Section 1 – Introduction
For the purposes of this Policy, “Personal Information” means any information relating to an identified or identifiable individual. This includes Personal Information collected and processed by us when you access our websites, (including https://qpilot.cloud (the “Website”)), the QPilot app, and/or any of our services that link to this Policy (collectively, our “Services”).
This Policy describes the Personal Information that we gather from you on the Services, how we use and disclose such Personal Information, your rights and choices with respect to your Personal Information, and how you can contact us if you have any questions or concerns.
Beyond this Policy, your use of our Services is also subject to our Terms of Service.
Section 2 – Information from our Merchants
When you access the QPilot app, we receive Personal Information about you as set forth below:
- We collect your name, email, business address, phone, and time zone.
- We require this information to provide you with our service, for example to be able to contact you, properly show dates on your checkout, and correctly format invoice information.
- We collect information about the QPilot hosted websites you visit, as well as information about how and when you visit, your network information (such as the IP address).
- We need this information to give you access to and improve our Services.
- We collect Personal Information on your customers that you share with us or that customers provide to us while shopping or during checkout.
- We use this information to provide you with our Services and so that you can process orders.
- We will also use Personal Information in other cases where you have given us your permission.
Section 3 – Information from our Merchants’ Customers
When you purchase something from a store for which we manage repeat deliveries, we collect the Personal Information your customers provide us as set forth below.
- We collect each customer’s name, email address, shipping address, and billing address.
- We require this information in order to provide you and your customer with our Services.
- We collect each customer’s credit card or PayPal information.
- We require this information in order to bill your customer and fund your business.
- When customers browse your checkout and create orders, we collect information about their computer and network traffic.
- We use this information for security purposes and to provide you and your customer with our Services.
- We will also use Personal Information in other cases where you have given us your express permission.
Section 4 – Information from our Partners
Partners are individuals or businesses who have partnered with QPilot to provide an integration or a service to the merchants who use the QPilot platform. When you register as a QPilot Partner, we collect information about your business in order to accurately present information about your business to our merchants.
- We collect a Partner’s name, address, phone number, and email address.
- We require this information in order to work with you, confirm your identity, and contact you.
- We collect information about the QPilot pages you visit and how you use your account. This includes network and computer information, such as your IP address and Browser.
- We use this information to give you access and improve our services.
- We collect Personal Information about your customers that you share with us or that they provide to us directly.
- We use this information to work with you and to provide our Services to your customers.
- We will also use Personal Information in other cases where you have given us express permission.
Section 5 – Consent
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask you for your Personal Information for a secondary reason like marketing, we will either ask you directly for your express consent or provide you with an opportunity to opt out of such uses of your Personal Information.
How do I access my personal information?
You can access, amend, and correct your Personal Information anytime. Both merchants and their customers have full access to update or delete their Personal Information from the merchant admin access or the Customer Portal. If you are unable to change any Personal Information, please contact us to make the changes. It is important to remember if you delete or limit the use of your Personal Information, our Services may not function properly.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com or mailing us at:
1644 Platte Street, Suite 400
Denver, CO 80033, USA
What if I am based in the EEA?
- If you are located in the European Economic Area, you have the additional rights described below.
- You may request access to and receive information about the Personal Information we maintain about you, update and correct inaccuracies in your Personal Information, restrict or object to the processing of your Personal Information, have the Personal Information anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your Personal Information to another company. You also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where an incident took place.
- You may withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent.
- You may exercise these rights by contacting us using the contact details at the end of this Policy. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases promptly or within a reasonable period of time, we may retain information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
Section 6 – Our Use of European Personal Information
If you are located in the European Economic Area, we only process your Personal Information when we have a valid “legal basis”, including when:
- Contractual necessity. We need your Personal Information to provide you with the Services, including, for example, to respond to your inquiries.
- Compliance with a legal obligation. We have a legal obligation to use your Personal Information, including, for example, to comply with tax and accounting obligations.
- Legitimate interests. We or a third party have a legitimate interest in using your Personal Information. In particular, we have a legitimate interest in using your Personal Information for product development and internal analytics purposes, and otherwise to improve the safety, security, and performance of our Services. We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.
Section 7 – Disclosure
Except as described in this Policy, we will not disclose your Personal Information that we collect on the Services to third parties without your consent. We may disclose Personal Information to third parties if you consent to us doing so, as well as in the following circumstances:
- Affiliates. We may share any Personal Information we receive with our affiliates for any of the purposes described in this Policy.
- Vendors and Service Providers. We may share any Personal Information we receive with vendors and service providers retained in connection with the provision of our Services as described in Section 9 below regarding “Information shared with Third-Party Services”.
- Analytics Partners. We use analytics services such as Google Analytics to collect and process certain analytics data. These services may also collect Personal Information about your use of other websites, apps, and online resources. You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/.
- Advertising Partners. We work with third-party advertising partners to show you ads that we think may interest you. Some of our advertising partners are members of the Network Advertising Initiative (http://optout.networkadvertising.org/?c=1#!/ ) or the Digital Advertising Alliance (http://optout.aboutads.info/?c=2&lang=EN ). If you do not wish to receive personalized ads, please visit their opt-out pages to learn about how you may opt out of receiving web-based personalized ads from member companies. You can access any settings offered by your mobile operating system to limit ad tracking, or you can install the AppChoices mobile app to learn more about how you may opt out of personalized ads in mobile apps.
