background 1 tu-logo
background 1
background 1 tu-logo

PRIVACY POLICY FOR Controlled Logic™

Effective Date: January 1, 2025

INTRODUCTION - Overview of this Privacy Policy

This Privacy Policy outlines how Controlled Logic™ and its business operations handle personal information. It applies to our websites ("Sites"), services, features, content, applications (desktop and mobile), and technology, including but not limited to our QR Codes known as Controlled Logics, CLTags, API, CL-Leads tool, Conversion Pixel, and data services (collectively referred to as our "Services").

Controlled Logic™ facilitates connections for companies and organizations ("Brands") as well as for individual users of our Services ("Creators"). This Privacy Policy explains how we collect, store, and use personal information from users, whether they are Brands, Creators, or individuals interacting with our Services. Additionally, it covers the personal data we collect in business-to-business interactions and marketing activities. We are committed to respecting and protecting your privacy.

For compliance with privacy and data protection laws in jurisdictions such as the United Kingdom and the European Union, Controlled Logic™ is generally considered the "controller" of personal information, except where we act as a "processor" on behalf of a Brand or Creator. This means we determine how personal information is used and stored. However, our Privacy Policy does not govern how Brands, Creators, or other third parties handle personal data, as they maintain their own policies.

By using our Sites or Services—such as scanning a Controlled Logic-powered QR code, creating a Personal QR code or CLPage, or interacting with CLTags—you consent to the collection and handling of your personal information as outlined in this Privacy Policy.

The types of information we collect are detailed in the Key Privacy Details section below. This information may be provided directly by you or collected automatically through various means, including partnerships with Brands, Creators, service providers, and data partners. It is essential to read this Privacy Policy along with any other privacy notices provided to fully understand how and why we use personal information. This Privacy Policy is not a contractual agreement but an informational document subject to periodic updates.

KEY PRIVACY DETAILS - Collection and Use of Personal Information

This section provides essential details on how Controlled Logic™ (operating as Controlled Logic™ and CLPage) collects and processes personal information. This policy does not apply to personal information handling by our customers (Brands and Creators). For comprehensive details, please review this Privacy Policy in its entirety.

QR Codes and Data Collection

When a QR code is scanned using a mobile device, the device may automatically take an action, such as redirecting to a webpage or initiating a download. Controlled Logic-powered QR codes may collect interaction data through cookies and other tracking technologies. If a Brand or Creator places a Controlled Logic-powered QR code in an advertisement, product packaging, or other locations, scanning the QR code may result in data collection, including:

If the QR code is accessed via a Controlled Logic™ mobile application or a browser with geolocation enabled, Controlled Logic™ may collect and share precise location data with the associated Brand or Creator.

Personal Information We Collect Data collected from QR Code interactions:

Data collected through other interactions:

For more details on data collection via cookies, please refer to the Cookie Notice section below.

How We Use Personal Information

We process personal information for the following purposes:

The California Consumer Privacy Act ("CCPA") defines the "sale" of personal information in California as the exchange of user data with third parties for monetary compensation, similar to the practices of a data broker. However, the CCPA also broadens the definitions of "sale" and "sharing" to include certain standard business practices we have engaged in over the past 12 months. For instance, under the CCPA, these terms encompass the use of specific advertising services, such as when we compensate an ad tech company to install a cookie on a visitor's browser, enabling them to view advertisements for our services on other websites. In this process, the ad tech company can access the visitor’s IP address and other browser, device, or cookie-related data.

Additionally, under the CCPA, we are also considered to be "selling" personal information when we permit vendors assisting us with our services, such as analytics providers, to utilize IP addresses and browser/device/cookie data for certain improvements to their services. "Sale" and "sharing" also extend to other advertising services we employ, such as paying a third-party website to display advertisements to specific individuals by providing a list of their email addresses (or hashed versions of these addresses). This qualifies as a "sale" and "sharing" under the CCPA, even when we are the paying party.

At present, we do not engage in other "sales" or "sharing" of California personal information, as defined by the CCPA, but we do disclose such information in other ways, as detailed below. We do not "sell" or "share" personal information of consumers under the age of 16 if we have actual knowledge of their age. Californians have the option to opt out of our CCPA "sales" and "sharing" by following the steps outlined in our Your Privacy Choices form.

3. COOKIE NOTICE – Cookies Used in Our Services

Through our websites and services (including Controlled Logic™ and certain online properties and communications of Brands and Creators, such as via the Controlled Logic™ Conversion Pixel), we and third parties automatically collect information from your device using technologies like cookies, web beacons, local storage, JavaScript, and mobile-device functionalities.

