1.1 What information do we collect?
We collect information from you when you place an order, fill out a form, or use our software and services.
When ordering or registering on our website, you may be asked to provide your name or email address. You may, however, visit our website anonymously.
When you use our software and services, data captured through the software is transmitted to our cloud services so that you can share photos, upload and synchronize your materials, and use other reporting functions.
1.2 How do we use your information?
Any of the information we collect may be used for one of the following purposes:
To process transactions,
Your information, whether public or private, will not be sold, exchanged, transferred, or provided to any other company for any reason without your consent, except for the purpose of delivering the purchased product or service requested.
To improve our applications, website and services,
We continually strive to improve our software services based on the information and feedback you provide.
To improve customer service,
Your information helps us respond more effectively to your customer service requests and support needs.
To send periodic emails.
The email address you provide during order processing will be used to send you information and updates pertaining to your order and offers.
1.3 How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.
Our network and servers are located in a secure facility with dedicated security personnel monitoring 24/7.
Unauthorized access to data processing facilities is prevented, e.g., by magnetic or chip cards, keys, electronic access control systems, facility security services and/or entrance security personnel, alarm systems, video/CCTV systems.
Unauthorized use of data processing and data storage systems is prevented, e.g., by (secure) passwords, automatic blocking/locking mechanisms, two-factor authentication, encryption of data carriers/storage media.
All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider's database, accessible only by authorized personnel with special access rights to such systems, who are required to keep the information confidential.
Company-developed applications undergo rigorous quality testing and security reviews.
Our card processing system complies with the Payment Card Industry Data Security Standard (PCI-DSS).
After a transaction, your private information (credit cards, social security numbers, financials, etc.) is not stored on our servers.
Access to security services and data is strictly logged, and audit logs are reviewed periodically.
MWE Calendar will continuously evaluate the security of its network and related services to determine whether additional or different security measures are required in response to new security risks or issues identified during periodic reviews.
1.4 Do we use cookies?
Yes (Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information.
We use cookies to help us remember and process the items in your shopping cart, understand and save your preferences for future visits, and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
1.5 What is the legal basis for processing information?
By using our software and services, you enter into a contract with us under the End User License Agreement (EULA). We process your data to fulfill our contractual obligations.
1.6 Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include trusted third parties who assist us in operating our software and website, conducting our business, or servicing you, provided those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
1.7 How long will my data be retained?
Data you provide is kept for as long as necessary to provide you with our services. If you wish to stop using our services, you can contact us and request deletion of your data.
1.8 What are my rights?
If you reside in Europe, you have the following rights under certain circumstances:
The right to access the personal data we hold about you;
The right to request correction or deletion of the personal data we hold about you;
The right to ask us to stop processing your data;
The right to ask us to restrict processing of your personal data (e.g., while we verify or investigate your concerns about such information);
The right to object to profiling activities based on our own legitimate interests;
The right to object to fully automated processing; and
The right to request the transfer of your data to a third party (data portability).
You can make a request by sending an email to our support team at:
support@chacktok.com
1.9 Types and purposes of personal data processed
Customer and User Data: Name, email address, phone number, photos, videos, payment details, and preferences for account management and support, etc.
Visitor Data: IP address, cookies, and user activity for software and website performance and analytics.
Personal data may be shared with third-party service providers acting on our behalf, including payment processors, hosting service providers, and support service providers, subject to DPF principles.
1.10 Disclosure of personal information to public authorities
MWE Calendar may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. If prohibited by law, we may not be able to notify the individuals concerned of such disclosures.
To increase transparency, we may periodically publish transparency reports detailing the number of requests for personal information received from public authorities for law enforcement or national security reasons, provided such disclosure is permitted by applicable law.
The absence of notice regarding these disclosures shall not prevent or impair our ability to respond to any legitimate request from a public authority.
