Last Modified: January 29, 2024

‍

1. Introduction

SmartMedia Technologies HoldCo, Inc., on behalf of itself and its affiliates, (“SMT” “we” or “us”) is an enterprise Web3 platform.  The SmartMedia Stack, including our self-serve, no code, drag and drop non-fungible token (NFT) and Web3 design studio democratizes Web3 for users and Enterprise, while leveraging the scale and reach of linear television combined with programmatic digital advertising.

‍

We offer a suite of advertising platforms and services, including:

• SmartMedia Demand Side Platform (DSP) – a programmatic advertising platform which enables agencies and marketers to create self-serve advertising campaigns on data driven linear TV, OTT (nonlinear), social, display and addressable TV;
• SmartMedia Lab Platform – a SaaS technology platform which enables agencies and marketers to create self-serve, no code, drag and drop non-fungible token (NFT) digital experiences. We create SmartMedia Tokens™ (SMTs) which are NFTs and enable the rapid design, development and distribution of SmartMedia Ads® and addressable SmartMedia Objects® that drive engagement, acquisition and loyalty across a digital and mobile-first audience;
• Smart Service Solutions – a service which provides strategy, development, design and execution for web3, linear TV and digital advertising campaigns;

Collectively, we refer to the above as SMT’s “Platforms” and “Services”. This Privacy Policy (“Policy”) explains what personal information we collect and how we use such personal information via our Platforms and Services. This Policy also explains what personal information we collect via our company website, located at https://smartmediatech.io/ (our “Website”) as well as the personal information collected pursuant to our business activities. This Policy applies to all our clients (our “Clients”) as well as the Internet users (“you” or “Users”) that interact with our Website, Platforms and/or Services.

Please read this Policy carefully to understand what personal information we collect and how it is used. Our Website is primarily directed to our Clients, partners and vendors which are generally businesses while our Platforms and Services are primarily directed to Users. We may collect two types of information from visitors to our Website and Users of our Platform and Services: personally identifiable information and pseudonymous information (collectively, “personal information”). Personally Identifiable Information (“PII”) is typically information that you provide and may be used to identify you such as name, email address, telephone number and postal address. Pseudonymous information doesn’t enable us to identify you but may help us recognize a particular browser, device or consumer of digital media over time. Both PII and pseudonymous information are defined as either personal data and/or personal information in many jurisdictions. Our Platforms and Services are mostly designed to collect pseudonymous information but may also collect PII when you choose to provide it to us (e.g., when setting up an account or NFT wallet). We believe that maintaining the distinction between what is considered directly identifiable information and what is considered to be pseudonymous can be helpful in describing our privacy practices.  However, we recognize that some privacy laws don’t distinguish between PII and pseudonymous data.

By using this Website, Platforms and/or Services you consent to and acknowledge that we will collect and use your information according to the terms of this Policy. Our Policy may change from time to time and the last date of modification is set forth above. Your continued use of this Website, Platform and/or Services as of the last date of modification means you consent to and acknowledge those changes, so please check the Policy periodically for updates.

‍

‍

2. SMARTMEDIA DEMAND SIDE PLATFORM

The SmartMedia Demand Side Platform (DSP) operates as a programmatic advertising platform where we have partnerships with third-party advertising technology platforms and data partners which enable our Clients and us to place media buys on Digital Properties (defined below). In some cases, our Clients run their campaigns on a self-service basis with little oversight from us, while other Clients ask us to manage their campaigns on their behalf. In both cases, it is our Clients that provide the direction regarding how they want their campaigns to be executed. Each of the third-party advertising technology platforms and data partners operate independently, and different Clients may choose a distinct combination of these platforms and data partners for their campaigns. Our relationships with those third-party advertising platforms and data partners enable ad targeting, measurement and reporting on the effectiveness of advertising campaigns. The DSP is designed to process pseudonymous information. When Clients pass us PII (e.g., from a Client’s customer list), that information is pseudonymized and/or de-identified prior to its ingestion into the DSP. Similarly, the DSP typically provides us only with aggregate statistics (e.g., the number of ad impressions served) pursuant to advertising campaign performance. In this Policy, we refer to our relationships with these third-party advertising technology platforms and data partners as our DSP. For more information about your privacy choices with respect to all our Platforms, Services and Websites, please scroll down to Section 7 in this Policy. The DSP operates in compliance with applicable law as well as the Digital Advertising Alliance Codes of Conduct where applicable. 

