We care about your privacy and want you to feel comfortable using our services, you’ll find a clear overview of what data we collect, why we collect it, and how we keep it safe. If you have any questions, we’re always here to help.
This Privacy Policy explains how we collect, use, and protect your personal data when you use the Business Card Scanner App (“App”) and any related services provided by us. We are committed to protecting your personal data and ensuring transparency in how we process it.
We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other relevant data protection laws, to ensure that your rights and freedoms are respected when your personal data is processed.
This Privacy Policy applies specifically to your use of the App and any services provided in connection with it, including the scanning, structuring, and management of contact data, the integration with HubSpot, and the processing of data through artificial intelligence (AI), machine learning (ML), and large language model (LLM) technologies used within the App.
In addition to this Privacy Policy, the Privacy Policy available on our website https://snap2crm.com/privacy-policy applies to the use of our website and its services, including but not limited to website analytics, cookies, and newsletter subscriptions. In the event of any inconsistencies, this App Privacy Policy shall prevail regarding the use of the App.
The data controller responsible for the processing of your personal data within the meaning of applicable data protection laws is:
Marlon Kühn
c/o Block Services
Stuttgarter Str. 106
70736 Fellbach
Germany
Email: contact@snap2crm.com
Phone:
At this time, a data protection officer has not been appointed, as it is not legally required.
For the purposes of this Privacy Policy, the following terms shall have the meanings set out below:
Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”), including but not limited to names, email addresses, phone numbers, and information extracted from business cards.
Processing: Any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, restriction, erasure, or destruction.
Data Subject: Any identified or identifiable natural person whose Personal Data is processed by the Controller.
Controller: The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
Processor: A natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Controller.
These definitions are provided to ensure clarity and understanding of the terms used in this Privacy Policy, particularly for international users.
When you use the App, we may collect and process the following categories of personal data:
Account Data: Information provided during registration or account management, such as your name, email address, company name, and phone number.
Authentication Data: Login credentials and other identifiers necessary to access and use the App securely.
Usage Data: Technical data about your use of the App, including log files, device information, browser type, operating system, IP address, and timestamps of your activities.
Business Card Data: Information extracted from scanned business cards, including names, company names, job titles, email addresses, phone numbers, physical addresses, and other information present on the business cards.
Metadata from App Use: Data generated during your use of the App, such as interaction logs and feature usage patterns.
Communication Data: Information that you provide when contacting us for support or through other communications, including the content of your requests and related metadata.
HubSpot Integration Data: Data necessary to enable and manage the integration with HubSpot, including contact information, tracking data, and configuration settings related to your HubSpot account.
AI/OCR Processing Data: Data processed through our artificial intelligence (AI), machine learning (ML), and optical character recognition (OCR) technologies for extracting and structuring information from scanned business cards.
Optional Data Fields: Any additional information you choose to provide within the App, including notes, tags, and other metadata associated with your scanned contacts.
We process your personal data for the following purposes and on the following legal bases in accordance with Article 6 of the General Data Protection Regulation (GDPR):
Performance of Contract (Art. 6(1)(b) GDPR): We process your personal data to provide the functionalities of the App, including scanning and structuring business card data, managing your account, facilitating the integration with HubSpot, and enabling you to use our services as contractually agreed.
Legitimate Interests (Art. 6(1)(f) GDPR): We may process your personal data based on our legitimate interests, such as ensuring the security and stability of the App, improving our services, preventing fraud, analyzing user behavior to enhance the user experience, and maintaining our business operations in a lawful and effective manner. Where we process your data based on legitimate interests, we carefully assess and balance our interests against your fundamental rights and freedoms.
Consent (Art. 6(1)(a) GDPR): Where required by law, or where no other legal basis applies, we may process your personal data based on your explicit consent, for example, when you subscribe to newsletters or agree to optional features. You have the right to withdraw your consent at any time with effect for the future.
Compliance with Legal Obligations (Art. 6(1)(c) GDPR): We may process your personal data where necessary to comply with legal obligations to which we are subject, including tax and commercial retention obligations, and to comply with lawful requests from authorities.
The App uses artificial intelligence (AI), machine learning (ML), large language models (LLM), and optical character recognition (OCR) technologies to process scanned business card data. These technologies enable the extraction, structuring, and analysis of data contained on business cards, allowing information such as names, company details, email addresses, phone numbers, and other relevant data points to be identified and organized efficiently for your use within the App and for integration with HubSpot.
