Privacy Policy

1. Introduction

Welcome to AtlasLinq ("we," "our," or "us"), a digital business card platform operated from Indore, Madhya Pradesh, India. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it.

By using AtlasLinq's mobile application and website (collectively, the "Service"), you agree to the collection and use of information in accordance with this policy. Your data is primarily stored in India (Firebase asia-south1 region) with secure global distribution for performance.

This policy applies to users worldwide and includes specific provisions for users in the European Economic Area (GDPR), California (CCPA/CPRA), and India (Digital Personal Data Protection Act, 2023).

2. Information We Collect

2.1 Personal Information You Provide

When you create a profile on AtlasLinq, we collect information that you voluntarily provide:

• Contact Information: Name, email address, phone number, company name, job title
• Profile Content: Profile pictures, background images, social media links, website URLs
• Account Information: Username, password (encrypted), authentication details
• Custom Information: Any additional information you choose to add to your profile

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

• Device Information: Device type, operating system, unique device identifiers, mobile network information
• Usage Data: Profile views, sharing activity, feature usage, interaction timestamps
• Location Data: GPS coordinates when you enable location tracking for shares (optional)
• NFC Interaction Data: NFC tag reads/writes, sharing method used, success/failure status

2.3 Analytics & Diagnostics

• Firebase Analytics: App usage patterns, screen views, user engagement metrics
• Firebase Crashlytics: Crash reports, error logs, performance data (anonymized)

3. How We Use Your Information

We use the information we collect to:

• Provide the Service: Enable profile creation, NFC sharing, QR code generation, and contact exchange
• Personalization: Customize your experience and display your profile information as you configure it
• Analytics & Insights: Provide you with sharing analytics, profile view statistics, and networking insights
• Improve the Service: Analyze usage patterns to enhance features, fix bugs, and improve performance
• Security: Detect and prevent fraud, abuse, and security issues
• Communication: Send you service updates, security alerts, and support messages (only when necessary)
• Compliance: Comply with legal obligations and enforce our Terms of Service

4. Data Storage & Security

4.1 Local-First Architecture

AtlasLinq uses a local-first storage model. Your profile data is primarily stored on your device using secure local storage. This means you maintain control over your data and can use core features offline.

4.2 Cloud Storage (Optional)

When you create an account and enable cloud sync, we store your profile data in Firebase Cloud Firestore located in the asia-south1 (Mumbai, India) region. This enables:

• Profile syncing across multiple devices
• Real-time updates to shared profiles
• Backup and recovery of your data

4.3 Data Retention

We retain your data for the following periods:

• Active Accounts: Your profile data is retained as long as your account remains active
• Deleted Accounts: Account data is permanently deleted within 30 days of deletion request
• Analytics Data: Aggregated analytics are retained for 14 months (Firebase default)
• Crash Reports: Error logs are retained for 90 days for debugging purposes
• Sharing History: Retained until you manually clear it or delete your account

4.4 Security Measures

• Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL
• Authentication: Secure authentication via Firebase Authentication (email/password, Apple Sign-In, Google Sign-In)
• Access Control: Your profile data is only accessible to you and those you explicitly share it with
• Data Minimization: We only collect and store data necessary to provide the Service

5. Data Sharing & Third Parties

5.1 We Do NOT Sell Your Data

We never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Service Providers (Subprocessors)

We use trusted third-party services to operate our platform. Below is our list of subprocessors and their data locations:

• Firebase/Google Cloud (Google LLC): Authentication, Firestore database, Cloud Storage, Analytics, Crashlytics — Data stored in India (asia-south1) with processing in US
• Cloudflare, Inc.: Content delivery network, DDoS protection, DNS — Global edge network with data processing in US/EU
• Vercel Inc.: Website hosting and deployment — US-based with global CDN

These service providers only access your data to perform specific tasks on our behalf and are contractually obligated to protect your information. For international data transfers, we rely on Standard Contractual Clauses (SCCs) and adequacy decisions where applicable.

