Xecret.io

PRIVACY POLICY

Effective Date May 1, 2022

Standard Clouds, Inc. is doing business as Xecret.io hereinafter referred to as Xecret.io. Xecret.IO values your privacy. Xecret.io respects privacy rights and is committed to protecting personal information. Any questions about this Policy, should be sent to the email address provided below. References to Xecret.io in this Privacy Policy are to the Xecret.io company and its business operations. By accessing a Xecret.io platform or Services, visitors acknowledge the collection and handling of information as described in this Privacy Policy.

This Privacy Policy (“Policy”) covers how XECRET.IO uses personal information obtained in connection with its websites (Sites), and other platforms, applications (desktop and mobile), services, content, features, including, for example, QR codes (together referenced as "Services”). Xecret.IO provides Services to individual and organizational users, to secure their wallets.

The Policy sets out how Xecret.IO manages personal information and observes the privacy rights of users accessing Services or otherwise interacts with Xecret.io. For the purposes of the relevant privacy and data protection law, Xecret.io is located in the United States. Depending on the scope of the interactions with the Services, personal information may be stored in or accessed from multiple countries, including the United States. Whenever personal information is transferred to other jurisdictions, Xecret.io will ensure that the information is transferred in accordance with this Privacy Notice and as permitted by applicable data protection laws.

This Policy only applies to Xecret.io’s handling of personal information only. Third parties collect and handle personal information pursuant to their own policies and procedures, which may differ from this Policy. In that case, the responsibility is with those third parties. Xecret.io does not control third-party websites and are not responsible for other parties’ privacy policies or procedures. Xecret.io encourages users to read the privacy policy and cookie notices of every website. This Policy also does not apply to any content or other interactions which would be governed through the Xecret.io’s Terms of Use.

The types of information collected are described in the Notice at Collection section below. Some of that information collection technology is collected automatically. Personal information submitted from third parties, like service providers and data partners, as well as from publicly available websites may also be collected. If QR codes are shared with another person, that information may be collected in the same categories of information as described in the Notice at Collection and this Privacy Policy, and that collection of information will be subject to the terms of this Privacy Policy.

This Policy does not form part of any contract of services. This Privacy Policy will be updated from time to time and notice will be provided through those portals through which the Services are accessed.

1. Collection and use of personal information

a. Qualified users

Services are not directed at, and should not be used by, children under the age of 16. If Xecret.io learns it has collected the personal information of a child under the age of 16, that information will be deleted and Xecret.io will takes other steps if required under applicable law. If the personal information of a child under the age of 16 by was provided, please let us know via or contact form.

b. When Personal Information Might be Collected

Personal information might be submitted to Xecret.io when a user:

Searches for, subscribes to, or purchases Services;
Creates or administers a Xecret.io account;
Configure settings for, provide data access permissions for, or otherwise interact with Services;
Purchases or uses content, products, or services from third-party providers through the Xecret.io (or other similar venues operated or provided by us);
Offers content, products, or services on or through Xecret.io platforms;
Communicates with Xecret.io by phone, email, or otherwise;
Completes a questionnaire or other information request forms;
Posts on Xecret.io chat features or participates in community features.

Types of personal information

Depending on the use of Xecret.io Services, Users might supply such information as:

Name, email address, physical address, phone number, and other contact information;
Payment information, including credit card and bank account information;
Location information;
Information about User’s organization and contacts, such as colleagues or people within User’s organization;
Usernames, aliases, roles, authentication and security credential information;
Content of feedback, testimonials, inquiries, support tickets, and any phone conversations, chat sessions and emails between User and Xecret.io;
User’s images or video, voice, and other personal identifiers;
Information regarding identity, including government-issued identification information;
Corporate and financial information;
VAT numbers and other tax identifiers.

c. Types of Personal Information Collected Automatically

In certain instances, personal information is collected automatically through a User’s engagement with Services, including but not limited to circumstances such as:

Visits, interactions, or use of Xecret.io and its Services (including when a computer or other device to interact is used);
Download of content;
Accessing emails or links through email messages;
Interactions or communications (such as requesting customer support).

