Skip to main content

Standard Metrics Privacy Policy

Last Revised on August 18, 2023

Welcome to the Privacy Policy for Quaestor Technologies, Inc. dba Standard Metrics (“Company,” “we” or “us”). This Privacy Policy describes how we collect, use and disclose personal information about you (“Information”) related to your use of and access to our website, www.standardmetrics.io, and related websites and subdomains (the “Website”), our financial data management service (the “Solution”) and any related content, tools, features and functionality (the “Services”). Please read this Privacy Policy carefully.

For purposes of this Privacy Policy, “you” and “your” means you as the user of the Services. If you use the Services on behalf of a company or other entity then “you” includes you and that entity, and you represent and warrant that (a) you are an authorized representative of the entity with the authority to bind the entity to these Terms, and (b) you agree to these Terms on the entity’s behalf.

 

1. Types of information we collect

When you use the Services, we may collect the following Information:

  • Registration details you provide when you create an account, such as your name, email address, username and password. We collect account information to maintain and secure your account with us. If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. We highly recommend that you do not share your username, password, or other access details with anyone else. If you believe your account has been compromised, please contact us immediately.
  • Account credentials and other information you provide when accessing our integrations, such as username or password, general ledger information, the names of individuals on your payroll. We use this information to provide the Services offered by our integrations to you. 
  • If you are a company or entity customer, Information collected from your bank accounts through our integrations, including institution name, account numbers, transaction history, dates of transactions, description and amount of transactions, account balances, and other materials to which we are given access.
  • Information you provide when you access or use the Services and each time you interact with the Services or otherwise communicate with us, for example, when you update Information in your control panel, communicate with us by telephone or email, and order or download the Services. 
  • Information you provide when completing customer surveys we provide, such as your email address, name or company name.
  • Information you provide in public forums through the Services, including using our review, comment, post or similar functionality.
  • Usage, viewing and technical Information, including your IP address device type, operating system, browser type, log data, date and time stamps, clickstream data, ad impressions or device identifier when you use the Services. If you access your account from a mobile device, that mobile device may also provide us with details of your location. Most mobile devices allow you to disable this functionality.
  • Information you provide when conducting transactions on the Services, including credit or debit card information and billing address. 

 

2. How we collect your information

We collect Information you provide to us when you: (i) register with us; (ii) input Information into the Services; (iii) create user generated content; (iv) request products, Services or information from us; (v) participate in public forums or other activities through the Services; (vi) respond to customer surveys; or (vii) otherwise interact with us.

We collect Information from certain third parties, such as our payment processing service providers. 

 

3. Cookies

We use cookies and other tracking technologies to automatically collect Information that enables us to better understand and improve the usability, performance and effectiveness of our Services. 

For more information on what cookies and other similar technologies are, what and how we use them, and how to control and delete cookies, please refer to our Cookies Policy [https://standardmetrics.io/cookie-policy/].

 

4. Use of your information by the company

The ways in which we may use your Information include the following:

  • To provide you with the Services and other products and services you request.
  • To communicate with you about your account or transactions with us and send you details or updates about features of the Services or changes to our policies.
  • To create anonymized and aggregated data sets that may be used for a variety of functions, including research, internal analysis, analytics, and other functions.
  • To ensure consistency with local law and choices and controls that may be available to you.
  • To personalize content and experiences.
  • To detect, investigate and prevent activities that may violate our policies or be illegal.
  • To optimize or improve the content, products, services, and features of the Services.
  • To personalize and improve the Services and user experiences, to increase the functionality and user friendliness of the Services, to deliver content or features that match user profiles or interests.
  • To monitor and analyze the Service’s usage and trends and otherwise measure the effectiveness of the Services.
  • To communicate with you about products, services, marketing, promotions, events and other news and information we think will be of interest to you.
  • To carry out core business operations, such as accounting, audits, tax preparation and filing and compliance purposes, and for identity verification purposes.

 

5. Sharing your information with Third Parties

We will not share your Information outside the Company except in the following limited circumstances:

  • When we contract or partner with a third party to provide services on our behalf, including services related to development, maintenance, bank access, payment processing and e-mail. 
  • When other users request information about what other users are using the Services.
  • In connection with our user directory on the Services, which is available to all users.
  • In connection with the sale of a business (including merger, acquisition, or sale of all or a material portion of its assets, change in corporate control, or insolvency or bankruptcy proceedings).
  • When you request us to share your Information with third parties, such as through your use of login integrations. 
  • To enforce our Terms of Service or rules, to ensure the safety and security of our users and third parties, to protect our rights and property and the rights and property of our users and third parties, to comply with legal process, including judicial warrant, rule, order or subpoena or requests from law enforcement, or in other cases if we believe in good faith that disclosure is required by law or regulation.
  • With professional advisors, such as auditors, law firms or accounting firms.

