Last updated: December 2025
PLEASE READ THE FOLLOWING PRIVACY POLICY, FOR INFORMATION REGARDING THE WAYS YOUR PERSONAL DATA MAY BE PROCESSED, CAREFULLY. WHEN YOU USE THE WEBSITE YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY.
BP Mobile LLC (“we,” “us” or “our”) takes your privacy seriously. This Privacy Policy (“Privacy Policy”) explains our data protection policy and describes the types of information we may process when you access, use and/or interact with us via the website available at https://iscanner.com/ (hereinafter, the “Website”).
The Privacy Policy (except for Annex below – “U.S. Multistate Privacy Notice”) applies to all Website users regardless of where they are located. The U.S. Multistate Privacy Notice included in the Annex to this Privacy Policy supplementary applies to those Website users who:
a) are residents of U.S. states where corresponding U.S. State Privacy Laws were enacted; and
b) fall within the scope of the U.S. Multistate Privacy Notice applicability.
Note that the present Privacy Policy is applicable only with respect to data that may be collected, stored, processed when you access and/or use the Website. This Privacy Policy does not apply to data that is collected, stored, processed when you access and/or use iScanner mobile Apps introduced on the Website (hereinafter, “iScanner Apps” collectively and “iScanner App” either for iOS or Android separately). Therefore, if you want to learn more about data processing practices applicable to iScanner Apps introduced on the Website, please visit the Privacy Policy for iScanner Apps.
When we refer to personal data (or personal information) we mean any information of any kind relating to a natural person who can be identified, directly or indirectly, in particular by reference to such data. It is a natural person who can be identified directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social status.
The scope of data we process may vary depending on the types of actions and operations you perform using the Website (see Section II for more details). Nevertheless, the provisions of this Privacy Policy are applicable to both active users of the Website (e. g. those who have iScanner Account, use cloud storage service and other tools available on the Website) and to any other persons who visit the Website (collectively, “users”).
There are several categories of information that may be processed when you access, use and/or interact with the Website.
Functional Information
We may process the following categories of functional information when you use the Website. The processing of such information is necessary for the adequate performance of the contract between you and us. Without such information it is impossible to provide the complete functionality of the Website and perform a full scope of services.
Authorization data related to user iScanner Account. If you choose to use the iScanner cloud storage functionality for synchronizing and working with documents and files across different devices and platforms (iOS, Android, Web), you’ll need to create an iScanner Account (on the Website or via one of the iScanner Apps) or sign in to your existing iScanner Account.
When you choose to create an iScanner Account on the Website, you’ll need to set up account credentials (i.e., login email address and password) and complete a verification process. Alternatively, to create an iScanner Account on the Website, you can select the “Continue with Apple”, “Continue with Google”, or “Continue with Facebook” option. In this case, you will use your Apple/Google/Facebook account credentials to sign in to your iScanner Account. When you use such third-party sign-in, you are directing the relevant third-party service (Apple, Google, or Facebook) to share specific basic profile information with us, which may include your name, email address, and profile picture. However, from this available information, we only access, collect, and process your name and associated email address. You can manage the connection and data sharing permissions at any time within your Apple, Google, or Facebook account settings.
We store and process the email address used for your iScanner Account registration for the primary purpose of providing you with iScanner cloud storage and file-synchronization services. Additionally, the email address associated with your iScanner Account may be used for the purpose of sending you operational/transactional and marketing email messages, strictly within the limits and under the terms set forth in the subsection DATA PROCESSING RELATED TO EMAIL COMMUNICATIONS.
Note that you are solely responsible for maintaining the confidentiality of your password and for all activities that occur under your iScanner Account. We are not liable for any losses that may occur as a result of someone else using your credentials to access your iScanner Account, with or without your knowledge. You agree to notify us immediately if you become aware of or suspect any unauthorized use of your iScanner Account credentials or any other breach of security.
Files associated with your iScanner Account. For the purposes of this Privacy Policy, the term “Files associated with your iScanner Account” (may also be referred to as the “Files” or “your Files” (plural) or as the “File” (singular)) means any content (including documents, files, images, and other data) that you upload, manage and store within your iScanner Account using the cloud storage and file-synchronization services of iScanner App(s) and/or the Website.
Your Files are stored using the services of our cloud storage provider (Amazon Web Services, Inc.). These Files are automatically synchronized across any device you use to access your iScanner Account, ensuring that you have access regardless of whether you log in via the Website or one of our iScanner Apps.