‍

Information Collection and Processing by the DSP

The DSP generally processes pseudonymous information pursuant to the advertising campaigns run through the DSP. Clients may sometimes provide us with their customer lists which contains PII such as an email address or telephone number. When we receive those customer lists, we take steps to de-identify and/or render the PII as pseudonymous prior to its ingestion into the DSP.

The DSP processes pseudonymous information about the website(s) that you visit, the mobile apps that you use, the smartTVs that you view (collectively, the “Digital Properties”) as well as the advertising campaigns that you see on those Digital Properties. The information collected includes: the time you visited a site or otherwise consumed the content on a Digital Property, the page URL or App name, your IP address, your browser type (e.g., Chrome or Internet Explorer), the operating system (e.g., Mac OS or Windows), the type of device you used (e.g. laptop or desktop), a hashed email address, a pseudonymous cookie ID, a mobile or platform advertising identifier, and data regarding your activities on the Digital Properties.  Where we can reasonably infer that a particular computer or device belong to the same household (e.g., where multiple computers or devices use the same IP address), we may extend our advertising, targeting and campaign reporting capabilities across multiple devices. As part of the DSP services, we engage third-party data partners that provide non-sensitive profiles that enable targeted advertising via the DSP. The DSP uses the information collected in order to help make the digital advertising campaigns and marketing messages you see more relevant to you, and for advertising campaign delivery and reporting purposes.

When we receive PII such as customer lists from our Clients, we may share that information with vendors that are subject to written contracts indicating that they may only use that information to enable us to de-identify and/or pseudonymize the data for ingestion into the DSP and for no other purpose.

‍

Methods of Information Collection and Technologies Used by the DSP

For pseudonymous information that we automatically collect, including the information processed by the DSP, we use the following technologies:

• Cookies and advertising identifiers. A cookie is a small file placed on your computer or device. When you first visit a Digital Property, our DSP may assign a random, pseudonymous, unique ID to your browser or device, which allows the DSP to automatically recognize your browser or device the next time it visits another Digital Property that has integrated our technology. This allows our Clients and partners to sync their own unique identifiers against this ID so that they can use their own data on the DSP that they may have associated with you. It may be possible to refuse to accept cookies by activating the appropriate setting on your computer or device. But if you select this setting, you may be unable to enjoy the full functionality of the website you are viewing.  You can learn more details about the types of cookies we use by reviewing our Cookie Policy.
• Web Beacons. Pages of the Website, the Digital Properties you visit, and emails deployed by SMT (if applicable) may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

‍

Third-Party Information Collection in the DSP

The DSP uses third-party vendors that provide the infrastructure to collect or otherwise process data about our Client’s advertising campaigns. We require our third-party advertising technology platforms and data partners to ensure that a legally sufficient and conspicuous privacy notice is provided and that a choice or consent mechanism is provided if required under applicable law. For example, the DSP participates in the “Transparency & Consent Framework” (“TCF”), developed by the Interactive Advertising Bureau (IAB) for the purpose of GDPR compliance and complies with its Specifications and Policies. 

‍

How We Use Your Information in the DSP

We use the information processed by the DSP to manage advertising campaigns. This use includes the following:

• Estimating the size of the campaign audience (i.e., the prospective customers who might be interested in our Client’s advertising);
• Creating ad targeting profiles to target our Clients advertising campaigns;
• Measuring the effectiveness our Client’s advertising campaigns; and
• Providing reports on the Client advertising campaigns.

The DSP leverages third-party advertising technology platforms and infrastructure to help us build, target, manage, measure and report on advertising campaigns. These partners may vary from time to time and include:

• Amazon Advertising – advertising platform seat partner – Privacy Policy & Opt-out Policy
• IPONWEB – (TCF IAB vendor number 129) – Privacy Policy & Opt-out Policy

• Dstillery – ad targeting partner – Privacy Policy & Opt-out Policy
• LiveRamp – ad targeting partner – Privacy Policy & Opt-out Policy
  

‍

3. THE SMARTMEDIA LAB PLATFORM

The SmartMedia Lab Platform is a SaaS technology platform (the “SML Platform”) that enables agencies and marketers to create self-serve, no code, drag and drop non-fungible token (NFT) digital experiences. The SML Platform includes a web application (the “App”) and custom-built web landing pages (the “Landing Pages”) which enables our Clients to drive engagement, acquisition and loyalty across a digital and mobile-first audience. 