The use of these technologies is essential for the core functionalities of the App, such as digitizing and managing business contacts, enhancing the accuracy of data processing, and improving the overall user experience.
We do not use these technologies to carry out automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless expressly stated otherwise in this Privacy Policy or required for the performance of the contract with your explicit consent.
In order to provide the functionalities of the App, we utilize the services of various third-party providers who may process your personal data on our behalf and in accordance with applicable data protection laws. For maximum transparency and legal best practice, details for each provider are as follows:
HubSpot, Inc.: We integrate with HubSpot to enable the creation, management, and synchronization of contact data captured via the App into your HubSpot account, allowing seamless contact management and workflow integration.
Address: 25 First Street, Cambridge, MA 02141, USA
Privacy Policy: https://legal.hubspot.com/privacy-policy
Google LLC: We use Google LLC, including Gemini and other Google Cloud AI services, for artificial intelligence (AI), machine learning (ML), large language model (LLM), and optical character recognition (OCR) functionalities to extract, structure, and process data from scanned business cards.
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy Policy: https://policies.google.com/privacy
Strato AG: We use Strato as a hosting provider to securely store and process your data to support the operation of the App.
Address: Pascalstraße 10, 10587 Berlin, Germany
Privacy Policy: https://www.strato.de/datenschutz/
Cloudflare, Inc.: We use Cloudflare as a cloud-hosting and security provider to ensure the availability, performance, and protection of the App.
Address: 101 Townsend Street, San Francisco, CA 94107, USA
Privacy Policy: https://www.cloudflare.com/privacypolicy/
Google Analytics and Google Tag Manager: We use these services to analyze user behavior within the App and improve its functionality and performance, which may include the collection of usage data, device information, and other analytics data.
Provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy Policy: https://policies.google.com/privacy
Stripe, Inc.: We use Stripe as a payment service provider to process payments securely and efficiently when you use paid features within the App.
Address: 354 Oyster Point Boulevard, South San Francisco, CA 94080, USA
Privacy Policy: https://stripe.com/privacy
Atlassian Jira Service Management: We use Atlassian Jira Service Management as our customer support system to manage and respond to your support requests and related communications efficiently.
Provided by Atlassian Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia
Privacy Policy: https://www.atlassian.com/legal/privacy-policy
Explanation of Roles: These third-party providers act as processors or sub-processors on our behalf, processing personal data strictly in accordance with our instructions and applicable data protection laws. We have concluded data processing agreements with these providers to ensure the protection of your personal data and to restrict its use to the purposes necessary for providing our services.
We may share your personal data with the following recipients, solely to the extent necessary for the purposes described in this Privacy Policy:
- HubSpot, Inc. (CRM integration)
- Google LLC (Gemini and Google Cloud AI services for AI/OCR processing)
- Strato AG (hosting provider)
- Cloudflare, Inc. (cloud hosting and security provider)
- Google Analytics and Google Tag Manager (analytics providers)
- Stripe, Inc. (payment processing provider)
- Atlassian Jira Service Management (customer support system)
- IT support providers (for maintenance and technical support, as necessary)
- Legal and Regulatory Authorities:
Where required by law, we may disclose personal data to regulatory or law enforcement authorities.
The legal basis for sharing your data with these recipients includes the performance of our contract with you (Art. 6(1)(b) GDPR), our legitimate interests in maintaining and improving the App (Art. 6(1)(f) GDPR), compliance with legal obligations (Art. 6(1)(c) GDPR), and your consent where applicable (Art. 6(1)(a) GDPR).
We do not sell your personal data to third parties.
In certain cases, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). This may occur, for example, when we use service providers or partners located outside the EEA to support the operation of the App, including cloud hosting services, AI/OCR service providers, and HubSpot integration services.
Whenever we transfer your personal data to countries outside the EEA, we ensure that appropriate safeguards are in place to protect your data in accordance with applicable data protection laws. This may include ensuring that the European Commission has recognized the country as providing an adequate level of data protection, or implementing Standard Contractual Clauses (SCCs) approved by the European Commission to ensure that your personal data remains protected.
We would like to inform you that data protection in countries outside the EEA may not be equivalent to the level of protection within the EEA, and there may be risks associated with such transfers, such as the potential for access to your personal data by governmental authorities in those countries for security and surveillance purposes, and the potential limitation of your rights related to your data.