We perform purely technical processing of your Files for the sole purpose of providing the cloud storage and file-synchronization features of the Website and iScanner Apps. This technical processing does not include human access to the actual content of your Files. You, as the owner of the relevant iScanner Account, are the only person who exercises control over the content of your Files, and they remain inaccessible to us or any third party without your authorization.
In exceptional cases, we may carry out a check of your Files’ metadata solely upon your request. We will do this only if necessary for legitimate aims, such as identifying errors, bug investigation, or providing you with technical support. This process is strictly limited to the Files metadata.
You may choose to delete specific Files associated with your iScanner Account. When you delete a specific File, it is moved to the “Trash Folder”, from which it can be restored. However, if you choose to delete a File from the “Trash Folder”, it will be permanently deleted, and you will not be able to restore it.
Furthermore, if you choose and apply the “Delete Account” option in the settings of any iScanner App or on the Website, all Files associated with your iScanner Account stored in the cloud will be permanently deleted, and you will no longer have the opportunity to restore them.
Other iScanner Account details. In addition to the information about email address associated with your iScanner Account the following data related to it may be processed: your current cloud storage capacity, the amount of cloud storage space actually used, the date of iScanner Account registration, subscription ID. All this information is kept in our administration panel and processed for the purposes of maintenance of your iScanner Account and subscription (if applicable), providing you with high-quality technical support, fraud prevention and dispute settlement.
Information about the files that the user stores in Google Drive (relevant only in the context of the “Import files from Google Drive” function). The Website offers functionality that allows you to upload files directly from your Google Drive to your iScanner Account cloud storage. This processing is applicable only if you choose to use the “Add Files” feature and then select “From Google Drive” option. To use this feature, you will be required to authorize a connection between the Website and Google Drive. When you initiate this connection, you will be prompted to enter your Google Account credentials and grant permission for the Website to see and download your Google Drive files. Once you grant this permission, the Website will access the list of files you store in Google Drive. This access is necessary solely to provide you with the import functionality – specifically, to enable you to browse, select, and upload files from Google Drive to your iScanner Account cloud storage. Our system’s access to your Google Drive file list is automated. It does not include human access to the content of your files. You remain the only person who can manage and exercise full control over your content.
Managing the Connection between Google Drive and your iScanner Account. You can always review and manage connection of your iScanner Account with Google Drive via your Google Account’s third-party connections page. See Manage connections between your Google Account and third-parties article for more details.
Information you may provide us via our support channels and contact forms (requests sent via this form or to the email address [email protected] or via the “Contact us” form available through your iScanner Account or via special form for educators available on the Website). We may collect, store and process personal information that you submit via the abovementioned support channels and contact forms. In this case the following categories of information may be voluntarily provided by you: name, email address, the text of your message, files you choose to attach to your request (if this option is available). We use all this information solely for the purpose of considering and responding effectively to your requests (if necessary).
Data processed via the “Report Inappropriate Content” tool (in the context of the “Share file via a link” Website feature). The “Share file via a link” feature allows registered Website users to generate links to specific Files and share them with third-party recipients. To ensure the safety of our ecosystem and compliance with legal standards, we provide recipients of such links with a “Report Inappropriate Content” tool to flag illegal or objectionable content received (such as CSAM, intellectual property violations, fraud, or spam). Therefore, if you interact with a shared link and choose to submit a report using this tool, we collect and process the following data:
This information submitted via the “Report Inappropriate Content” tool is processed solely for the following purposes:
Information That is Processed Automatically
When you access, use and/or interact with the Website, some information about your device and your user behavior may be processed automatically. This information is generally non-personal, i.e. it does not, on its own, permit direct association with any specific individual, and we may access it only in aggregated form. We process this information on the ground of our legitimate interests for improving the Website and giving our users the best experience.
We may use third-party automatic data processing technologies to analyze certain information sent by your device via the Website (analytics or advertising tools). Some of them may launch automated processing of your personal data, including profiling, which means any form of automated processing of personal data used to evaluate certain personal aspects relating to you, in particular to analyze or predict aspects concerning your personal preferences, interests, behavior, location or movements (see the list of data described below). Processing information through automatic data processing technologies starts automatically when you first time access the Website.