 

6. User Generated Content

The Services also host discussion forums and user reviews, which users may elect to join and/or participate in. Through your participation, you may submit messages, comments, reviews, etc. (“User-Generated Content” or “UGC”). We or others may store, display, reproduce, publish, or otherwise use UGC, and may or may not attribute it to you. Others may also have access to UGC and may have the ability to share it with third parties. If you choose to submit UGC to any public area of the Services, your UGC will be considered “public” and will be accessible by anyone, including the Company.

Please note that we do not control who will have access to the information that you choose to make available to others, and cannot ensure that parties who have access to such information will respect your privacy or keep it secure.  We are not responsible for the privacy or security of any information that you make publicly available on the features permitting creation of UGC or what others do with information you share with them on such platforms.  We are not responsible for the accuracy, use or misuse of any UGC that you disclose or receive from third parties through the forums or email lists.

 

7. Third Party Websites and Links

We may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of these sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms (such as Facebook or Twitter) may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.

 

8. Your controls and choices

We provide you the ability to exercise certain controls and choices regarding our collection, use and sharing of your Information. Your controls and choices may include:

  • You may correct, update and delete your registration account.
  • You may change your choices for newsletters and alerts.
  • You may request access to the Information we hold about you and that we amend or delete it.
  • You may exercise your controls and choices, or request access to your Information, by modifying your profile or by contacting us at help@standardmetrics.io or following instructions provided in communications sent to you. Please be aware that, if you do not allow us to collect Information from you, we may not be able to deliver certain products and services to you, and some of our Services may not be able to take account of your interests and preferences. 

 

Depending on where you live, in addition to the controls and rights above, you may also have some or all of the specific rights listed below in relation to Information that we have collected about you. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law. 

  • Right to Access/Know. You have a right to request that we confirm whether we process Information about you and give you access to that Information. You may also have a right to receive that Information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the Information to another business without impediment. If you are a California resident, you have a right to request the following Information about our collection, use and disclosure of your Information over the prior 12 months: 
    • categories of Information about you we have collected, disclosed for a business purpose; 
    • categories of sources from which we collected Information about you; 
    • the business or commercial purposes for collecting Information about you; 
    • categories of third parties to whom the Information about you was disclosed for a business purpose; and 
    • specific pieces of Information about you we have collected.  
  • Right to Delete. You have a right to request that we delete Information we maintain about you. 
  • Right to Correct. You have a right to request that we correct inaccurate Information we maintain about you.

 

If you are located in the EEA or the UK, you have the following additional rights in relation to your Information:

  • Portability: In addition to the right to receive a copy of the Information we hold about you, you have a right to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
  • Restriction of processing to storage only: You have the right to require us to stop processing the Information we hold about you, other than for storage purposes, in certain circumstances.
  • Objection: You may have the right to object to our processing of your Information in certain circumstances.
  • Withdrawal of consent: Where we rely on consent to process your Information, you have the right to withdraw this consent at any time by emailing us at legal@standardmetrics.io.

 

You may exercise any of these rights by contacting us using the information provided below.  We will not discriminate against you for exercising any of these rights. We may need to collect information from you to verify your identity, such as your email address, government issued ID or date of birth, before providing a substantive response to the request. Depending on your location, you may designate, in writing or through a power of attorney document, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us. 

In addition, where applicable, we will provide you with more information about our appeal process. When you submit a request or launch an appeal, we will limit our collection of your Information to only what is necessary to securely fulfil your request or process your appeal. We will not require you or your authorized agent to pay a fee for the verification of your request or appeal. 

If you are located in the EEA or the UK, we will respond to requests to exercise these rights without undue delay and at least within one month (though this may be extended by a further two months in certain circumstances).

 

9. Children’s privacy

We do not seek or knowingly collect any personal information about children under 13 years of age. If we become aware that we have unknowingly collected personal information from a child under 13 years of age, we will make commercially reasonable efforts to delete such information from our database.