1.11 Your choice and opt-out rights
MWE Calendar respects your right to make choices about the use and disclosure of your personal information. You may opt out of having your personal information used for direct marketing purposes at any time by following the instructions in our marketing emails or by contacting us directly.
We will provide you with convenient and affordable mechanisms to exercise your opt-out rights. When you opt out, we may require sufficient information from you to confirm your identity before processing your request.
In certain circumstances, we may use your information for certain direct marketing purposes without giving you the opportunity to opt out before using it. In such cases, we will promptly give you the opportunity (free of charge) to opt out of receiving any further direct marketing communications, and we will respect your wishes.
1.12 Individual rights
Individuals whose personal information is covered by this Data Protection Policy have the following rights:
To access their personal information maintained by MWE Calendar.
To request correction, amendment, or deletion of data if it is inaccurate or processed in violation of the DPF Principles (unless doing so would be disproportionate or infringe upon the rights of others).
To restrict the use and disclosure of their personal information in certain circumstances, such as for marketing (opt-out).
1.13 Inquiries and complaints
For access, correction, amendment, deletion, or opt-out, and for any inquiries or complaints regarding the processing of personal data, please contact us at:
support@chacktok.com
2.1 Thank you for choosing MWE Calendar. This is a license agreement between you and MWE Calendar that sets out your rights to use this software. Accepting this agreement or using this software means you agree to all terms and agree to transmit certain information during the activation process and when using the software's internet features. If you do not accept and comply with these terms, you must not use this software or its features.
2.2 MWE Calendar grants you a revocable, non-exclusive, non-transferable limited license to download, install, and use the application for personal or commercial purposes only, strictly in accordance with the terms of this agreement.
2.3 How can I use this software?
We do not sell the software or a copy of the software to you; we only grant a license to use the software. Under our license agreement, we grant you the right to install and run one copy of the software on two mobile phones or tablets (limited to iOS or Android systems, hereinafter referred to as 'Devices'), for use by only one person/company at a time, provided you comply with all terms of this agreement. Our software license is permanently assigned to the licensed device. The software components are licensed as a whole. You may not separate or virtualize these components and install them on different devices. Installing the software on a server or allowing it to be used by other devices connected to the server via an internal or external network is not permitted.
2.4 Can I transfer or reassign the software to another user?
You may not transfer the software to another user. You may not retain any copies. You may reassign this software license to another device an unlimited number of times, but no more than once every 90 days. If you reassign the license, that device becomes the 'Licensed Device'. You may reassign the license sooner if the Licensed Device is decommissioned due to hardware failure. You may not license, sell, rent, lease, transfer, distribute, transmit, host, outsource, disclose, or otherwise commercially exploit the application or make it available to any third party.
2.5 What am I not allowed to do with the software?
Yes. Because the software is licensed, not sold, MWE Calendar reserves all rights not expressly granted in this agreement (such as rights under intellectual property laws). In particular, this license does not grant you any right, and you must not: use or virtualize any feature of the software separately; publish, copy (except for the permitted backup copy), rent, lease, or lend the software; transfer the software (except as provided in this agreement); attempt to circumvent technical protection measures in the software; reverse engineer, decompile, or disassemble the software, unless permitted by the laws of your location, even if this agreement does not allow it. In that case, you may only act to the extent permitted by the laws of your location. When using internet-based features, you must not use them in any way that could interfere with others' use of these features, nor attempt to access any service, data, account, or network in an unauthorized manner.
2.6 Application Modifications
MWE Calendar reserves the right to modify, suspend, or discontinue (temporarily or permanently) the application or any service connected to it, with or without prior notice, and without liability to you.
2.7 Limitation of Liability
To the maximum extent permitted by applicable law, MWE Calendar and its affiliates, officers, directors, employees, or agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising out of or related to your use of the software, including but not limited to lost profits, loss of data, loss of use, or loss of goodwill, even if MWE Calendar has been advised of the possibility of such damages. In no event shall MWE Calendar's total liability to you exceed the amount you paid for the software, if any.