Information provided automatically to analytics or advertising tools does not generally come to our control, therefore, we cannot be responsible for processing such information. Please mind that some services are engaged in personal data profiling and may obtain information related to your personality and/or your device by using technologies that do not belong to our scope of responsibility.
Payment data processing related to subscription purchases. We have partnered with Paddle.com Market Limited (“Paddle”) to handle the sale of subscriptions on the Website. Paddle acts as our authorized reseller and the Merchant of Record. When you purchase a subscription on the Website, you enter into a transaction directly with Paddle. Therefore, Paddle is responsible for the security, confidentiality, and processing of the personal and payment data you provide during the checkout process. Paddle’s data processing practices are governed by its own Privacy policy, which we encourage you to review at https://www.paddle.com/legal/privacy. For legacy subscriptions purchased on the Website prior to our integration with Paddle (approximately before August 2025), payment processing is handled by Stripe (covering both card and PayPal methods), and such data processing is governed by Stripe’s Privacy Policy. We do not collect, store, or have access to your full payment card information (such as your full credit card number, card expiration date, or CVV) on any of our servers.
Processing of data related to refunds and billing inquiries. While Paddle (or Stripe for legacy subscriptions) handles the initial subscription payment processing, we are responsible for reviewing and processing refund requests and resolving billing disputes in accordance with our Refund Policy. If you contact us to request a refund or raise a billing inquiry, we may request, collect, and process the following information to verify your identity and the transaction:
We process these specific categories of data solely for the purpose of identifying your transaction, verifying your eligibility for a refund under our Refund Policy, preventing fraud, and resolving the billing dispute or inquiry.
We obtain your email address when you create an iScanner Account (in any of the iScanner Apps or on the Website), as this is necessary for your registration. Additionally, we may obtain your email address if you voluntarily provide it via special pop-up windows that may be available on the Website (even if you do not register an iScanner Account). Depending on your user status (specifically, whether you have a registered iScanner Account) and the context in which you provided your email, we may use your email address to send you the following types of communications:
1. Operational/Transactional Email Messages. These are non-marketing communications that are essential for the proper functioning of the Website and iScanner Apps, the performance of our contractual or legal obligations, and the completion of transactions.
2. Marketing Email Messages. These are promotional communications designed to provide value, increase awareness of iScanner features, and boost user retention.
Unsubscribe requests are honored within a reasonable period of time. Opting out of marketing emails does not prevent you from receiving essential Operational/Transactional Email Messages.
Email communication service provider. To optimize and automate the delivery of both Operational/Transactional and Marketing Email Messages, we use Maestra services provided by Maestra.io LLC (”Maestra”). Maestra acts as our data processor under strict contractual obligations. They process your data solely for the purpose of organizing and automating our email delivery processes in accordance with our instructions.
Our mission is to constantly improve the Website and provide you with better user experiences. As part of this mission, we use your information for the following purposes:
(a) To make our service available and ensure the efficient operation of the Website. We use Functional Information and Information That is Processed Automatically to provide you with all requested services and to ensure the efficient operation of the Website according to its intended purpose.
(b) To improve, test and monitor the effectiveness of the Website. We use the Information That is Processed Automatically to better understand user behavior and trends, detect potential outages and technical issues, to operate, protect, improve, and optimize the Website.
(c) To communicate with you. We may use information that you voluntarily provide to us via our support channels and contact forms for the purposes of processing and responding (if necessary) to your requests, handling your refunds and billing Inquiries, receiving your feedback, comments or suggestions about the operation of the Website, our iScanner Apps or on other matters. Furthermore, we use your email address and other associated data to communicate with you by sending two specific types of correspondence: Operational/Transactional Email Messages and Marketing Email Messages.
(d) To prevent fraud and spam, to enforce the law. We really want the Website to be free of spam and fraudulent content so that you feel safe and free. We may use your information to prevent, detect, and investigate fraud, security breaches, potentially prohibited or illegal activities, protect our trademarks, enforce our Terms of Use and applicable laws.
If any new purpose for processing your data arises, we will let you know when we start to process information for that other purpose by introducing the corresponding changes to this Privacy Policy.
We will not rent or sell your personal data to third parties, but we may share your information obtained via tools like cookies, log files, and device identifiers with third-party organizations that provide automatic data processing technologies for the Website.
