​​

Effective date: 3 October 2025
Applies to: Minfo web properties, the Minfo Universal App, Minfo Web Connect, and related services

 

1. Who we are
Minfo is a technology platform that turns media and places into trusted, measurable, privacy‑respecting interactions using AudioQR and SmartLinks. For privacy questions, contact data@minfo.com. A privacy lead is assigned and listed in this policy.

 

2. Scope
This policy explains what personal data we collect, why we collect it, the lawful bases we rely on, how long we keep it, with whom we share it, and the choices and rights available to you. It applies to registered members, premium members, and limited features available to unregistered users.

 

3. Personal data we collect
Depending on how you use Minfo, we may collect:
•    Identity and contact data: name, email, phone, optional profile fields.
•    Device and technical data: IP address, device type, OS, app version, usage events.
•    Engagement data: interactions with AudioQR and SmartLinks, timestamps, campaign identifiers.
•    Location data: coarse location from IP or device settings. GPS only if you enable it.
•    Sensitive data: not collected beyond the categories above.
Unregistered use
You can try limited Minfo features without creating an account. We do not store personal identifiers for unregistered sessions. We may log obfuscated, session‑level telemetry like timestamp, device type, and a campaign ID to improve performance and measure general effectiveness.

 

4. Why we process personal data
We use data to deliver and improve services, provide privacy‑compliant zero and first‑party engagement for brands, ensure security and fraud prevention, and communicate service updates and opt‑in promotions.

 

5. Lawful bases for processing
We rely on one or more of the following:
•    Consent: marketing communications, optional research, and any third‑party sharing that is not strictly necessary for service delivery. You can withdraw consent at any time.
•    Contract: account provisioning and delivering requested features, including prize fulfilment where applicable.
•    Legitimate interests: service security, platform integrity, and service improvement that does not override your rights and freedoms.
•    Legal obligation: responding to regulators, tax and audit requirements.

 

6. Consent management
•    Obtain: clear, purpose‑specific prompts at the point of collection with unticked checkboxes and plain English summaries.
•    Record: time‑stamped consent events tied to the notice version shown at the time.
•    Manage: change or withdraw at any time in‑app or by emailing data@minfo.com. Changes apply going forward and we update processors where relevant.

 

7. Privacy by design
We apply data minimisation, purpose binding, role‑based access, and DPIA reviews for new features. Accessibility and inclusive design are integral to our product guidelines and consent flows.

 

8. Your rights
Where applicable under GDPR or UK GDPR, you have the rights to access, rectification, erasure, restriction, objection, portability, and withdraw consent at any time. We respond within one month and may extend by a further two months for complex requests. Submit requests via in‑app settings or data@minfo.com. You may also lodge a complaint with your local Data Protection Authority.

 

9. Security
We implement appropriate technical and organizational measures to protect personal data. These include encryption in transit and at rest, access controls based on least privilege, continuous monitoring, vulnerability management, regular security testing by independent specialists, and employee security training. We review our controls periodically and adjust them to address evolving risks.
Incident response
We maintain a documented incident response process that covers detection, containment, investigation, notification where required by law, and remediation.

 

10. Data sharing
We do not share personal data with brands without your explicit consent. We share data with vetted service providers for hosting, analytics, support, payments, and legal compliance under strict contractual terms. We may disclose data to authorities where required by law. We may share aggregated or anonymised insights for research that cannot be used to identify you.

 

11. International transfers
Where data is transferred across borders, we use appropriate safeguards such as standard contractual clauses and service‑provider contractual commitments consistent with GDPR.

 

12. Retention and deletion
We keep personal data only as long as needed for stated purposes, then delete or further anonymise it under documented schedules. Examples: general service data follows service‑need schedules; campaign and sweepstakes data is kept no longer than six months after a campaign ends, unless law requires longer, and can be deleted sooner on request.

 

13. Marketing choices
You can opt in to or out of marketing at any time. Withdrawal does not affect lawful processing that occurred before withdrawal.

 

14. Children’s data
Minfo is not directed to children under the age specified by local law and does not knowingly collect their personal data without appropriate consent. If you believe a child has provided data, contact us to delete it.

 

15. Automated decision‑making and profiling
We do not make decisions with legal or similarly significant effects based solely on automated processing. We use engagement signals to improve relevance and quality of service in ways that do not override your rights.

16. Cookies and similar technologies
We use necessary cookies to operate the service and limited analytics consistent with our minimisation approach. Where required, we request consent for non‑essential cookies and provide controls to change preferences at any time.

17. Accessibility and inclusivity
Our interfaces and notices follow inclusive design: contrast targets, alt text, captions for AV content, and clear consent language that is easy to understand.

​

18. Contact and complaints
•    Privacy contact: data@minfo.com

•    Security contact: security@minfo.com

•    Privacy lead: Dr Vince Ming
We will work to resolve your concerns. You also have the right to contact your local Data Protection Authority.

 

19. Updates to this policy
We may update this policy to reflect changes in law or our practices. We will post updates on our website or within the app. Material changes will be notified through appropriate channels.
 

Contact Us: For any questions about this Privacy Policy or our privacy practices, please contact us at support@minfo.com or complete the form below.