2.8 Indemnification
You agree to indemnify, defend, and hold harmless MWE Calendar and its affiliates, officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, or expenses (including reasonable attorneys' fees) arising out of or related to your use of the software, your violation of this agreement, or your infringement of any third-party rights.
2.9 Data Loss
You acknowledge that you are responsible for maintaining data backups. MWE Calendar shall not be liable for any loss, corruption, or unauthorized access to data resulting from your use of the software or any internet-based features.
2.10 Force Majeure
MWE Calendar shall not be liable for any failure to perform its obligations under this agreement due to circumstances beyond its reasonable control, including but not limited to acts of God, war, terrorism, government regulations, natural disasters, or service interruptions involving third-party vendors.
2.11 Trial and Conversion
Portions or all of the software may be licensed on a trial basis. Your right to use the trial software is limited to the trial period. Works captured during the trial software period will be watermarked, and you use it at your own risk. You may choose to convert trial rights into subscription and usage rights. MWE Calendar provides no express warranties, guarantees, or conditions. You may have other consumer rights that this agreement cannot change under the laws of your location. To the extent permitted by the laws of your location, MWE Calendar disclaims all implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
2.12 Third-Party Services
The software may integrate with third-party services or platforms. MWE Calendar assumes no responsibility for the availability, accuracy, or performance of these services, and your use of such services or platforms is at your own risk.
2.13 Disclaimer of Warranties
Except as expressly provided otherwise in this agreement, the software is provided 'AS IS' without any express or implied warranties, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. MWE Calendar does not warrant that the software is error-free, secure, or uninterrupted.
2.14 Term and Termination
This agreement will remain in effect until terminated by you or MWE Calendar. MWE Calendar may, in its sole discretion, suspend or terminate this agreement at any time for any reason or no reason, with or without prior notice. This agreement will terminate immediately, without prior notice from MWE Calendar, if you fail to comply with any term of this agreement. You may also terminate this agreement by deleting the application and all its copies from your mobile device or computer. Upon termination of this agreement, you must immediately cease using the application and delete all copies of the application from your computer.
2.15 Survival
Provisions of this agreement which by their nature should survive termination, including but not limited to limitation of liability, indemnification, disclaimers, third-party services, data loss, governing law and dispute resolution, and any obligations related to intellectual property, shall survive termination.
2.16 Severability
If any provision of this agreement is held to be unenforceable or invalid, that provision shall be modified and interpreted to achieve the objectives of that provision to the maximum extent permitted by applicable law, and the remaining provisions shall continue in full force and effect.
2.17 Amendments
MWE Calendar reserves the right to modify or replace this agreement at any time and in its sole discretion. For changes deemed material by MWE Calendar, we will provide notice at least 14 days before the new terms take effect. Non-material changes or updates for security, legal compliance, or operational reasons may become effective immediately upon notice. Notice will be provided via email, in-software notification, or posting on our website https://chacktok.com. Your continued use of the software after the changes constitutes your acceptance of the new terms.
2.18 Governing Law and Dispute Resolution
This agreement shall be governed by and construed in accordance with the laws of England and Wales, excluding its conflict of law principles. Any dispute arising out of or relating to this agreement or your use of the software shall be resolved by binding arbitration under the rules of the British Arbitration Association. The arbitrator's award shall be final and binding on both parties. Each party shall bear its own costs and attorneys' fees, but the arbitrator may award costs and attorneys' fees as provided by law. You waive any right to participate in a class action or class arbitration. Notwithstanding the foregoing, MWE Calendar may seek injunctive relief to protect its intellectual property rights in any court of competent jurisdiction.
2.19 Contact Information
If you have any questions about this agreement, please contact us at support@chacktok.com
3.1 Introduction and Scope
MWE Calendar is a professional software system brand for global event imaging and interactive equipment applications, encompassing photo booths, 3D scanning systems, robotic arm cameras, and related interactive imaging equipment. The headquarters and overseas operating entity of MWE Calendar is LINKSIGN UK CO., LTD (UK), responsible for system operations, international market support, and business coordination.