Please note that while we partner solely with third parties that gave us assurance of application of necessary technical and organizational measures to protect your data, we cannot guarantee the absolute security of any information transmitted from the Website directly to such third parties. We are not responsible for any accidental loss or unauthorized access to your data through a fault of third parties.
We may engage the following third-party service providers in order to provide us with necessary infrastructure for delivery and improvement of the Website:
| Entity name | Role, Services performed | Entity location | Link to Privacy Policy |
| Amazon Web Services, Inc. (a subsidiary of Amazon.com, Inc.) | Cloud storage provider | U.S.A. | https://aws.amazon.com/privacy/?nc1=f_pr Data Privacy FAQ: https://aws.amazon.com/compliance/data-privacy-faq/ |
| Apple Inc. | Authorization tool | U.S.A. | https://www.apple.com/lae/privacy/ |
| Facebook (Meta Platforms, Inc.) | Authorization tool | U.S.A. | https://www.facebook.com/privacy/explanation |
ConvertAPI, UAB | File conversion service provider | the Republic of Lithuania | https://www.convertapi.com/compliance (see Privacy Policy and Data Processing Terms) |
| Google LLC | Google Analytics (tool for Website traffic analysis) Google reCAPTCHA (analytics engine for protection the Website from fraud and abuse, protection of Website users from bots) Authorization tool | U.S.A. | Google Privacy Policy: https://policies.google.com/privacy?hl=en How Google uses information from sites or apps that use its services: https://policies.google.com/technologies/partner-sites?hl=en https://support.google.com/analytics/answer/6004245 (see section ‘Information for Visitors of Sites and Apps Using Google Analytics’) |
| Maestra.io LLC | Email communication service provider | U.S.A. | https://maestra.io/documents/privacy-policy/ |
| Paddle.com Market Limited; Paddle Payments Limited; Paddle.com Inc. | the Merchant of Record (processing of subscription purchases made by users on the Website) | United Kingdom (Paddle.com Market Limited); Ireland (Paddle Payments Limited); U.S.A. (Paddle.com Inc.) | https://www.paddle.com/legal/privacy |
| PayPal Inc. / PayPal (Europe) S.à r.l. et Cie, S.C.A., other PayPal group of companies | Payment processing tool (relevant for all users who choose PayPal as a payment method) | U.S.A. / Europe | https://www.paypal.com/lt/webapps/mpp/ua/privacy-full |
| Stripe Inc., Stripe Payments Europe Limited | Payment processing tool (for legacy subscriptions purchased on the Website before our integration with Paddle) | U.S.A. (Stripe Inc.), Ireland (Stripe Payments Europe Limited) | https://stripe.com/privacy https://stripe.com/en-lt/legal/privacy-center |
As it is indicated above we use Google Analytics service that tracks and reports the Website traffic. Google Analytics service uses different types of cookies to analyze user activity on the Website. If you want to learn more about the types of cookies and other data collected and processed by Google Analytics service provider (Google LLC) please visit https://support.google.com/analytics/answer/6004245 and https://policies.google.com/technologies/cookies. Note that we are not responsible for any usage of your data by the abovementioned third-party service provider (Google LLC) in violation of our instructions.
If you don’t want Google Analytics to use cookies you can block data collection following the instructions provided in Section IX of the present Privacy Policy.
The Website may contain links to third party sites/services. You also may visit the Website following a link from a third party site. We are not responsible for the privacy practices of these third-party sites or services linked, including for the information or content contained within them (unless we are the providers of those sites and/or services).
We may disclose your personal information if it is needed for objective reasons, due to the public interest or in other unforeseen circumstances:
We work in the cross-border area and provide the Website to users around the world.
We and third-party organizations that provide automatic data processing technologies for the Website or our third-party partners may transfer the automatically processed information across borders and from your country or jurisdiction to other countries or jurisdictions around the world.
If you are located in the European Union or other regions with laws governing data processing that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that may not have the same data protection laws as in your home jurisdiction. We try to make sure that the recipient of any personal data provides a proper protection of the personal data received, in accordance with the current legislation on the protection of such information.
By using the Website, you agree that we may transfer your personal data to any third country, a territory or one or more specified sectors within that third country, or to the international organization where data protection and confidentiality regulations may not provide the same level of protection of personal data as your country does.
For the purposes of data storage, we recourse to the services of the hosting organizations. We take your privacy seriously and, therefore, encrypt your personal data – if possible – before sending it to the hosting organizations for the purposes of its storage. We cooperate only with those hosting organizations that have passed our security and reliability check.
