Privacy

Effective Date: March 25, 2025

Quickture, Inc. ("we," "our," or "us") is a SaaS company providing AI video editing services. We respect your privacy and are committed to protecting your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation ("GDPR"), the UK Data Protection Act 2018, and the Swiss Federal Data Protection Act. This Privacy Policy outlines how we handle external inquiries related to your personal data.

Identity and Contact Details of the Controller

Quickture, Inc. is the data controller responsible for the processing of your personal information under this Privacy Policy.

Data Controller: Gary Grossman, CTO
Contact Email: privacy@quickture.com

Purposes of Processing and Legal Basis

We process personal data for the following purposes and on the corresponding legal bases:

1. Responding to Privacy Inquiries: To respond to your questions, concerns, or requests regarding your personal data.
   • Legal Basis: Legitimate interest (Article 6(1)(f) GDPR).
2. Compliance with Legal Obligations: To meet our legal obligations under applicable laws.
   • Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR).
3. Improving Our Services: To evaluate and enhance the quality of our services based on your inquiries and interactions.
   • Legal Basis: Legitimate interest (Article 6(1)(f) GDPR).
4. Providing AI Video Editing Services: To deliver and improve our core SaaS video editing services.
   • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR) or legitimate interest (Article 6(1)(f) GDPR).

If we rely on your consent for any processing activity, you may withdraw your consent at any time as described below.

Recipients of Personal Data

We may share your personal data with the following categories of recipients, as necessary:

1. Service Providers: Third-party service providers who support our operations (e.g., IT hosting, customer service platforms).
2. Legal and Regulatory Authorities: Where required to comply with legal obligations or protect our legal rights.
3. Affiliates and Headquarters: Quickture's affiliates and headquarters in the United States to facilitate global operations.

When transferring personal data to a third party acting as an agent, Quickture shall: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Data Privacy Framework Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with Quickture's obligations under the Data Privacy Framework Principles; (iv) upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing; and (v) provide a summary or a representative copy of the relevant privacy provisions of its contract with that agent to the Department of Commerce upon request.

Quickture remains liable under the Data Privacy Framework Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Quickture proves that it is not responsible for the event giving rise to the damage.

We ensure all recipients provide adequate safeguards to protect your personal data.

Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Specifically:

• Inquiry-related data: Retained for up to 2 years after the inquiry is resolved.
• Data subject request records: Retained for up to 5 years to demonstrate compliance with GDPR requirements.

After these periods, personal data is securely deleted or anonymized unless required by law to retain it longer.

Your Rights Under GDPR, UK, and Swiss Data Protection Laws

As a data subject under the GDPR, UK Data Protection Act 2018, or Swiss Federal Data Protection Act, you have the following rights regarding your personal data:

1. Right to Access: Request confirmation of whether we process your personal data and a copy of the data.
2. Right to Rectification: Request corrections to inaccurate or incomplete personal data.
3. Right to Erasure: Request deletion of your personal data under specific circumstances.
4. Right to Restrict Processing: Request limitations on processing under certain conditions.
5. Right to Object: Object to the processing of your personal data based on legitimate interests or for direct marketing.
6. Right to Data Portability: Receive a copy of your personal data in a portable format.
7. Right to Withdraw Consent: If processing is based on your consent, withdraw your consent at any time without affecting the lawfulness of prior processing.
8. Right to Lodge a Complaint: File a complaint with a supervisory authority if you believe your rights have been violated, including the UK Information Commissioner's Office or the Swiss Federal Data Protection and Information Commissioner.

How to Make a Request

To exercise your rights or make any inquiries, please contact us at the email below, or via our representative in the UK and EU.
Email: privacy@quickture.com

When submitting a request:

• Clearly specify the nature of your request.
• Provide sufficient information for us to verify your identity.

We may contact you for additional information to ensure proper authentication or clarify your request.

Data Transfers and Safeguards

Your personal data may be transferred to Quickture's headquarters in the United States. To ensure compliance with applicable data protection laws, such transfers are protected by:

• Quickture's certification under the EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework (see section below).
• Standard Contractual Clauses approved by the European Commission, which serve as an alternative mechanism if needed.
• Additional organizational and technical safeguards to secure your data.

Data Privacy Framework

In compliance with the DPF Principles, Quickture commits to resolve complaints about our collection or use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our DPF policy should first contact Quickture at privacy@quickture.com.

Quickture has committed to cooperate with EU Data Protection Authorities (DPAs), the UK Information Commissioner's Office, and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Data Privacy Framework complaints. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the data protection authority in your country of residence to file a complaint. A list of EU Data Protection Authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Representative

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

• United Kingdom (UK)
• European Union (EU)

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://app.prighter.com/portal/quickture

Recourse, Enforcement and Liability

Quickture's participation in the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF is subject to investigation and enforcement by the Federal Trade Commission.

In compliance with the DPF Principles, Quickture commits to resolve complaints about our collection or use of your personal information through the following recourse mechanisms:

1. Direct Resolution: First contact Quickture at privacy@quickture.com with your concern.
2. Data Protection Authorities: If your complaint is not satisfactorily addressed by Quickture, you may contact your local Data Protection Authority:
   • EU residents: The EU Data Protection Authority in your country of residence (list available at https://edpb.europa.eu/about-edpb/about-edpb/members_en)
   • UK residents: The Information Commissioner's Office (https://ico.org.uk/)
   • Swiss residents: The Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/)
3. Binding Arbitration: As a last resort, binding arbitration is available under certain conditions as described on the Data Privacy Framework website.

Quickture commits to conduct an annual self-assessment of its privacy practices to verify compliance with the DPF Principles.

Response Timeframe

We strive to respond to all legitimate requests within one month. For complex or multiple requests, this period may be extended by up to two additional months, with notice and explanation provided.

‍Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our practices. The "Effective Date" at the top of this page will indicate when the policy was last revised.

For further information, or if you require this policy in an alternative format, please contact:
Email: privacy@quickture.com

‍