This Data Protection Policy outlines the procedures and measures we implement to protect user personal data, complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regional regulations.
This document aims to:
Demonstrate compliance stance to regulatory authorities and institutional customers
Define internal responsibilities for data protection
Establish consistent processes for data processing, breach response, and individual rights requests
This policy should be read in conjunction with the MWE Calendar Privacy Policy (available at: https://chacktok.com).
3.2 Scope of Data Collection and Legal Basis
3.2.1 Categories of Personal Data
| Category | Examples | Purpose | Legal Basis |
|---|---|---|---|
| Account & Identity | Name, email address, phone number | Account creation, authentication, customer support | Contractual necessity (GDPR Art. 6(1)(b)) |
| User-Generated Content | Photos and videos captured through the application | Core service delivery: sharing, storage, reporting | Contractual necessity + Consent |
| Device & Technical Data | Device ID, booth ID, IP address | Service operation, security, troubleshooting | Legitimate interests (GDPR Art. 6(1)(f)) |
| Usage & Analytics | App activity, session data, cookies | Product improvement, performance monitoring | Consent (where required) |
| Payment Information | Transaction records (full card data not stored) | Order processing | Contractual necessity |
3.2.2 Sensitive Data
MWE Calendar's core functionality involves capturing photos and videos at event locations. We do not actively collect or store biometric identification information (e.g., facial recognition data for identification purposes). Images and videos captured via the booths are considered User-Generated Content and are used solely to fulfill contractually agreed services.
3.3 Data Storage and Security Measures
3.3.1 Storage Infrastructure
User data is stored with reputable cloud service providers (Tencent Cloud and/or Firebase / Google Cloud), both holding industry-standard security certifications (ISO 27001 / SOC 2).
Data at rest is protected using AES-256 encryption, and data in transit is encrypted via TLS/SSL protocols.
Payment data is processed through PCI-DSS compliant payment gateways. Full card number data is never stored on our servers.
3.3.2 Access Control
Access to production systems follows the principle of least privilege: employees are granted only the minimum access necessary for their roles.
Login to all production environments requires multi-factor authentication (2FA).
Shared accounts are prohibited. Each employee must use their own unique personal credentials.
Access rights are reviewed upon role changes and revoked immediately on the employee's last working day.
All access to user data is logged in tamper-proof audit logs, including: operator ID, timestamp, action type, and target data ID.
3.3.3 Data Retention Periods
| Data Type | Default Retention Period | Comments |
|---|---|---|
| User photos/videos | 90 days from capture date | Users may opt to extend storage to permanent |
| Account information | Duration of account validity | Deleted upon verified account deletion request |
| Transaction records | 7 years | For financial and legal compliance requirements |
| Access and audit logs | 12 months (general) / 36 months (EU users) | Extended retention to meet GDPR accountability requirements |
3.3.4 Data Deletion Process
When a deletion request is initiated by a user or merchant – whether via in-app action or by email to support@chacktok.com – the following steps must be completed within 24 hours:
1. Database records – Permanently deleted (no soft-delete markers)
2. Cloud storage files (Tencent Cloud/Firebase Storage) – Physically deleted, all file versions removed
3. CDN cache – Cache purge request submitted; content becomes inaccessible
4. Backup copies – Overwritten in the next scheduled backup cycle; overwritten within 7 days if immediate deletion is explicitly requested
5. User confirmation – Deletion confirmation sent to the user via email or in-app notification
Note: Soft deletion (marking records as deleted but not physically removing them) is not permitted as a final state for any user data deletion request.