We collect information from App users and visitors to the Landing Pages in two ways:

• Directly from you when you provide it to us; and
• Automatically when you use the App or visit the Landing Pages.

‍

Information You Provide Directly in the SML Platform

When you access, register with, or use this App or visit the Landing Pages, we may ask you to provide PII, such as your name, postal address, email address, telephone number, date of birth, social security number, username, or another identifier by which you may be contacted online or offline. This information includes:

• Information that you provide by filling in forms in the App or Landing Pages. This includes information provided at the time of registering to use the App. We may also ask you for information when you enter a contest or promotion administered by us, and when you report a problem with the App.
• Information that you provide when we ask you to sign up for permission marketing programs; either from us, from one of our Clients; or both.
• Information that you provide by authorizing your wireless carrier to share account information with us.  You acknowledge and agree that you have authorized your wireless carrier to use or disclose information about your account and wireless device, if available, to us and/or our service providers for the duration of your business relationship with us, solely to help us and/or our service providers identify you or your wireless device and to prevent fraud.  
• Records and copies of your correspondence (including your name, email addresses, phone numbers, and any other information you provide) if you contact us.
• Details of transactions carried out through the App.

You may also provide information for publication or display (“Posted“) on public areas of the Landing Pages, the App or websites accessible through the App (“User Contributions“). We may collect and maintain copies of your User Contributions, and you should also be aware that your User Contributions may be transmitted to and accessible by others. We cannot control and do not have any responsibility for the actions of third parties who have access to, or with whom you may choose to share, your User Contributions.

‍

Information We Collect Automatically in the SML Platform

When you access, register with, or use the App or Landing Pages, we may use technology to automatically collect pseudonymous information:

• Usage Details. We may automatically collect details of your session using the App (including your session date, time, and duration, precise geolocation), activity within the App (including content viewed and features used), communications you initiate or receive (including communication content, other participants, and timing), resources that you access and use on or through the App (including third-party services), and inferences from all of this information that we may add to a user profile associated with your App account. With the exception of precise geolocation information, we collect similar information when you visit the Landing Pages.
• Browser and Device Information. We may collect information about your Internet browser, mobile device and internet connection, including the device’s unique device identifier, IP address, operating system, browser type, mobile network information, and the device’s telephone number. We may also create a pseudonymous identifier and place it into a cookie to enable our systems to recognize your browser or device over time.
• Stored Information and Files. With your permission, the App also may access metadata and other information associated with other files stored on your device. This may include, for example, photographs, audio and video clips, personal contacts, and address book information. For example:
• Uploading photos, audio and video – you may choose to upload these files via the App. For example, we may create a game that invites our users to upload a picture of an orange car. When you upload that picture, we will use the picture to ascertain that the picture uploaded contains an orange car.
• Uploading contact information – If you choose to transfer a NFT to another person, the App will open up your address book in order to enable you to request that such person is interested in that NFT.

‍

Methods of Information Collection and Technologies Used on the SML Platform

For PII that you provide directly to us, we will collect it through a user interface such as the App portal, a Landing Page, or a link to some other communication interface such as email. For pseudonymous information that we automatically collect, we use cookies and web beacons. We also enable third-party partners to use web beacons, place cookies and use similar tracking technologies when you use the App or visit the Landing Pages. This collection of pseudonymous information by third-parties may be deemed a sale of data in California and other places under applicable law. We provide a notice of these practices when you first visit the Landing Pages and/or App and provide the appropriate choice mechanism in this Policy as well as in the user profile settings in the App as required by law.  You may restrict the use of cookies, but that may affect your ability to use the App and Landing Pages. You can learn more details about the types of cookies we use by reviewing our Cookie Policy.