If you are the parent or guardian of a child under 13 years of age who has provided us with personal information, you may contact us to request it be deleted.

 

10. Data security, integrity and retention

Please note that Information you send to us electronically may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential Information to us. From time to time, we review our security procedures to consider appropriate new technology and methods. Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable. We will retain your Information for the length of time needed to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required, or for the establishment, exercise or defense of legal claims, or for legitimate businesses purposes, or as provided by law.

To provide secure credit card processing when ordering from us, orders placed through our Services are processed through a payment gateway which operates under its own privacy policy. If you choose to pay for the Services online using a credit card, the credit card Information is sent to the Company using SSL (Secure Socket Layer) encryption, an industry-standard method for protecting data as it travels over the Internet, or a similar encryption technology that may become accepted as an industry standard, or better encryption method, in the future. To learn more about our credit card processing vendors and their respective privacy and other policies which apply when you make a payment through their services, please review the terms of those third parties’ privacy policies.

 

11. Updating this privacy policy

We may modify this Privacy Policy from time to time in which case we will update the “Last Revised” date at the top of this Privacy Policy. If we make changes that are material, we will use reasonable efforts to attempt to provide notice to you and take such other steps as required by applicable law. Notice may be by email to you at the last email address you provided us, by posting notice of such changes on the Services, or by other means, consistent with applicable law. 

If you do not understand and acknowledge how we process your Information as described in this Privacy Policy, including any changes, then you must not access or use the Services.

 

12. California Residents

This section applies to you only if you are a California resident (“resident” or “residents”). For purposes of this section, references to “personal information” shall include “sensitive personal information,” as these terms are defined under the California Consumer Privacy Act (“CCPA”).

 

Users Under 18

Although users under the age of eighteen (18) are not permitted to use the Services, if any residents under the age of eighteen (18) register for the Services and who have posted content or information on the Services can request that such information be removed from the Services by contacting us at the e-mail or address set forth in the “How to Contact Us” section below. Such request must state that they personally posted such content or information and detail where the content or information is posted. We will make reasonable good faith efforts to remove the post from prospective public view or anonymize it so the resident cannot be individually identified. This removal process cannot ensure complete or comprehensive removal. For instance, third parties may have republished the post, and archived copies of it may be stored by search engines and other parties that we do not control.

 

Processing of Personal Information

In the preceding 12 months, we collected the following categories of personal information and sensitive personal information (denoted by *) about residents:

Category Categories of Recipients Retention Period
Identifiers such as name, e-mail address, username and IP address Software infrastructure service providers We will retain your Information only for as long as is necessary to fulfill the purposes for which we collected it. We will also retain and use your Information as needed to provide you with our Services or as otherwise needed for our internal purposes
Personal information categories listed in the California Customer Records statute such as name  Software analytics service providers We will retain your Information only for as long as is necessary to fulfill the purposes for which we collected it. We will also retain and use your Information as needed to provide you with our Services or as otherwise needed for our internal purposes
Commercial information such as records of products or services purchased Customer relationship management software service providers We will retain your Information only for as long as is necessary to fulfill the purposes for which we collected it. We will also retain and use your Information as needed to provide you with our Services or as otherwise needed for our internal purposes
Internet or other similar network activity such as information regarding your interaction with the Services, date and time stamps, clickstream data, ad impressions Software infrastructure service providers 12 months
Geolocation data such as IP address Software infrastructure service providers 12 months
Account access credentials* such as username and password   Data integration service providers We will retain your Information only for as long as is necessary to fulfill the purposes for which we collected it. We will also retain and use your Information as needed to provide you with our Services or as otherwise needed for our internal purposes

 

In the preceding 12 months, we have not disclosed any of your personal information for a business purpose. The specific business or commercial purposes for which we collect your personal information and the categories of sources from which we collect your personal information are described in the section above, How We Collect Your Information and Use of Your Information By the Company. We only use and disclose sensitive personal information for the purposes specified in the CCPA. The criteria we use to determine how long to retain your personal information is described in the section above, Data Security, Integrity and Retention

 

We disclosed personal information over the preceding 12 months for the following business or commercial purposes:  

  • to communicate with you, provide you with products and services, to market to you, etc.;
  • to maintain and secure your account with us; and
  • to process your payment, to provide you with products or services you have requested.