3.4 Data Subject Rights and Request Handling
Under the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable laws, users have the following rights:
| Right | Specific Meaning | Our Commitment |
|---|---|---|
| Right of Access | Request a copy of the personal data we hold about you | Respond within 30 days |
| Right to Rectification | Correct inaccurate personal data | Complete within 15 days |
| Right to Erasure | Delete all personal data ("Right to be Forgotten") | Complete deletion within 30 days as per section 3.4 |
| Right to Data Portability | Receive data in a machine-readable format | Provide within 30 days |
| Right to Restriction of Processing | Suspend processing during review period | Suspend processing within 24 hours of request |
| Right to Object | Object to processing based on legitimate interests | Review and respond within 30 days |
| Opt-out of Marketing | Unsubscribe from direct marketing communications | Honor immediately upon request |
How to Submit a Request:
Users can submit any data subject request by emailing support@chacktok.com, specifying the request type in the subject line.
All requests are logged internally: receipt timestamp, request type, assigned handler, and completion date. Records are retained for audit purposes.
3.5 Data Breach Response Process
In the event of a confirmed or suspected data security incident, the following response timelines apply:
| Response Timeline | Required Action |
|---|---|
| T + 2 hours | Technical team assesses scope: data volume, data type, number of affected users |
| T + 24 hours | Internal escalation to Technical Lead and Management |
| T + 48 hours | Complete containment and remediation measures; notify affected users if necessary |
| T + 72 hours | Complete regulatory notification assessment (see below) |
Regulatory Notification Thresholds:
GDPR (EU/EEA users): If the data breach poses a risk to the rights and freedoms of individuals, notify the relevant Data Protection Authority (DPA) within 72 hours of discovery.
CCPA / US State Laws: Notify affected individuals according to applicable state laws (typically within 30-72 hours).
All data breaches require a post-incident report documenting: root cause, impact assessment, remediation actions, and prevention plan.
3.6 Third-Party Service Providers and Data Sharing
MWE Calendar does not sell personal data to any third party.
Data is shared only with trusted service providers bound by contractual data processing obligations:
| Category | Provider (Examples) | Purpose |
|---|---|---|
| Cloud Infrastructure | Tencent Cloud, Firebase/Google Cloud | Data storage, computation, CDN distribution |
| Analytics | Firebase Analytics | Application performance and usage analysis |
| Payment Processing | PCI-DSS compliant processors | Transaction processing |
All third-party SDKs are reviewed before integration to ensure they do not collect biometric or sensitive user data without explicit consent. Integrated components are re-reviewed every 6 months.
Personal data may be disclosed to public authorities when required by law. Where legally permissible, affected users will be notified of such disclosure.
3.7 International Data Transfers
MWE Calendar services are used globally. When personal data is transferred outside the user's jurisdiction:
EU/EEA Users: Transfers are conducted in accordance with Chapter V of the GDPR. Where applicable, Standard Contractual Clauses (SCCs) are used as the legal transfer mechanism.
US Users: Handled in accordance with applicable US federal and state privacy regulations.
We are actively working to ensure that cloud infrastructure serving EU users is deployed within EU regional data centers.
3.8 Roles and Responsibilities
| Role | Data Protection Responsibilities |
|---|---|
| Technical Lead / CTO | System security architecture, access control enforcement, data breach response execution, deletion process oversight |
| Brand & Compliance Lead | Policy maintenance, data subject request coordination, third-party SDK reviews, regulatory authority liaison |
| All Employees | Comply with this policy; report suspected incidents to Technical Lead immediately |
3.9 Policy Review and Maintenance
This policy is reviewed every 6 months, or immediately upon:
Significant changes to MWE Calendar product features or data processing activities
Material updates to applicable regulations
Findings from post-incident reviews
Revisions require approval from the Technical Lead and the Brand & Compliance Lead before taking effect. All historical versions are archived.
Data Protection Contact: support@chacktok.com
🌐 Privacy Policy: https://chacktok.com
📅 Next Scheduled Review Date: September 10, 2026