This information may include unique browser identifiers, IP addresses, browser and operating system details, device identifiers (e.g., Apple IDFA or Android Advertising ID), geolocation data, internet connection details, and insights into your usage and interactions with websites, applications, emails, and other digital properties. Examples include the URL of the site you visited before ours, pages viewed on our site, frequency of access, interaction details (such as clicked links), error logs, and other similar information. Some technologies, like cookies, store unique identifiers or other data on your device for later use.

These technologies support:

For instance, in some cases, we work with third-party advertising services that collect information through cookies to track online activities and display ads tailored to individual interests, previous site visits, or other collected insights. Additionally, if you scan a Controlled Logic-powered QR code, Controlled Logic™ may use cookies and similar technologies to track that interaction as detailed in the QR Codes section of our Privacy Policy.

4. RETENTION – How Long We Keep Personal Information

We generally retain identifiable personal information only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements. Since personal information can be used for various purposes, a fixed retention period may not apply to all data types. To determine retention periods, we consider factors such as security risks, data sensitivity, processing purposes, and legal obligations. Backup and business continuity copies may persist beyond the original data retention period.

Category of Personal Information & Retention Periods:

5. DATA TRANSFER – How We Share Your Information

We share your information with third parties under the following circumstances:

When applicable, we adhere to legal requirements for transferring personal information to third countries, such as by ensuring transfers occur under the following conditions:

For further details about the specific mechanisms we use when transferring your personal information outside the United Kingdom or Europe, please contact us at privacy@ControlledLogic.ai.

6. LEGAL BASIS FOR PROCESSING – Justification for Processing under GDPR and Similar Laws

We will only process your personal information when permitted by law. If you are located in the United Kingdom or Europe and we act as a data controller, we will process your personal information only if one of the following legal bases applies:

7. DATA SECURITY

We recommend using a unique password for each service, keeping it in a safe place, and not sharing it with anyone. Additionally, always sign out of your account and close your browser window when you're done using the Sites or Services. We implement various physical, technical, and organizational security measures to protect personal information. However, no security system is entirely foolproof, and even with these precautions, we cannot guarantee that your personal information will remain fully secure.

8. COOKIES – Options for Controlling Cookies

To opt out of non-essential cookies on ControlledLogic.ai, click the ‘Cookie Settings’ link in the footer of the website to manage your preferences.

For more information on interest-based advertising, or to opt out of targeted ads from our ad service partners, visit aboutads.info/choices in each browser you use.

For instructions related to data collected from mobile applications, refer to your device's operating system instructions. Here are some options:

You can also opt out of Google Analytics and customize Google Display Network ads via Google Ads Settings on each browser. Google offers an Analytics Opt-out Browser Add-on for further control.

Additionally, you can set your browser to reject certain cookies or alert you when cookies are used. Some browsers also provide similar controls for HTML5 local storage and other technologies. Please note that blocking or rejecting cookies, local storage, JavaScript, or other technologies may impact how certain websites, including some of ours, function.

If you reset or upgrade your browser or device, or delete cookies, or use a browser that deletes cookies automatically, you may need to reapply these opt-out tools. We do not respond to browser-based Do Not Track signals.

9. MARKETING - Your Choices Regarding Marketing Communications

You can unsubscribe from Controlled Logic™ marketing emails at any time. If you have an online account with our Services, you may also access or modify your personal information, or adjust privacy preferences via that account.

If you do not want us to access your device location, you can disable location sharing in your device and browser settings. Please note that disabling these features may prevent you from accessing or receiving some current or future content offered through the Services.

To opt out of marketing or promotional emails from Controlled Logic, please contact privacy@ControlledLogic.ai or follow the unsubscribe instructions included in those messages. However, even if you opt out, we may still send you non-marketing or non-promotional communications, such as messages related to Services you have requested.

10. PRIVACY RIGHTS - Your Rights Regarding Your Personal Information

In addition to exercising your choices regarding cookies and marketing communications, depending on your location, you may have additional rights concerning your personal information. For instance, if you are in the United Kingdom, the European Union, or a region with similar laws (including certain U.S. states), you may have the right to

If you want to exercise any of these rights, please contact us.

Additionally, residents of California, Virginia, Colorado, Connecticut, Nevada, and an increasing number of other states have the right to opt out of what the laws in these states consider the “sale” of personal information. Most of these states also grant the right to opt out of certain uses and disclosures of personal information for specific targeted advertising purposes. To exercise these rights, residents can visit our "Your Privacy Choices" page and follow the instructions provided. California residents' rights, along with the specific methods they must use to exercise those rights, are outlined in the next section of this privacy policy.

All of the rights outlined above (with the exception of opting out of direct marketing) have important exceptions.

Typically, you won't need to pay a fee to access your personal information or to exercise any of your other rights. However, depending on the applicable laws, we may charge a reasonable fee if your request is clearly unfounded or excessive, or we may refuse to comply with such requests.