‍

How We Use Your Information on the SML Platform

We use the personal information that you provide directly to us to:

• Provide you with the App and its contents and any other information, products, or services that you request from us, including but not limited to generating the private and public keys to create an on-chain blockchain custodial wallet;
• Personalize, and develop our App, products, Landing Pages and services. For example, the App will collect your precise location information such as latitude/longitude in order to provide mapping functionality within the App;
• To send you advertisements about products and services we think you may like;
• To identify you or your wireless device and to prevent fraud; 
• To enroll you in rewards, loyalty, and other similar programs you have selected;
• Fulfill or meet the reason you provided the information. For example, if you share your name and contact information to ask a question about our products or services, we will use that personal information to respond to your inquiry;
• Process your requests, purchases, transactions, and payments, communicate with you, and prevent transactional fraud;
• Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
• Notify you when App updates are available, and of changes to any products or services we offer or provide though it; and
• Maintain the safety, security, and integrity of our App and Landing Pages, products and services, databases and other technology assets, and business.

We use the Usage Details that we automatically collect from you to improve our App and Landing Pages and to deliver a better and more personalized experience by enabling us to:

• Estimate our audience size and usage patterns;
• Store information about your preferences, allowing us to customize our App according to your individual interests;
• Speed up your searches; and
• Recognize you when you use the App or Landing Pages.

We may use the information we collect to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

‍

‍

4. INFORMATION ABOUT CHILDREN YOUNGER THAN 18, SENSITIVE AND SPECIAL CATEGORY DATA

The Website, Platforms and Services are not intended for children younger than 18 years of age, and we do not knowingly collect personal information from children younger than the age of 18 either via the Website, the Platforms or the Services. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will take reasonable steps to delete that information from our systems. If you believe we might have any information from or about a child younger than 18 years of age, please contact us.

We also don’t  collect sensitive or special category data such as ethnicity, religion, sexual interest, or data based on sensitive health conditions as defined under applicable law other than in an employment context which is covered under a different policy. We ask our Clients, partners and vendors not to send this type of information to us.

‍

‍

5. OUR WEBSITE

Our Website is directed primarily at our Clients and prospective clients, partners and vendors which are generally businesses. We collect information from visitors to the Website in two ways:

• Directly from you when you provide it to us; and
• Automatically when you use the Website.

‍

Information You Provide Directly to Us on Our Website

When you visit the Website, we may ask you to provide PII to us by which you may be identified, including your name, postal address, email address, telephone number, username, or another identifier by which you may be contacted online or offline. This information includes:

• Information that you provide by filling in forms in the Website.
• Information that you provide when we ask you to sign up for permission marketing program; either from us or from our Clients.
• Records and copies of your correspondence (including your name, email addresses, phone numbers, and any other information you provide) if you contact us.

You may also provide information for publication or display (“Posted“) on public areas of the Websites (“User Contributions“). We may collect and maintain copies of your User Contributions, and you should also be aware that your User Contributions may be transmitted to and accessible by others. We cannot control and do not have any responsibility for the actions of third parties who have access to, or with whom you may choose to share, your User Contributions.

‍

Information We Collect Automatically on our Website

When you download, register with, access, and use the Website, we may use technology to automatically collect pseudonymous information:

• Usage Details. We may automatically collect details of your visit to the Website, (including your session date, time, and duration, pages viewed, and features used), and inferences derived from all of this information.
• Browser and Device Information. We may collect information about your Internet browser, computer and/or mobile device and internet connection, including the device’s unique device identifier, IP address, operating system, browser type, and mobile network information. We may also create a pseudonymous identifier and place it into a cookie to enable our systems to recognize your browser or device over time.

‍

Methods of Information Collection and Technologies Used on our Website

For PII that you provide directly to us, we will collect it through a user interface such as a web form or a link to some other communication interface such as email.

For pseudonymous information that we automatically collect, including the information processed by our Platforms, we use the following technologies:

• Cookies. A cookie is a small file placed on your computer or device. When you first visit our Websites, our systems may attempt to place a cookie on your browser or device. It may be possible to refuse to accept cookies by activating the appropriate setting on your computer or device. But if you select this setting, you may be unable to enjoy the full functionality of the Website.  You can learn more details about the types of cookies we use on the Websites by reviewing our Cookie Policy.
• Web Beacons. Pages of the Website, and emails deployed by SMT (if applicable) may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related statistics (for example, recording the popularity of certain Websites content and verifying system and server integrity).