5.3 Profile Sharing (User-Controlled)

When you actively share your profile via NFC, QR code, or link, you are intentionally making that information accessible to the recipient. You control:

• What information appears on your profile
• When and with whom you share
• Whether profiles are searchable (optional)

5.4 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud or security issues

6. Your Rights & Choices

You have the following rights regarding your personal information:

6.1 Access & Update

• View and edit your profile information anytime in the app
• Update your contact details, social links, and preferences

6.2 Delete Your Data

• Clear History: Delete sharing history and analytics data
• Clear All Data: Remove all locally stored data from your device
• Delete Account: Permanently delete your account and all associated cloud data

You can perform these actions in Settings → Advanced. Account deletion is permanent and cannot be undone.

6.3 Export Your Data

Request a copy of your data by contacting us at the email below. We will provide your data in a portable format (JSON/CSV).

6.4 Privacy Settings

• Analytics: Opt out of Firebase Analytics tracking
• Crash Reporting: Disable crash report submission
• Location Tracking: Control whether GPS coordinates are saved with shares
• Profile Visibility: Choose whether your profile appears in search results

7. Cookies & Analytics

7.1 Mobile App

The AtlasLinq mobile app uses Firebase Analytics and Crashlytics to collect anonymous usage data and crash reports. You can disable these in Settings → Privacy & Security.

7.2 Website

Our website (atlaslinq.com) may use cookies and similar technologies to:

• Remember your preferences
• Analyze website traffic and usage
• Improve user experience

You can control cookies through your browser settings.

8. Children's Privacy

AtlasLinq is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete that information.

9. International Users & Data Transfers

AtlasLinq is operated from India, with our primary data storage in the Firebase asia-south1 (Mumbai) region. If you are accessing the Service from outside India, please be aware that your information may be transferred to, stored, and processed in India and other countries where our service providers operate (including the United States).

For users in the European Economic Area (EEA), United Kingdom, or Switzerland: When we transfer your data outside of your jurisdiction, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

By using the Service, you acknowledge and consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules. We take steps to ensure your data receives an adequate level of protection wherever it is processed.

10. Your Regional Privacy Rights

Depending on your location, you may have additional rights under local privacy laws. This section outlines your rights under major privacy regulations.

10.1 European Economic Area, UK & Switzerland (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

Legal Basis for Processing: We process your data based on: (a) your consent, (b) performance of our contract with you, (c) our legitimate interests in operating the Service, and (d) compliance with legal obligations.

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

Response Time: We will respond to your request within 30 days as required by GDPR.

10.2 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request information about the categories and specific pieces of personal information we collect
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out of Sale: We do NOT sell your personal information to third parties
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information Collected: Identifiers (name, email), commercial information (transaction history), internet activity (usage data), and geolocation data (if enabled).

"Do Not Sell My Personal Information": AtlasLinq does not sell personal information. We have not sold personal information in the preceding 12 months.

Response Time: We will respond to verifiable requests within 45 days as required by CCPA.

10.3 Indian Users (DPDP Act 2023)

If you are located in India, you have the following rights under the Digital Personal Data Protection Act, 2023:

• Right to Access: Obtain confirmation of processing and a summary of your personal data
• Right to Correction & Erasure: Request correction of inaccurate data and erasure of data no longer needed
• Right to Grievance Redressal: Lodge complaints with our Grievance Officer
• Right to Nominate: Nominate another individual to exercise your rights in case of death or incapacity

Consent: We process your data based on your informed consent. You may withdraw consent at any time through the app settings or by contacting us.

Grievance Officer: For complaints or concerns regarding your data, please contact our Grievance Officer at privacy@atlaslinq.com. We will acknowledge your grievance within 48 hours and resolve it within 30 days.

10.4 How to Exercise Your Rights

To exercise any of the rights described above:

• Email: privacy@atlaslinq.com
• In-App: Settings → Privacy & Security → Manage My Data

We may need to verify your identity before processing your request. We do not charge a fee for most requests, but may charge a reasonable fee for manifestly unfounded or excessive requests.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top
• Sending an in-app notification for material changes

Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

For GDPR inquiries or to exercise your data subject rights, please email privacy@atlaslinq.com with "GDPR Request" in the subject line.