In particular, we recourse to the services of Amazon Web Services, Inc. (a subsidiary of Amazon.com, Inc.) that have adopted technical and organizational measures to protect your personal data against unauthorized/unlawful processing and accidental loss, destruction or other damage.
We will generally keep your information for as long as we need it for lawful purposes: to perform the contract between you and us, provide you with a full scope of services, enforce our Terms of Use, and to comply with our legal obligations. Files associated with your iScanner Account are stored using the server of our cloud storage provider until you choose to delete your iScanner Account. If you no longer want us to use your other information that we physically access and store, you can request that we erase it.
However, some data may still be stored for a certain time period (but no longer than the storage purpose requires) for a purpose of compliance with certain legal obligations (such as taxation, accounting, audit), maintenance of safety and data backup settings, prevention of fraud or other malicious acts.
Applicable data protection laws give you the following rights regarding your personal information:
To exercise any of the rights described above, you can contact us at [email protected] or using this contact form. Please bear in mind that we ensure the above mentioned rights only with respect to the information that we physically access and store. We also would like to draw your attention to the fact that in order to process your request we first have to identify you as a user of the Website or of one of our iScanner Apps.
You also have the right to lodge a complaint with your local data protection or a supervisory authority if you reasonably believe that your rights under applicable data protection laws have been breached. Please note that when you exercise your right to lodge a complaint with your local data protection or a supervisory authority, you may be required to provide additional information and support your complaint with sufficient objective evidence. By lodging a complaint you agree to provide sufficient explanation as to what you believe impaired your rights. Additionally, in some cases prior to lodging a complaint with your local data protection or a supervisory authority, you may be required to send your initial claim directly to us and ask for clarifications if necessary.
If you are located in the European Union, you may address our representative when you have questions on privacy issues:
Konrad Gutowski, privacy @ bpmobile.com
How to delete your iScanner Account
If you no longer wish for the Files associated with your iScanner Account to be stored using iScanner cloud storage and file-synchronization services, you may choose to delete your iScanner Account. For deletion of your iScanner Account, please follow the instructions below.
As a result of any of these methods, all the Files associated with your iScanner Account will be deleted permanently with no possibility of restoring.
How to opt-out of being tracked by Google Analytics
Google Analytics. If you want to opt-out of being tracked by Google Analytics you can install and enable Google Analytics Opt-out Browser Add-on. Additionally, you can manage cookies and/or delete cookies already set by Google Analytics through your browser settings. Further information on Google Analytics’ data practices and relevant instructions can be found at https://support.google.com/analytics/answer/6004245 (see section ‘Information for Visitors of Sites and Apps Using Google Analytics’).
Bear in mind that if you choose to disable all cookies, this can affect the Website functions, some of the features that make the Website more efficient may not function.
If you wish to opt-out of receiving Marketing Email Messages, please refer to the subsection DATA PROCESSING RELATED TO EMAIL COMMUNICATIONS, under the heading “Marketing Email Messages”.
The security of your personal information is highly important to us. We follow generally accepted industry standards to protect the personal information provided to us, both during transmission and once we receive it.
We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information.
We implement appropriate technical and organizational measures, which are designed to implement data-protection principles, such as data minimization, in an effective manner and to integrate the necessary safeguards into the processing.
Unfortunately, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We do our best to protect your personal data, nevertheless, we cannot guarantee its absolute security. In the event that your personal information is compromised as a breach of security, we will promptly notify you in compliance with applicable law.
If you have any questions about the security of the Website, you can contact us with the corresponding message via our support channels or contact forms.
The Website is not intended for children. Therefore, we do not knowingly or intentionally collect or solicit any personal information from children. For the purposes of this Section XI the terms “child” and/or “children” in the context of data processing activities may be interpreted on a case-by-case basis as prescribed by applicable data protection laws. No one who is considered a “child” under applicable data protection laws is allowed to directly provide any personal information via the Website.
As a general rule we consider a person under the age of 16 to be regarded as “a child” until we have legal grounds to conclude that a person under 16 should be treated as an adult as per provisions of local data protection rules or based on the parent authorization provided to us directly.
Solely the holders of parental responsibility are liable for preventing their children from providing personal information via the Website without relevant verifiable parental consent. If we learn that we have collected personal information from a child without verification of parental consent, we will erase that information as quickly as possible. If you reasonably believe that we might have any information from or about a child, or a child has directly provided us with personal information via the Website without verifiable parental consent, please contact us.