If you would like further information regarding international data transfers and the safeguards in place, you can contact us at any time using the contact details provided in this Privacy Policy.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of providing the App’s functionalities, complying with legal obligations, resolving disputes, and enforcing our agreements.
The criteria used to determine the retention periods include:
- The nature and category of the personal data,
- The purposes for which the personal data is processed,
- The legal obligations we may have (such as tax and commercial retention requirements),
- The necessity of retaining the data for the establishment, exercise, or defense of legal claims.
Specific retention periods may include:
- Account Data: Retained for the duration of your account’s existence and deleted upon termination of your account, unless legal retention requirements apply.
- Scan Data and Business Card Data: Retained as long as necessary for processing and transferring the data to your HubSpot account, and may be deleted upon your request or upon account deletion, unless legal retention obligations require longer storage.
- Usage Data and Metadata: Retained for a reasonable period necessary to analyze and improve the App’s performance and for security purposes.
- Communication Data: Retained for the time necessary to process your request and as required for documentation and compliance purposes.
When the retention period expires, or if you request the deletion of your personal data and there is no legal obligation to retain it, your personal data will be deleted in accordance with applicable legal requirements.
We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with the processing of your personal data, in accordance with applicable data protection laws.
These measures include, but are not limited to:
- Encryption: We use encryption protocols to protect data during transmission and storage where appropriate.
- Access Controls: Access to personal data is restricted to authorized personnel who need access to fulfill their duties and who are bound by confidentiality obligations.
- Regular Security Reviews: We regularly review our security policies and procedures to ensure that our systems remain secure and up to date with industry standards.
- Data Minimization: We only collect and process the personal data that is necessary for the purposes described in this Privacy Policy.
- Regular Backups: We perform regular backups to ensure the integrity and availability of your data.
Despite these measures, please note that no system is completely secure, and we cannot guarantee the absolute security of your personal data. However, we continuously work to improve our security practices to protect your personal data against unauthorized access, loss, destruction, or alteration.
As a data subject under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:
- Right of Access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and information regarding its processing.
- Right to Rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data concerning you and to have incomplete personal data completed.
- Right to Erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data under certain circumstances, for example, if the personal data is no longer necessary for the purposes for which it was collected or if you withdraw your consent.
- Right to Restriction of Processing (Art. 18 GDPR): You have the right to request the restriction of processing of your personal data under certain circumstances, such as when you contest the accuracy of the data or object to its processing.
- Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit that data to another controller without hindrance.
- Right to Object (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, to the processing of your personal data which is based on our legitimate interests, including profiling based on those interests.
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.
To exercise your rights, please contact us at the contact details provided in this Privacy Policy. We will respond to your request in accordance with applicable data protection laws.
In general, you are not legally obliged to provide us with your personal data. However, the provision of certain personal data is necessary for the performance of a contract with you and for the use of the App’s functionalities.
If you choose not to provide the personal data that is required for the use of the App, including for account creation, authentication, and the processing and transfer of scanned business card data, we may not be able to provide you with access to the App or certain features within the App.
Similarly, if you do not provide the personal data necessary for compliance with legal obligations, we may not be able to fulfill our legal responsibilities, which could result in the inability to provide you with our services or the termination of your access to the App.
If you have any questions about the necessity of providing specific personal data, you can contact us at any time using the contact details provided in this Privacy Policy.
We do not use your personal data for automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you.
If, in exceptional cases, we intend to use such processes, we will inform you separately in advance, including details about the logic involved, the significance, and the envisaged consequences of such processing, and we will obtain your explicit consent where required by applicable law.
We may update this Privacy Policy from time to time to reflect changes in our data processing practices, legal requirements, or for other operational reasons. If we make material changes to this Privacy Policy, we will inform you by appropriate means, such as by displaying a notice within the App, sending you an email notification, or by posting an updated version on our website.
The updated Privacy Policy will take effect on the date it is published unless otherwise specified. We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.
The effective date of this Privacy Policy will be indicated at the top of the document.
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, you can contact us at any time using the following contact details:
Marlon Kühn
c/o Block Services
Stuttgarter Str. 106
70736 Fellbach
Germany
Email: contact@snap2crm.com
Phone:
If you are located in the European Economic Area (EEA) and believe that the processing of your personal data infringes applicable data protection laws, you have the right to lodge a complaint with your local supervisory authority. In Germany, this is:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153
53117 Bonn
Germany
Website: https://www.bfdi.bund.de