulatory requests
• Law enforcement investigations
• Situations involving potential threats to public safety or security
• Enforcement of our legal rights or defense of legal claims

3.4 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or control of your personal information.

3.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

3.6 Aggregated or Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This includes industry benchmarks, usage statistics, and research findings.

4. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

4.1 Account Data

We retain your account information for the duration of your account plus a reasonable period thereafter (typically 30-90 days) to allow for account recovery or transition.

4.2 Content and QR Codes

Your QR codes, landing pages, and associated content are retained while your account is active and for a limited period after account closure. We recommend exporting important data before closing your account.

4.3 Analytics Data

Scan and analytics data may be retained in accordance with your subscription plan's data retention policy (e.g., 90 days, 1 year, or longer for Enterprise plans). We may retain aggregated analytics indefinitely.

4.4 Legal and Compliance Records

We retain certain records (e.g., billing records, audit logs, legal correspondence) as required by law or legitimate business interests, typically for 7 years or as mandated by applicable regulations.

4.5 Backups

Information may remain in backup systems for a limited period after deletion from production systems. We maintain backups for disaster recovery and business continuity purposes.

5. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your information from unauthorized access, disclosure, alteration, and destruction.

5.1 Security Measures

• Encryption: Data in transit is encrypted using TLS/SSL; sensitive data at rest is encrypted
• Access Controls: Role-based access controls and principle of least privilege
• Authentication: Secure password hashing (bcrypt) and optional multi-factor authentication
• Monitoring: Security logging, intrusion detection, and regular security audits
• Infrastructure: Secure cloud infrastructure with regular security updates
• Employee Training: Regular security awareness training for our team

5.2 Your Responsibility

You are responsible for maintaining the confidentiality of your account credentials. Do not share your password, and notify us immediately if you suspect unauthorized access to your account.

5.3 No Guarantee

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, and you use the Service at your own risk.

6. International Data Transfers

Explrd Ventures LLC is based in the United States. Your information may be transferred to, stored, and processed in the United States or other countries where we or our service providers operate.

These countries may have data protection laws that differ from those of your country of residence. By using the Service, you consent to the transfer of your information to the United States and other countries.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on appropriate data transfer mechanisms such as Standard Contractual Clauses (SCCs) when transferring personal data outside these regions.

7. Cookies and Tracking Technologies

7.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve the Service. We use cookies and similar technologies (web beacons, pixels, local storage) to recognize you, remember your preferences, and analyze usage.

7.2 Types of Cookies We Use

• Essential Cookies: Required for the Service to function (e.g., authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use the Service
• Marketing Cookies: Track your activity for advertising purposes (with your consent)

7.3 Your Cookie Choices

Most browsers allow you to control cookies through their settings. You can block or delete cookies, but this may affect your ability to use certain features of the Service. Essential cookies cannot be disabled without impacting functionality.

You can opt out of analytics tracking through your account settings or by using browser privacy features like Do Not Track (DNT).

8. Your Privacy Rights

8.1 General Rights

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal exceptions)
• Data Portability: Request a copy of your data in a structured, machine-readable format
• Objection: Object to certain processing of your personal information
• Restriction: Request restriction of processing in certain circumstances
• Withdraw Consent: Withdraw consent for processing based on consent (without affecting prior processing)

8.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal information we collected from you
• Right to Opt-Out: We do not sell personal information, but you may opt out if practices change
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
• Authorized Agent: You may designate an authorized agent to make requests on your behalf

California "Shine the Light" Law: California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

8.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@sprykit.com or through your account settings. We will respond to verified requests within the time period required by applicable law (typically 30-45 days).

We may need to verify your identity before processing your request. For security purposes, we may request additional information to confirm your identity.

9. Children's Privacy

The Service is not directed to individuals under the age of 18, and we do not knowingly collect personal information from children under 18. If you are under 18, do not use the Service or provide any information to us.

If we learn that we have collected personal information from a child under 18, we will delete that information as quickly as possible. If you believe we have collected information from a child under 18, please contact us immediately at privacy@sprykit.com.

10. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services that are not owned or controlled by us. We are not responsible for the privacy practices of these third parties.

When you click on a QR code or shortened link, you may be redirected to a third-party destination. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated Privacy Policy on this page and update the "Last Updated" date.

If we make material changes, we will provide notice through the Service, by email, or other appropriate means before the changes become effective. Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For California residents: You may also contact us to request information about our compliance with California privacy laws.