Third-Party Information Collection on the Website

The Website sometimes enables third-parties to place pixels to collect or otherwise process data for the purpose of helping the Website function, for analytics purposes and/or to enable targeted and/or interest-based advertising campaigns on other websites.  These third parties may include: advertisers, ad networks, ad servers and analytics companies. Our enablement of third-party data collection via the Website may count as a sale of personal information in certain jurisdictions under applicable law. Accordingly, we will provide a privacy notice and offer a way for you to opt-out of having third-parties get access to information via the Website by restricting their ability to place cookies and collect information. These third parties may use cookies and other tracking technologies to collect information about you when you visit the Website. We will provide notice and in certain cases (i.e., where required under applicable laws such as those in the UK and EEA) ask for your permission to place third party tracking cookies onto your browser or device when you visit the Website. If you refuse, our systems will attempt to prevent third party pixels from firing, which should block those cookies.

‍

How We Use Your Information Collected from the Website

We use the PII that you provide directly to us to:

• Provide you with information, products, or services that you request from us;
• Personalize, and develop our products, Website and services;
• To send you advertisements about products and services we think you may like;
• Fulfill or meet the reason you provided the information. For example, if you share your name and contact information to ask a question about our products or services, we will use that personal information to respond to your inquiry;
• Process your requests, purchases, transactions, and payments, communicate with you, and prevent transactional fraud;
• Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
• Notify you of changes to any products or services we offer or provide though it; and
• Maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.

We use the Usage Details that we automatically collect from you to improve our Website and to deliver a better and more personalized experience by enabling us to:

• Estimate our audience size and usage patterns;
• Store information about your preferences, allowing us to customize our Websites according to your individual interests;
• Speed up your searches; and
• Recognize your browser or device when you use the Website.

‍

‍

6. HOW WE SHARE YOUR INFORMATION WE OBTAIN VIA OUR WEBSITE, PLATFORMS, AND SERVICES

We may disclose aggregated information.

In addition, we may disclose personal information to:

• Our “Clients” – which are third-party businesses that utilize our marketing and advertising capabilities to connect with our users;
• Our “Client’s Customers” which are third-party businesses utilizing our Client’s products and services capabilities;
• Affiliated businesses;
• Service providers and data processors that are vendors and contractors who support our business, and which are limited to using this information only to provide services to us and in accordance with our instructions. These vendors and contractors are prohibited from using the information for purposes other than performing services for SMT. The categories of vendors and contractors used by SMT may include: a) cloud computer, data storage and file storage providers; b) email marketing providers; c) website and B2B sales analytics providers; d) customer relationship management, contact database vendors, data hygiene vendors, survey vendors and project management software providers; e) customer billing systems partners and payment processing vendors; f) vendors that de-identify and/or pseudonymize Client customer lists for ingestion into our Platforms; g) Vendors who manage  sweepstakes we may run; h) social media platforms for advertising and marketing purposes; i) outsourced computer programmers helping to ensure our systems are operating properly; j) auditing, debugging and security vendors; k) identity verification providers; and l) login authentication providers to ensure that the logins to our systems are working efficiently.
• A buyer of our business or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of SMT’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information is among the assets transferred;
• Fulfill the purpose for which you provide it;
• Fulfill any other purpose disclosed by us when you provide the information;
• Perform any action for which you provide consent;
• Comply with any court order, law, or legal process, including to respond to any government or regulatory request;
• Enforce our rights arising from any contracts entered into between you and us; or
• Protect the rights, property, or safety of SMT, our customers, or others.

‍

7. YOUR CHOICE ABOUT OUR USE OF YOUR PERSONAL INFORMATION PROCESSED BY THE WEBSITE, PLATFORMS, and SERVICES

We strive to provide you with choices regarding the PII you provide to us and the pseudonymous information we may collect automatically. This section describes mechanisms we provide for you to control certain uses and disclosures of your information, including via the Website, Platforms and Services.

