Privacy

Effective Date: April 22, 2025

Quickture, Inc. ("we," "our," or "us") is a SaaS company providing AI video editing services. We respect your privacy and are committed to protecting your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation ("GDPR"), the UK Data Protection Act 2018, and the Swiss Federal Data Protection Act. This Privacy Policy outlines how we handle external inquiries related to your personal data.

Identity and Contact Details of the Controller

Quickture, Inc. is the data controller responsible for the processing of your personal information under this Privacy Policy.

Data Controller: Gary Grossman, CTO
Contact Email: privacy@quickture.com

Purposes of Processing and Legal Basis

We process personal data for the following purposes and on the corresponding legal bases:

1. Responding to Privacy Inquiries: To respond to your questions, concerns, or requests regarding your personal data.
   • Legal Basis: Legitimate interest (Article 6(1)(f) GDPR).
2. Compliance with Legal Obligations: To meet our legal obligations under applicable laws.
   • Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR).
3. Improving Our Services: To evaluate and enhance the quality of our services based on your inquiries and interactions.
   • Legal Basis: Legitimate interest (Article 6(1)(f) GDPR).
4. Providing AI Video Editing Services: To deliver and improve our core SaaS video editing services.
   • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR) or legitimate interest (Article 6(1)(f) GDPR).

If we rely on your consent for any processing activity, you may withdraw your consent at any time as described below.

Recipients of Personal Data

We may share your personal data with the following categories of recipients, as necessary:

1. Service Providers: Third-party service providers who support our operations (e.g., IT hosting, customer service platforms).
2. Legal and Regulatory Authorities: Where required to comply with legal obligations or protect our legal rights.
3. Affiliates and Headquarters: Quickture's affiliates and headquarters in the United States to facilitate global operations.

When transferring personal data to a third party acting as an agent, Quickture shall:

(i) transfer such data only for limited and specified purposes;

(ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Data Privacy Framework Principles;

(iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with Quickture's obligations under the Data Privacy Framework Principles;

(iv) upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing; and

(v) provide a summary or a representative copy of the relevant privacy provisions of its contract with that agent to the Department of Commerce upon request.

Quickture remains liable under the Data Privacy Framework Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Quickture proves that it is not responsible for the event giving rise to the damage.

We ensure all recipients provide adequate safeguards to protect your personal data.

Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Specifically:

• Inquiry-related data: Retained for up to 2 years after the inquiry is resolved.
• Data subject request records: Retained for up to 5 years to demonstrate compliance with GDPR requirements.

After these periods, personal data is securely deleted or anonymized unless required by law to retain it longer.

Your Rights Under GDPR, UK, and Swiss Data Protection Laws

As a data subject under the GDPR, UK Data Protection Act 2018, or Swiss Federal Data Protection Act, you have the following rights regarding your personal data:

1. Right to Access: Request confirmation of whether we process your personal data and a copy of the data.
2. Right to Rectification: Request corrections to inaccurate or incomplete personal data.
3. Right to Erasure: Request deletion of your personal data under specific circumstances.
4. Right to Restrict Processing: Request limitations on processing under certain conditions.
5. Right to Object: Object to the processing of your personal data based on legitimate interests or for direct marketing.
6. Right to Data Portability: Receive a copy of your personal data in a portable format.
7. Right to Withdraw Consent: If processing is based on your consent, withdraw your consent at any time without affecting the lawfulness of prior processing.
8. Right to Lodge a Complaint: File a complaint with a supervisory authority if you believe your rights have been violated, including the UK Information Commissioner's Office or the Swiss Federal Data Protection and Information Commissioner.

Your Choices and Control Over Your Data

Quickture respects your right to make choices about how we use and disclose your personal information:

1. Third-Party Disclosure and Alternative Uses:
   For regular personal information: You have the right to opt out of having your personal information (i) disclosed to third parties (other than to our service providers acting as our agents) or (ii) used for purposes that are materially different from those for which it was originally collected or subsequently authorized by you.
   ‍For sensitive information: Quickture will obtain your explicit affirmative consent (opt in) before we (i) disclose your sensitive information to third parties or (ii) use it for purposes other than those for which it was originally collected or subsequently authorized by you through the exercise of opt-in choice. Sensitive information includes data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying your sex life.
   We also treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.‍
2. How to Exercise Your Choices:
   ‍To opt out of third-party disclosures or alternative uses of your personal information, please email us at privacy@quickture.com with "OPT-OUT REQUEST" in the subject line.
   To provide or withdraw consent for the processing of sensitive information, please email us at privacy@quickture.com with "SENSITIVE DATA CONSENT" in the subject line.
   You will receive confirmation of your choice within 10 business days.‍
3. Limitations:
   ‍Please note that your opt-out choices will not apply when we share your information with service providers who process data on our behalf and under our instructions. However, we always have appropriate contracts in place with these service providers to ensure the protection of your data.
   Your choices will not affect our ability to process data as required by law.

How to Make a Request

To exercise your rights or make any inquiries, please contact us at:
Email: privacy@quickture.com

When submitting a request:

• Clearly specify the nature of your request.
• Provide sufficient information for us to verify your identity.

We may contact you for additional information to ensure proper authentication or clarify your request.

Data Transfers and Safeguards

Your personal data may be transferred to Quickture's headquarters in the United States. To ensure compliance with applicable data protection laws, such transfers are protected by:

• Quickture's certification under the EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework (see section below).
• Standard Contractual Clauses approved by the European Commission, which serve as an alternative mechanism if needed.
• Additional organizational and technical safeguards to secure your data.

Data Privacy Framework Compliance

Quickture complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Quickture has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Quickture has certified to the U.S. Department of Commerce that it adheres to the Swiss- U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

DPF Certification Number: [Pending]

In compliance with the DPF Principles, Quickture commits to resolve complaints about our collection or use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our DPF policy should first contact Quickture at privacy@quickture.com.

Quickture has committed to cooperate with EU Data Protection Authorities (DPAs), the UK Information Commissioner's Office, and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Data Privacy Framework complaints. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the data protection authority in your country of residence to file a complaint. A list of EU Data Protection Authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Recourse, Enforcement and Liability

Quickture’s participation in the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF is subject to investigation and enforcement by the Federal Trade Commission. As described in the “Your Choices and Control Over Your Data” section above, we provide clear mechanisms for you to control how your personal data is used and shared.

In compliance with the DPF Principles, Quickture commits to resolve complaints about our collection or use of your personal information through the following recourse mechanisms:

1. Direct Resolution: First contact Quickture at privacy@quickture.com with your concern.
2. Data Protection Authorities: If your complaint is not satisfactorily addressed by Quickture, you may contact your local Data Protection Authority:
   • EU residents: The EU Data Protection Authority in your country of residence (list available at https://edpb.europa.eu/about-edpb/about-edpb/members_en)
   • UK residents: The Information Commissioner's Office (https://ico.org.uk/)
   • Swiss residents: The Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/)
3. Binding Arbitration: As a last resort, binding arbitration is available under certain conditions as described on the Data Privacy Framework website.

Quickture commits to conduct an annual self-assessment of its privacy practices to verify compliance with the DPF Principles.

Response Timeframe

We strive to respond to all legitimate requests within one month. For complex or multiple requests, this period may be extended by up to two additional months, with notice and explanation provided.

‍Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our practices. The "Effective Date" at the top of this page will indicate when the policy was last revised.

For further information, or if you require this policy in an alternative format, please contact:
Email: privacy@quickture.com