Examples of the information automatically collected:

network and connection information, such as the Internet protocol (IP) address to connect User’s computers or other devices to the Internet and information about User’s Internet service provider;
The location of User’s device or computer;
Computer and device information, such as device, application, or browser type and version, browser plug-in type and version, operating system, or time zone setting;
Authentication and security credential information;
Content interaction information, such as content downloads, streams, and playback details, including duration and number of simultaneous streams and downloads;
Service metrics, such as usage, occurrences of technical errors, diagnostic reports, settings preferences, backup information, API calls, and other logs;
The full Uniform Resource Locators (URL) clickstream to, through, and from Xecret.io websites (including date and time), content viewed or searched, response times, download errors, and page interaction information (such as scrolling, clicks, and mouse-overs);
Email addresses and phone numbers;
Identifiers and information contained in cookies (see Cookie Notice in Section 2).

d. Collection and Disclosure of California Personal Information

The two charts below describe the categories of California personal information Xecret.io may collect and the categories of third parties to whom such information has been disclosed for a business purpose, during the 12 months leading up to the effective date of this Privacy Policy:

Information collected when QR is scanned:
Category of personal information collected	Categories of third parties to which it was disclosed for a business purpose
Identifiers, such as IP address	Affiliates, customers, and service providers, contractors or agents performing functions for Xecret.io, such as data storage and hosting providers; email service providers, analytics providers, network and system management providers, communications tools, IT support providers, CRM providers, incentive providers, accounting services.
Commercial information, such as information about use of QR codes	Categories of third parties to which it was disclosed for a business purpose
Internet or other electronic network activity information, such as technical data about a User’s device and information about User’s use of QR codes and User’s interactions with Services	Categories of third parties to which it was disclosed for a business purpose
Inferences drawn from any of the above information	Categories of third parties to which it was disclosed for a business purpose

Other personal information
Category of personal information collected	Categories of third parties to which it was disclosed for a business purpose
Identifiers, such as names, usernames, email addresses, phone numbers and addresses	Affiliates, customers, and service providers, contractors or agents performing functions on behalf of Xecret.io, such as data storage and hosting providers; email service providers, analytics providers, network and system management providers, communications tools, IT support providers, CRM providers, incentive providers, accounting services.
Professional or employment-related information	Categories of third parties to which it was disclosed for a business purpose
Commercial information, such as information provided to communications (some of which is personal information) and information about purchases or interactions with Services	Categories of third parties to which it was disclosed for a business purpose
Financial information, such as payment card numbers	Handled directly by payment card processors and payment service provider
Internet or other electronic network activity information, such as technical data about devices and interactions with Xecret.io platforms and Services	Categories of third parties to which it was disclosed for a business purpose
Inferences drawn from any of the above information	Categories of third parties to which it was disclosed for a business purpose

2. COOKIE NOTICE

Through accessing Xecret.io Services and platforms, information may be collected from User’s devices by automated means such as cookies, web beacons, local storage, JavaScript, mobile-device functionality and other computer code. This information may include unique browser identifiers, IP address, browser and operating system information, device identifiers (such as the Apple IDFA or Android Advertising ID), geolocation, other device information, Internet connection information, as well as details about usage and interactions with the relevant websites, applications, email messages or other online property (for example, the URL of the third-party website linked to the pages and content on Xecret.io Site that are viewed, how frequently Services are accessed or used, and how Users engage with or navigate Services (including landing page links, error logs, and other similar information). In some cases (such as cookies), the tools described here involve storing unique identifiers or other information on User’s devices for later use.

In addition, when a camera on any modern phone or tablet is focused at a QR code, Users may be given either an option to take some action or the device will automatically take an action. For example, when a camera is pointed at a QR, the option to visit a webpage might be presented. QR codes can also enable other actions, like downloading content or installing an app.

When using a Xecret.io QR code, some information may be collected about that interaction via cookies. For example, a third party could display a Xecret.io QR code with an invitation to scan. If scanned User’s phone may visit a Xecret.io landing page on its way to the ultimate engagement location. The Xecret.io portal may collect information, such as the device’s IP address, the time of the scan, information about the device’s browser and the device’s operating system.

These technologies are used to help:

Display personalized content;
Store User’s settings on the visited pages to provide preferred content during a subsequent visit;
Perform User’s analytics and better understand the demographics, measure traffic and usage trends;
Diagnose and fix technology problems;
Plan for and enhance business features;
Facilitate other uses and disclosures described in this Policy.

Opt-out of Cookies

To opt out of non-essential cookies, please select ‘Cookie Settings’ to view and manage the full list of cookies. To learn more about interest-based advertising generally, or to opt out of targeted, interest-based ads by some ad service partners, visit aboutads.info/choices from each browser used.