 

Selling and/or Sharing of Personal Information 

We do not “sell” or “share” (as those terms are defined under the CCPA) personal information, nor have we done so in the preceding 12 months. Further, we do not have actual knowledge that we “sell” or “share” personal information of residents under 16 years of age. 

 

13. EU and UK Users

If you are located in the EU or UK or the GDPR or UK GDPR otherwise applies to our processing of your Information we are required to provide you with certain additional details, which are set out in this section.

 

Controllership and our representatives

For the purpose of applicable EU and UK data protection laws, we are the data controller of the data processing of your Information described in this Privacy Policy. 

Our representative in the European Union is Instant EU GDPR Representative Ltd. Adam Brogden contact@gdprlocal.com Tel +35315549700 INSTANT EU GDPR REPRESENTATIVE LTD Office 2, 12A Lower Main Street, Lucan Co. Dublin K78 X5P8 Ireland.

Our representative in the UK is GDPR Local Ltd. Adam Brogden contact@gdprlocal.com Tel +44 1772 217800 1st Floor Front Suite 27-29 North Street, Brighton England BN1 1EB.

 
Lawful bases for our processing of Information

Our lawful bases for processing Information under the GDPR and UK GDPR are as follows.

Processing purpose Lawful bases
To provide you with the Services and other products and services you request. In order to perform our contract with you.
To communicate with you about your account or transactions with us and send you details or updates about features of the Services or changes to our policies. In order to be responsive to you, to provide effective services to you, and to maintain our business relationship, as a matter of our legitimate interests.
To create anonymized and aggregated data sets that may be used for a variety of functions, including research, internal analysis, analytics, and other functions.
To personalize content and experiences.
To optimize or improve the content, products, services, and features of the Services.
To personalize and improve the Services and user experiences, to increase the functionality and user friendliness of the Services, to deliver content or features that match user profiles or interests.
To monitor and analyze the Service’s usage and trends and otherwise measure the effectiveness of the Services.
To communicate with you about products, services, marketing, promotions, events and other news and information we think will be of interest to you. As a matter of our legitimate interests to keep you updated about our services, or where we obtain your consent to process your Information for these reasons. You have the right to opt-out of receiving these communications at any time using the “unsubscribe” button in such communications, or where we rely on your consent, you have the right to withdraw this consent at any time by using the “unsubscribe” button in such communications and emailing us at legal@standardmetrics.io.
To ensure consistency with local law and choices and controls that may be available to you. In order to comply with any applicable legal obligations, to enforce any applicable terms and conditions and/ or terms of service, and to protect or defend the Services, our rights, the rights of our users, or others.
To detect, investigate and prevent activities that may violate our policies or be illegal.

 

International data transfers

By using our Website or our Services, you transfer your Information to us in the US. Your Information is processed by staff operating outside the EEA and the UK who work for us or one of our third party service providers or partners.

For any transfers of Information outside the EEA or the UK, the data transfer will be under the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses) (the “Model Clauses”), or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless the data transfer is to a country that has been determined by the European Commission or the relevant UK authorities, as applicable, to provide an adequate level of protection for individuals’ rights and freedoms for their personal data. Please contact us should you wish to examine a copy of the Model Clauses.  

 

Data retention

We will retain your Information as follows:

  • your account data and any data you provide if you contact us for as long as necessary to fulfill the purposes for which we collected it and as needed to provide you with our Services or as otherwise needed for our internal purposes;
  • your technical usage Information for 12 months; and
  • data on your use of our Website and our Services is retained for 12 months.

We will also retain and use your Information to the extent necessary to comply with our legal obligations, resolve disputes and enforce our terms and conditions, other applicable terms of service, and our policies. If you stop using our Services, we will store your Information in an aggregated and anonymised format; we may use this Information indefinitely without further notice to you. If you delete your account with us, you may request that we delete your Information within 30 days of such deletion. 

 

14. How to contact us

Any questions or concerns regarding this Privacy Policy or the use or disclosure of Information about you should be directed to the Quaestor Technologies, Inc. at: 325 Pacific Avenue, San Francisco, CA 94111, by phone at 415-754-3369 or by e-mail at help@standardmetrics.io

 

15. Complaints

If you remain dissatisfied, you can make a complaint about the way we process your personal Information to the applicable supervisory authority. If you think we have infringed data protection laws and you are a EU or UK user, you can file a claim with the data protection supervisory authority in the EEA country in which you live or work or where you think we have infringed data protection laws, or with the UK Information Commissioner’s Office, as applicable to you.