- As Required by Law and Similar Disclosures. We may access, preserve, and disclose your Personal Information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety. For the avoidance of doubt, the disclosure of your Personal Information may occur if you post any objectionable content on or through the Services.
- Merger, Sale, or Other Asset Transfers. We may transfer your Personal Information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.
- Consent. We may disclose your Personal Information with your consent.
If you believe your Personal Information has been used in a manner not consistent with the policies outlined, please contact us using the information provided below. If your complaint remains unresolved, you may also contact JAMS International. This organization provides independent dispute resolution services, at no charge to you. JAMS International can be contacted at https://www.jamsadr.com/eu-us-privacy-shield.
If, after attempting to resolve a dispute through JAMS International, you feel that your concerns about the use of your Personal Information have not been resolved, you may seek resolution of the issue through binding arbitration. For more information about the binding arbitration process, please visit http://www.privacyshield.gov.
Section 8 – E-Commerce Platform
As applicable, our store is hosted by your e-commerce platform (the “Platform”). The Platform provides us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored in the Platform’s data storage, databases and the Platform’s general application.
If you choose a direct payment gateway to complete your purchase, then the Platform stores your credit card data, which is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help to ensure the secure handling of credit card information.
Section 9 – Information shared with Third-Party Service Providers
Our third-party providers will only collect, use and disclose your Personal Information to the extent necessary to allow them to perform the services they provide to you and to us.
- We may share customer name, email, phone, shipping and billing address information of a merchant’s customers with the Platform.
- We provide this information to the Platform in order to provide our merchants with our Services.
- We may share credit card and billing address information of a merchant’s customers with payment gateways.
- We provide this information to payment gateways in order to provide our merchants with our Services.
- We may share shipping address information of a merchant’s customers with address validation and fulfillment services.
- We provide this information to fulfillment services in order to provide our merchants with our Services.
- We may share your Personal Information with other third-party service providers if you have asked us to do so or have given your consent.
Certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your Personal Information will be handled by these providers.
Section 10 – International Data Transfers
The Services are hosted in the United States and are intended for visitors located within the United States. If you choose to use the Services from regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing, which may not have the same data protection laws as your jurisdiction.
QPilot has certified with the EU-U.S. Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries. QPilot Communications is subject to jurisdiction under the US Federal Trade Commission and has certified that they adhere to the EU-U.S. Privacy Shield framework of notice, choice, onward transfer, security, data integrity access and enforcement. To learn more about the EU-U.S. Privacy Shield framework, and to view the Companies’ certification, please visit https://www.privacyshield.gov/
If you are based in the European Economic Area, your Personal Information may also be held, processed and accessed outside the European Economic Area to countries that have not been determined by the European Commission to provide an adequate level of data protection, for instance the United States. In any such transfer, we will put in place appropriate data protection safeguards (e.g. European Commission’s Standard Contractual Clauses). Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. To obtain a copy of the relevant transfer mechanism or additional information on the transfers, please contact us using the contact information below.
Section 11 – Security
We make reasonable efforts to protect your Personal Information by using physical and electronic safeguards designed to improve the security of the personal Information we maintain. However, as no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your Personal Information.
Section 12 – Retention
We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when your Personal Information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the specific retention period, we take into account various factors, such as the type of Services provided to you, the nature and length of our relationship with you, and any mandatory retention periods provided by law and the statute of limitations.
Section 13 – What Are Cookies and How Do We Use Them
We may also use web beacons, tracking technology and other automated tracking methods on our websites, in communications with you, and in our products and services, to measure performance and engagement. When you access these pages or open or click an email, the pixel tags and web beacons generate a notice of that action. These tools allow us to measure response to our communications and improve our web pages and promotions.
Below is an overview of the types of cookies we and third parties may use to collect Personal Information.
- Strictly necessary cookies. Some Cookies are strictly necessary to make the Services available to you. We cannot provide you with the Services without this type of cookies.
- Functional cookies. These are used to recognize you when you return to the Services. This enables us to adapt our content for you, and remember your preferences (for example, your choice of language or region).
Section 14 – Children’s Privacy
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
We do not knowingly collect, maintain, or use Personal Information from children under 13 years of age, and no part of our Services are directed to children under 13. If you learn that a child has provided us with Personal Information in violation of this Policy, you may notify us at firstname.lastname@example.org.
We will post any adjustments to this Policy on this page, and the revised version will be effective when it is posted. If we materially change the ways in which we use or share Personal Information previously collected from you through the Services, we will notify you through the Services, by email, or other communication.
Enforcement: QPilot will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that QPilot determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.
Assessment: QPilot will conduct an annual review to ensure adherence to the Privacy Shield framework requirements and complaint handling procedures.
Section 17 – Questions and Contact Information
If you have any questions, comments or concerns about our processing activities, please contact our Privacy Compliance Officer at email@example.com or by mail at:
1644 Platte Street, Suite 400
Denver, CO 80033, USA