Mobile Devices

Users should read the operating system's instructions for complete instructions.

iOS 7 or Higher: Go to your Settings > Select Privacy > Select Advertising > Enable the "Limit Ad Tracking" setting.
For Android devices with OS 2.2 or higher and Google Play Services version 4.0 or higher: Open your Google Settings app > Ads > Enable "Opt out of interest-based advertising".

If Users replace, change, upgrade or reset browser or device settings, or delete cookies, opt-out may need to be employed again.

3. DATA TRANSFER: Sharing Personal Information

Potential sharing of User information with third parties may be as follows:

Vendors: User information may be shared with companies that provide services to Xecret.io, including, without limitation, servicing certain aspects of Services or platforms, such as sending emails and fulfilling customer service requests.
Affiliates: User information may be shared with other Xecret.io companies.
Business Partners: When permitted by applicable privacy laws and with User’s consent if required by law, personal information may be shared with businesses with which Xecret.io partners to offer further products, services, and promotions.
Legal Proceedings: When disclosure is appropriate due to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency; required to establish or exercise Xecret.io’s legal rights; required to defend against legal claims; or as otherwise required by law;
Compliance: Personal information may be shared when disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Xecret.io, its users, employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce Xecret.io Services’ terms and conditions or other agreements or policies.
Corporate Transactions: Personal information may be disclosed as part of, or to take steps in anticipation of, a sale of all or a portion of Xecret.io business, a divestiture, merger, consolidation, or asset sale, a bankruptcy, or other significant corporate event.

International concerns

Whenever personal information is transferred out of the United States, Xecret.io will employ a similar degree of care as its uses in California.

4. DATA SECURITY: Personal Information Protections

Xecret.io has established appropriate technical and physical safeguards to protect User’s personal information and prevent the accidental loss or use of personal information, or its alteration or access without authorization. Procedures to deal with data security breaches are in place and Users, and any applicable regulator when legally required, will be notified.

Any third parties process User’s personal information when they have agreed to treat the personal information confidentially and in a secure manner. In addition, access to User’s personal information, if granted to employees, agents, contractors and other third parties, is provided only under a business need for access.

Users are encouraged to use a unique password to access Services, and it is stored in a safe place and not provided to anyone. It is also important to sign off from the account and close the browser window when a transaction is finished. No security method is perfect, and even with diligence, there is no guarantee that any personal information will remain secure.

5. RETENTION: Keeping Personal Information

Personal information, in its identifiable form, is only retained for the time necessary to fulfil the purposes for which it is required to be collected, for example for legal, accounting, or reporting purposes. To determine the appropriate retention period for personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the amount, nature, and sensitivity of the personal information and is balanced against the purposes for which personal information is processed, to determine if those purposes can be achieved through other means, and the applicable legal requirements.

In certain circumstances, copies may be made for backup and business continuity purposes for longer than original copies. In most circumstances we the personal information will be anonymous so that it no longer is associated with Users, in which case the personal information will be used without further notice.

6. PRIVACY RIGHTS

a. Nevada

Certain Nevada residents may opt out of the sale (as defined by NV law) of certain categories of information for monetary consideration to be used in a license or sale of such information to others. As of the effective date of this Policy, Xecret.io does not sell personal information covered by NV law. If and when Xecret.io does sell personal information, qualifying Nevada residents may submit a request to opt out by writing to Xecret.io at our contact form.. Xecret.io reserves the right take reasonable steps to verify such User’s identity and the authenticity of the request.

b. California

This section applies only to personal information about California residents, as defined in the California Consumer Privacy Act (CCPA), supplements the information in the Notice at Collection and the rest of this Policy. Users who are not residents of California may have their personal information rights managed differently and are not subject to the same California rights described here. This section also does not apply to personal information handled solely on behalf of organizations, even when such information is about a resident of California.

Californians have a right to direct Xecret.io to not sell certain personal information as that term is defined under the California Consumer Privacy Act or CCPA. To exercise that right, email Xecret.io at our contact form..

CCPA Information and Deletion Rights

When User is a California resident, California law permits requests to:

Inform Users of the categories of personal information that are collected about them in the last twelve months; the categories of sources of such information; the categories of personal information (if any) that are sold or disclosed Users for a business purpose, the business or commercial purpose for collecting or (if applicable) selling personal information; and the categories of third parties to whom personal information was sold or otherwise disclosed for a business purpose.
Provide a copy of certain information held about Users.
Delete certain information stored about Users.