Please also bear in mind that you may purchase a subscription on the Website, provide any payment details or card information only if you have reached the age of majority or legal age in the applicable jurisdiction.
In case we change our Privacy Policy, we will post the changes on this page. Please check the Website regularly for any changes.
If you have any questions about this Privacy Policy, please feel free to contact us at [email protected] or using this contact form.
This U.S. Multistate Privacy Notice (“Notice”) supplements the information contained in Privacy Policy and may apply to individual residents of the U.S. states (“Covered U.S. Individual Residents”) that have enacted comprehensive data privacy laws including but not limited to California Consumer Privacy Act of 2018 (CCPA) as amended by California Privacy Rights Act of 2020 (CPRA), Texas Data Privacy and Security Act of 2023 (TDPSA), Virginia Consumer Data Protection Act of 2021 (VCDPA), Colorado Privacy Act of 2021 (CPA), Connecticut Data Privacy Act of 2022 (CTDPA) and others (collectively referred to as “U.S. State Privacy Laws” and separately as “U.S. State Privacy Law”). Notice addresses specific requirements common to U.S. State Privacy Laws and outlines additional information on the rights of Covered U.S. Individual Residents. It also describes how we collect, use, disclose and protect your personal information in compliance with these U.S. State Privacy Laws.
Applicability. Please note that if you are a user of our Website and a resident of one of the U.S. states where the corresponding U.S. State Privacy Law was enacted, you’ll be regarded a Covered U.S. Individual Resident and this Notice shall apply to you only if the processing of your personal data in connection with your use of the Website falls within the scope of such U.S. State Privacy Law. Please refer to the corresponding U.S. State Privacy Law for further details. If you are still unsure whether this Notice is applicable to you, please do not hesitate to contact us and we will spare no effort to assist you.
The correlation between Privacy Policy and Notice. This Notice does not replace and cannot be used interchangeably with Privacy Policy. On the contrary, Notice serves as a supplemental part of Privacy Policy for Covered U.S. Individual Residents.
The concept of personal data under U.S. State Privacy Laws. Applying Notice, you should also bear in mind that it pertains only to the processing of personal data which is understood as information linked or reasonably linkable to an identified or identifiable individual. Generally U.S. State Privacy Laws do not apply to the processing of de-identified, aggregated data or publicly available information, as these categories fall outside the scope of personal data.
Detailed information about the categories of personal data that may be processed when you use the Website is contained in Section II of Privacy Policy .
To learn about the purposes of personal data processing please review Section III of Privacy Policy.
U.S. State Privacy Laws require us to provide you with information about who we share your personal data with and for what purposes. You can find comprehensive data in this regard in Section IV of Privacy Policy. The legal entities indicated in Section IV of our Privacy Policy act as our “service providers” or “processors” within the meaning of U.S. State Privacy Laws and process your information on our behalf for business purposes. The examples of business purposes are the following: auditing related to current interaction with users; providing customer service, marketing, analytic services; detecting security incidents; debugging; provision of Website services to users; improving, enhancing, upgrading the Website functionality. Please refer to the table in Section IV of our Privacy Policy to learn what specific services the processors/service providers perform for the Website. When we use the services of our processors/service providers and disclose your information for business purposes, we enter into corresponding written contracts with them. These contracts incorporate data processing provisions, parts, sections or annexes that require our processors/service providers not to use personal information transferred by us other than for the purpose of performing the services specified in the contracts. Additionally, the contracts with our processors/service providers specifically prohibit them from and/or do not contain permissions for selling the personal information transferred by us.
We do not “sell” your personal information for monetary gain, which means that we do not and will not disclose your personal information to third parties in direct exchange for money or some other form of payment. However, we acknowledge that certain U.S. State Privacy Laws provide an expansive definition of the term “sell” and similar terms (like “share”), which may include the disclosure of personal information to third parties for non-monetary benefit (“valuable consideration”). Should our processing methods fall within this broad definition, you will always have a clear option to opt out (see the subsection Instructions on Opt Out of Data Processing below for more details on opt-out mechanisms available for different aspects of data processing that may occur on the Website).