Your Choices regarding Profiling, Sales and/or Targeted Advertising via the DSP: The DSP platform relies on partnerships with third-party advertising platform and ad targeting partners. We provide their names and links to their privacy and opt-out policies below. Opting out of each partner should result in the placement of an opt-out cookie or similar indicator on your browser or device. The partners include:

• Amazon Advertising – advertising platform seat partner – Privacy Policy & Opt-out Policy
• IPONWEB – advertising platform infrastructure partner – Privacy Policy & Opt-out Policy
• Dstillery – ad targeting partner – Privacy Policy & Opt-out Policy
• LiveRamp – ad targeting partner –  Privacy Policy & Opt-out Policy

Our partners have provided us with assurances that their systems honor choice requirements under applicable law, including on mobile devices and Connected TV environments to the extent that partners operate in one or both of those environments. If you want additional information regarding choice options for mobile devices, please click here. If you want additional information regarding choice options for connected television and smartTV platforms, please click here.

‍

Your Choices In Connection to the Websites and SML Platform: As described in this Privacy Policy, you may opt-out by logging into the App and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes. You may also opt-out of receiving any or all communications from us by following unsubscribe instructions in communications (e.g., by clicking the “unsubscribe” link in an email.)  If you’ve provided us with your email address and want to ensure that SMT does not sell or share this personal information, you may also contact us at privacy ((at)) smartmediatech ((dot)) io with a request to opt-out any sale of your email under applicable law.

‍

Tracking Technologies: You may adjust your device settings to refuse all or some cookies or to alert you when cookies are being sent. If you disable or refuse cookies or block the use of other tracking technologies, some parts of the Websites may then be inaccessible or not function properly, and our Client campaigns run via the DSP may not operate.

‍

Promotional Messages: We respect your privacy and give you an opportunity to opt-out of and (where applicable) withdraw consent for receiving marketing messages announcements of certain information. You may also email us at: privacy ((at)) smartmediatech ((dot)) io with questions.

Do Not Track and similar Global Privacy Controls: Web browsers will sometimes include a “Do Not Track” request in the HTTP header. At this time, we do not alter our behavior or change our services upon receiving a browser based “Do Not Track” request, but we have instructed our ad delivery and ad targeting platforms in connection with the DSP to treat GPC signals as a request to opt-out where required under applicable law.

‍

8. YOUR RIGHTS AND HOW TO EXERCISE THEM

Certain places (e.g., the European Union, UK, Switzerland, and certain U.S. States such as the State of California) require companies that collect information to provide data subjects located in those places with certain additional rights. We respond to requests that we receive from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws.

If you are a Client with an account that enables you to view aggregate campaign results and have a question about your rights, please contact the SMT DSP personnel that owns the relationship between your company and the SMT DSP. Similarly, if you are a Client, partner or vendor with a business relationship with SMT, we ask you to first contact the person within SMT that owns the relationship between your company and SMT in order to exercise any of the below rights. You may also email us at privacy ((at)) smartmediatech ((dot)) io

You may make a request regarding any personal information collected via the Website and the Platform by emailing us at privacy ((at)) smartmediatech ((dot)) io.

Rights that you may have, depending on where you are located, include:

Access. You have the right to request that we disclose what personal information we have collected from you over the past 12 months and how we have used it. Once we receive and confirm your verifiable consumer request, we will disclose to you:

1. The categories of personal information we collected about you.
2. The categories of sources for the personal information we collected about you.
3. Our business or commercial purpose for collecting or selling that personal information.
4. The categories of other businesses or persons with whom we share that personal information.
5. The specific pieces of personal information we collected about you.
6. If we disclosed your personal information for a business purpose, the personal information categories that each category of recipient obtained.

Deletion. You also have the right to request that we delete personal information collected from you, subject to certain exceptions. Please note, if you have an account with the SML Platform NFT wallet you may delete your personal information by deleting your wallet account within the wallet user profile settings and we will ask you to type “DELETE” to confirm you want to delete your account. Deletion of your wallet account will also result in the removal of your personal information, including your email address from our mailing list, but there may be a lag between deletion of your account and updating our mailing list.

Personal Information Sales. You are probably aware of laws that give individuals the right to opt out of the sale of their personal information – including pseudonymous information and PII. We require the third-party DSP, data partners and any other vendors operating our Platforms where the transfer of data might be deemed a sale under applicable law to ensure that a legally sufficient privacy notice and opt-out choice is provided. Similarly, to the extent that our transfer of data is deemed a sale of personal information under applicable law, we’ll ensure that a privacy notice and opt-out choice are provided to you. And as stated above, third-party data collection via the Websites may count as a sale of personal information in certain jurisdictions under applicable law. Accordingly, we will provide a privacy notice and offer a way for you to opt-out of having third-parties get access to information via the Websites by restricting their ability to place cookies and collect information. We also provide a mechanism that provides notice and (in certain jurisdictions, e.g., the EEA and UK) request your permission for the placement of cookies via the Website.