We may need to ask for specific details to verify your identity and confirm your right to access the information or exercise any of your rights. This is a security measure to reduce the risk of unauthorized disclosure of personal information.

Everyone also has the right to lodge a complaint with their local data protection supervisory authority about how any company handles their personal information. If you have concerns about our data practices, we encourage you to contact us first so that we can address your concerns.

To appeal a decision we've made about your personal information (as per the laws of Colorado, Connecticut, or Virginia), you can email us at privacy@ControlledLogic.ai, explaining why you believe we should reconsider our decision. Your appeal will be reviewed by our privacy team, which may include our General Counsel, in certain cases. We will provide a decision and a written explanation within 45 days of receiving your appeal or within the timeframe required by applicable law.

11. CALIFORNIA RESIDENTS' RIGHTS

This section applies solely to the “personal information” of California residents, as defined under the California Consumer Privacy Act (CCPA), and supplements the information found in the Key Privacy Details section above, as well as the rest of this Privacy Policy. Personal information about individuals who do not reside in California may be handled differently and is not subject to the same rights under California law. This section does not apply to personal information that we handle solely on behalf of certain Brands or Creators, even if the information pertains to a California resident.

Collection and Disclosure of Personal Information in California - Last 12 Months

The following charts summarize the categories of personal information we have collected and the categories of third parties to whom we have disclosed that information for business purposes in the 12 months prior to the effective date of this Privacy Policy:

Information Collected when You Scan a Controlled Logic™ QR Code

Category of Personal Information Categories of Third Parties Disclosed To (for Business Purposes)
Identifiers (e.g., IP address) Affiliates, customers, service providers, and entities performing services for us, such as data storage, hosting, email service, analytics, network and system management, IT support, CRM, incentive, and accounting services.
Commercial information (e.g., use of QR codes) Same as above
Internet/electronic activity (e.g., device data, use of QR codes) Same as above
Inferences drawn from the above information Same as above
Precise geolocation Same as above
Other personal information Same as above
Identifiers (e.g., name, email, phone number) Same as above
Professional information (e.g., job title) Same as above
Commercial information (e.g., interactions, purchases) Same as above
Financial information (e.g., payment card info) Handled by payment card processors and payment service providers
Internet/electronic activity (e.g., technical data, site usage) Same as above
Inferences drawn from the above information Same as above

As a California resident, the law may allow you to request the following:

Certain information may be exempt from these requests as per applicable laws. You may also request information on any financial incentives we offer (if applicable). Under the CCPA, you are entitled to exercise your rights without facing discrimination from Controlled Logic. To exercise your CCPA rights, please contact us at privacy@ControlledLogic.ai. For legal and security reasons, we may not fulfill requests that require access to third-party websites or services. We do not respond to browser-based do-not-track signals or similar mechanisms. We will take steps to verify your identity before processing your request, which could involve confirming the browser associated with relevant QR codes, responding to a verification email, or verifying your name or email address.

If you are an agent acting on behalf of a consumer, you must verify your authorization, which may involve submitting written proof that satisfies CCPA requirements, such as a signed letter from the consumer or a power of attorney. We may also require the consumer to verify their identity directly with us.

CCPA “Sale” and “Sharing” of California Personal Information

As noted in this Privacy Policy, you can opt out of the “sale” or “sharing” of your personal information as defined by the CCPA by using our “Your Privacy Choices” form, which is the quickest and most efficient method. You can also initiate the process by emailing us at privacy@ControlledLogic.ai, and we will guide you through the next steps. Your browser may offer a way to enable the Global Privacy Control (GPC) signal. If you activate this signal, ControlledLogic.ai will treat your browser as having opted out of any “sale” or “sharing” of California personal information collected via cookies and similar technologies. You can override this treatment for a GPC-enabled browser by adjusting the cookie settings in the site’s footer.

We do not use or disclose “sensitive personal information” as defined in the CCPA in a manner that requires offering a special right to limit its use due to its sensitive nature.

California Shine the Light Disclosure

Under California’s “Shine the Light” law, residents have the right to request information on how we’ve shared certain categories of personal information with third parties for their direct marketing purposes in the prior year. To exercise this right, please contact us as outlined below.

12. CHILDREN’S DATA

Our Services are not intended for and should not be used by children under 16. If we learn that we have inadvertently collected the personal information of a child under 16, we will take steps to delete it or otherwise comply with applicable law. Please notify us if you believe we have collected such information by emailing us at legal@controlledlogic.ai.

13. CONTACT US

For any questions about this Privacy Policy, including requests to exercise your legal rights, please contact us at: Email: legal@controlledlogic.ai