If you are a Covered U.S. Individual Resident and this Notice applies to you, you’ll be able to exercise all user privacy rights specified in Section VIII of Privacy Policy, particularly:
User privacy rights listed above have similar content and exceptions in different jurisdictions. Their general meaning is addressed in Section VIII of Privacy Policy. However, some minor aspects related to these rights may vary slightly from one jurisdiction/state to another, therefore, you may want to consider these differences when submitting your user privacy request.
Besides the rights referred to above, U.S. State Privacy Laws specifically mention the following additional data privacy rights you have:
The Right to Opt Out of the processing of the personal data for purposes of (a) targeted advertising, sometimes also referred to as “cross-contextual behavioral advertising” or “interest-based advertising”; (b) the “sale” or “sharing” of your personal data; (c) profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning you. This Right to Opt Out is honored with due regard to the context of our data processing activities. Therefore, the mechanisms we provide allow you to opt out of the actual data processing activities performed on the Website (e.g., Google Analytics tracking and Marketing Email Messages). To learn the full details on how you can exercise these rights, please refer to the subsection Instructions on Opt Out of Data Processing below.
The Right to Non-Discrimination. This right means that you will not receive discriminatory treatment for exercising your privacy right(s). Inter alia, we will not deny you the Website services, charge different prices or rates, or provide a different level or quality of services for you if you choose to exercise your user privacy right(s).
The Right to Appeal. If we deny and refuse to take an action on your initial user privacy request, you may have the right to appeal that decision under some U.S. State Privacy Laws. See the subsection How to Appeal Initial Decision Regarding Privacy Request below for more details.
Depending on the specific user privacy right you choose to exercise, different methods may be available to you.
In particular, when appropriate technical capabilities are accessible to you within the Website and/or in your device settings, some rights (e.g. the Right to Correct Inaccuracies, the Right to Data Deletion, the Right to Opt Out) can be exercised by you independently without our assistance and the need to submit us the corresponding request. For instance, in certain circumstances the Website may provide you with a possibility to change, update, correct inaccuracies or delete certain pieces of your personal data via your iScanner Account settings.
We honor your right to control your personal Information and provide several mechanisms for opting out of the data processing activities performed on the Website.
Detailed instructions regarding your opt-out choices are described in Section IX of Privacy Policy. This Section provides the necessary steps for the following activities:
Submission of a user privacy request to exercise privacy right(s)
To exercise any user privacy right that cannot be managed by you independently, please contact us anytime via email [email protected] or through the contact form available on the Website with the corresponding privacy request. When submitting your request, please include in its text the phrase “Exercising my rights to maintain confidentiality in … State”, replacing ‘…’ with the name of the state of your residence. We will make every effort to satisfy any request you make to exercise any of your privacy rights.
When you submit any user privacy request via email privacy @ bpmobile.com or through the contact form available on the Website in order to exercise your privacy right(s), the relevant procedure of request authentication shall be put in place. The details and rules for such authentication procedure are provided below.
We shall comply with your user privacy request only if we are able to authenticate you as the user of our Website/iScanner App(s) and as a Covered U.S. Individual Resident. Therefore, when submitting a verifiable user privacy request, you should be ready to:
We will not be able to respond to your privacy request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that the personal information relates to you. We may ask you for additional information or documents to verify your identity before taking any action with your privacy request. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scam request.
We ensure that personal information provided in a verifiable user privacy request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.
We try to respond to a verifiable user privacy request within forty-five (45) days of its receipt. If we require more time and it is reasonably necessary, we may extend the response period. In this case we will inform you of the reason and the applicable extension period in writing.
In cases when we have a reasonable basis, we may choose to decline to take an action regarding the user privacy request. For example, this may happen when we are unable to authenticate a request, or when the request is manifestly unfounded or fraudulent. In this particular case we’ll inform you of the justification for declining to take action within a reasonable period of time after receiving your initial request.
If we decline to take action with respect to your initial request, you may be entitled to appeal our decision under some U.S. State Privacy Laws. To do so, you will need to provide us with the missing information and explanations reasonably necessary to address your request effectively. Within the term prescribed by the applicable U.S. State Privacy Law we’ll inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decision.
We may update this Notice from time to time. To stay informed of updates, please review the latest published version of Notice regularly.
If you reasonably believe that certain U.S. State Privacy Law provides you with additional rights or options not outlined or referred to in this Notice, please contact us via email [email protected] or through the contact form available on the Website. We will do our best to address all your concerns and reply to your request effectively.