Corrections and Updates. You can manage the PII associated with your account (if applicable) via your account settings or by sending us an email. We don’t currently provide a mechanism to correct or update the pseudonymous personal information processed by the Platform, but you may request that we delete such information.

Consent Revocation. Withdrawing your consent at any time if we have collected and processed your information with your consent. Withdrawing your consent will not affect the lawfulness of any processing that we conducted prior to your withdrawal, nor will it affect processing of your information conducted in reliance on lawful processing grounds other than consent. To revoke the consent with respect to information processed via the SML Platform, please visit your profile settings within the App or send us an email at privacy ((at)) smartmediatech ((dot)) io. If you want to revoke consent from one or more of our DSP infrastructure vendors, please visit the opt-out section of the Policy or click here: AdChoice, Opt-out; Do Not Sell or Share My Information.

Regulator Inquiry. If you are resident of the European Economic Area, the UK, or Switzerland, and you have concerns about our collection and processing of your personal information, you may contact your relevant data protection authority. Contact details for data protection authorities are available here.

If you have questions about exercising your rights, you should email us at privacy ((at)) smartmediatech ((dot)) io.

Only you, or a person granted the rights to make requests on others’ behalf by an appropriate governmental authority (e.g., an authorized agent), may make a verifiable consumer request related to your personal information. Although we endeavor not to obtain personal information from persons under 18, you may also make a verifiable consumer request on behalf of your minor child.

To verify the identity of an individual making a request, a two-step process will need to be completed. A verifiable consumer request must:

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
• Separately provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

We will use personal information provided in a verifiable consumer request only to verify the requestor’s identity or authority to make the request.

‍

9. OUR RESPONSES TO YOUR REQUESTS

We will endeavor to provide an initial response to a verifiable user request within 10 days of receipt and will attempt to fulfill a verifiable user request within 45 days of its receipt unless applicable law requires us to fulfill the request sooner. If we require more time, we will inform you of the reason and extension period in writing.

We will deliver our written response by mail or electronically, at your option.

Except where required under applicable law, disclosures we provide will cover only the 12-month period preceding our receipt of a verifiable user request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable user request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

‍

10. HOW DOES EXERCISING MY RIGHTS AFFECT MY USE OF THE WEBSITE, PLATFORMS, OR SERVICES?

We will not discriminate against anyone for exercising any of their rights under this Policy or any applicable information privacy or data protection law. Unless otherwise permitted, we will not:

• Deny you goods or services;
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
• Provide you a different level or quality of goods or services; or
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

But if any part of our Website, Platforms or Services involves a financial transaction with you, we may offer you certain financial incentives permitted by applicable laws that can result in different prices, rates, or quality levels. Any financial incentive permitted under applicable law that we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. However, we do not currently provide any financial incentives.

‍

11. INDIVIDUALS IN THE UNITED STATES

Certain U.S. states (e.g., California, Virginia, Colorado and Connecticut) provide additional privacy protections for their data subjects under applicable law, including: a) the right to see what data we have about you, your computer, or device (i.e., the right to know), b) the right to delete the data we have about you, your computer or device (i.e., the right to delete) and (although we don’t engage in such sales,  c) the right to correct data about you, your computer or device , and d) the right to opt-out of profiling, ad targeting, and/or the sale of data about you, your computer or device to certain third parties (i.e., the right to opt-out from sales of your information). We do not discriminate against you if you exercise any of the above rights. Moreover, we may not be able to honor a right if doing so would violate applicable law. California consumers may call our privacy request hotline toll-free at: One * Eight-Hundred * Six Zero Seven * Five Nine Four Seven.

‍

12. INDIVIDUALS IN THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM AND SWITZERLAND

Individuals located in the European Economic Area (“EEA”), Switzerland, and the United Kingdom are granted additional privacy rights under the General Data Privacy Regulation (“GDPR”) the Swiss Federal Act on Data Protection, and the Data Protection Act in the UK, respectively. For simplicity, we will refer to the GDPR throughout this Section 12 when describing the data protection laws of all three jurisdictions. Also, while the rest of the Policy uses the term “personal information”, the GDPR term “Personal Data” will be used throughout this Section.