Certain information is exempt from such requests under applicable California law. The CCPA ensures that Users will not receive discriminatory treatment for the exercise of these CCPA rights. To request to exercise those CCPA rights, please email us through our contact form.. For security and legal reasons, Xecret.io may not accept requests that require access to third-party websites or services. Xecret.io does not respond to browser-based do-not-track signals or similar mechanisms. Xecret.io will take steps to verify User’s identity before responding to requests, which may include confirming that the browser in the User’s possession matches the one associated with the relevant QR Codes, requesting that Users respond to email messages, or otherwise verifying User’s identity, name, email address or other information that will help confirm User’s identity.

If agent makes a request on behalf of a user, that agent must verify the authorization to make that request, which may include requiring the provision of written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney. The User may also be required to verify their identity directly with Xecret.io.

CCPA Sale of California personal information

Xecret.io does not sell and has not sold personal information in the way those terms are conventionally defined. For example, Xecret.io does not sell email lists or any other personal information in exchange for monetary value from a purchaser. However, the CCPA defines a sale in very specific terms that may encompass some situations when a website or application uses third-party cookies and similar technology for analytics or advertising purposes, even when the website or application pays the third-party provider (not vice versa). Xecret.io, like most companies, does use those kinds of services.

For that reason, prior to the effective date of this Privacy Policy, Xecret.io is considered to have engaged in such “sales” (as defined in the CCPA) of what the CCPA calls “identifiers” (like IP addresses), “internet or other electronic network activity information” (like information regarding an individual’s browsing interactions with a website or application), and “commercial information” (like the fact that a browser visited a particular page) to Xecret.io analytics and advertising vendors.

Submit do-not-sell requests to our contact form.. An email message containing follow up steps will be sent in response. To exercise more specific choices regarding Xecret.io’s use of analytics and advertising vendors, Users should manage the controls described in this Policy. Xecret.io has no actual knowledge of sales of the personal information of minors under 16 years of age.

California Shine the Light Disclosure

California’s “Shine the Light” law provides California residents the right under certain circumstances to request information from companies regarding the manner in which they share certain categories of “personal information” with third parties for their “direct marketing purposes” (as defined in the Shine the Light law) in the prior calendar year. To exercise that right, please send requests to our contact form..

c. Europe or the United Kingdom

Under certain circumstances Users may have the right to:

Request access to personal information (also known as “data subject access request”). This enables the receipt of a copy of the User’s personal information held about to check Xecret.io’s lawfully process.
Request correction of User’s personal information. This enables Users to correct any incomplete or inaccurate information.
Request deletion of personal information. This enables the deletion or removal of personal information if there is no good reason for its continued retention and processing.
Object to processing of personal information where Xecret.io relies on a legitimate interest (or those of a third party) for its retention and there is something about User’s particular situation which creates an objection to processing on this ground. Users also have the right to object to the processing of personal information for direct marketing purposes.
Request the restriction of processing User’s personal information. Users may ask Xecret.io to suspend the processing of personal information, for example to establish its accuracy or the reason for processing it.
Request the transfer of personal information to another party.

If a User wishes to review, verify, correct or request deletion of personal information, object to the processing of personal information, or request the transfer of a copy of personal information, submit any changes or requests to our contact form.. There is no fee to access personal information or to exercise any of the other rights. However, a reasonable fee or costs may be charged if a request for access is unfounded or excessive. Alternatively, the request in such circumstances may be refused.

Also, in the process of responding to User requests, specific information may be requested in order to confirm the User’s identity. This security measure is to ensure that personal information is not disclosed to any unauthorized individuals or organizations. In the limited circumstances where a User may have provided consent to such collection, processing and transfer of personal information for a specific purpose, the User will have the right to withdraw consent for that specific processing at any time. Such a withdrawal should be provided to the appropriate Xecret.io representative. Once the withdrawal notification has been received, the information will no longer be processed for originally agreed-upon purpose or purposes, unless another legitimate basis exists under the applicable law.

7. Marketing Choices

Users may unsubscribe from Xecret.io marketing emails at any time by sending a message to our contact form. and follow the message’s instructions. A User may also make change through an online account for Services, if established. Once such features are disabled, changes may affect the access or retrieval of content Services. It should be noted that even after opting out, Users may still receive non-promotional or non-marketing messages, such as communications regarding Services.

9. CONTACT US

Any questions or comments about this Policy, including requests to exercise legal rights, please contact Xecret.io via:

contact form

mail at:

5461 W. Jefferson Blvd. Los Angeles, CA 90016

Xecret.io
Attn:Privacy Team