As an EEA, UK or Swiss data subject, you have the right – partly under certain conditions: (a) to request information about the processing of your data free of charge, as well as the receipt of a copy of your personal data. You can request information on the purposes of the processing, the categories of personal data being processed, the recipients of the data (if they are passed on), the duration of the storage or the criteria for determining the duration; (b) to correct your data. Should your personal data be incomplete, you have the right to complete the data, taking into account the processing purposes; (c) to delete or block your data. Reasons for the existence of a cancellation/blocking right can be, among others, the revocation of the consent on which the processing is based, the data subject objects to the processing, the personal data were processed unlawfully; (d) to restrict the processing; (e) to object the processing of your data; (f) to revoke your consent to the processing of your data in the future, and; (g) to complain to the competent supervisory authority about inadmissible data processing. Instructions for making these requests may be found in Section 8 of this Policy.

SMT utilizes valid data transfers mechanisms such as the Standard Contractual Clauses for cross-border data transfers as required by applicable laws.

‍

13. LEGAL BASIS FOR PROCESSING PERSONAL  INFORMATION BY THE WEBSITE, PLATFORMS AND SERVICES

Our Legal Basis for processing personal data under the GDPR depends upon the specific context under which we collect or use it. Here’s an overview:

• SML Platform and Services – In connection with the SML Platform and Services, we process the data provided to us under consent where it is used for direct marketing purposes, and under contractual necessity when processed in order to fulfill something you’ve requested such as operating and maintaining your NFT wallet. We also may rely on our legitimate interests to collect and use personal data that is automatically collected, except where our interests are overridden by your data-protection interests or your fundamental rights and freedoms. At the point where you’re providing data to setup your account, we’ll communicate whether the information you provide is subject to our privacy policy, a Client’s privacy policy, or both.
• SMT DSP – In connection with the DSP, we generally act as a “processor” as defined under applicable law as we collect personal data on behalf of and at the instruction of another party; for example, a Client.
• Our Website and general business operations – In connection with our Website, we process the data provided to us under consent where it is used for direct marketing purposes, and under contractual necessity when processed in order to fulfill our contractual obligations such as providing access to campaign reporting for Clients. We also may rely on our legitimate interests to collect and use personal data that is automatically collected, except where our interests are overridden by your data-protection interests or your fundamental rights and freedoms. These legitimate interests include the operation of our Platform and business and as required by our agreements with Clients.

Where we rely on consent to process your personal data, we will obtain such consent in compliance with applicable laws. Where you have given your consent, you have the right to withdraw your consent at any time.

‍

14. DATA SECURITY

We maintain reasonable administrative, physical, and technical safeguards to reasonably protect the confidentiality, availability, and integrity of your personal information and partner with service providers that implement safeguards and controls to protect your personal information. But given the nature of the internet and the fact that network security measures are not infallible, we cannot guarantee the security of your personal information. In the event we become aware of a data security breach, we will provide you with notice to the extent required by applicable laws.

‍

15. POLICY CHANGES

If we change this Policy, we will post the updated Policy on the Website. The last date of modification to this privacy Policy is set forth above at the top of the page. You are responsible for periodically visiting this privacy Policy to check for any changes and your continued use of the Website, Platforms and Services as of the last date of modification means you accept those changes.

‍

16. CONTACT INFORMATION

You may contact us regarding privacy.

• General questions or comments email: privacy ((at)) smartmediatech ((dot)) io
• Global Data Protection Officer (DPO) SmartMedia Technologies HoldCo, Inc., Attention: Global Privacy Office, 201 Main Street, Suite 102, Carbondale, CO 81623. Email: DPO ((at)) smartmediatech ((dot)) io
• Our EU Representative is ePrivacy Holding GmbH / ePrivacy GmbH, Große Bleichen 21, 20354 Hamburg, Germany. Email: eu.rep ((at)) eprivacy ((dot)) eu
• Our UK Representative is UK Representative Service for GDPR Ltd. (UKRS), 7 Savoy Court, London WC2R 0EX, United Kingdom. Email: service ((at)) ukrepresentative ((dot)) eu

‍

_______________________________________________________________________________________________________________