Huntly Privacy & Data Use Policy

1) Who we are

"Huntly," "we," "us," and "our" refer to the Huntly platform and its operators. "You" refers to participants and visitors who use Huntly, including through QR code interactions at events or venues.

2) What this policy covers

This policy explains what information we collect, how we use it, when we share it, how long we keep it, and the choices and rights you have. If you are also an event sponsor or coordinator using Huntly's campaign tools, some additional terms may apply to you through a separate agreement.

3) Information we collect

We may collect the following categories of information, depending on how an event is configured:

• Participation and event interaction data: scans/check-ins, timestamps, quest progress, completion status, coupon or reward interactions, and event-specific responses you submit.
• Device and technical data: IP address, device type, browser, approximate location inferred from IP, and diagnostic logs to keep the service reliable and secure.
• Location data (optional): if an event enables location-based features, we may request permission to use your device's location during the event experience.
• Contact data for notifications (optional): email address and/or mobile number when you choose to opt in to email or SMS notifications.
• Organizer/sponsor inputs: event configuration data and content provided by campaign owners (for example, QR placements, quest text, rules, and reward descriptions).

What we do not intentionally collect: We do not ask for sensitive personal information (for example, government IDs, financial account numbers, or precise biometric identifiers) to participate. Please do not submit sensitive information through Huntly.

4) How we use information

• Run the experience: enable quest progress, validate scans, and calculate completion.
• Deliver optional notifications: send opt-in email/SMS updates you request (for example, reminders, event updates, results).
• Safety and fraud prevention: detect abuse, protect accounts, prevent automated or malicious activity.
• Improve the platform: understand aggregate engagement (for example, which checkpoints are popular) and improve performance. We prefer aggregated or de-identified analytics where feasible.
• Legal compliance: comply with applicable law and respond to lawful requests.

5) Location services

If an event uses location-based features, we will request your permission and explain what the feature does. When enabled, we use location as minimally as possible (for example, to confirm presence in an area, unlock a step, or prevent obvious fraud). You can typically disable location permissions in your device settings, but the feature may stop working.

6) Email and SMS notifications

Some events may offer opt-in notifications. If you opt in, we will send only the categories of messages described at signup. You can opt out at any time.

• Email: Use the unsubscribe link in the email.
• SMS/Text: Reply STOP (or equivalent) to unsubscribe.

7) How we share information

We do not sell personal information. We do not share participant personal information with event sponsors or coordinators unless you explicitly opt in to a specific sharing purpose.

• Service providers (processors): We use vendors to host infrastructure and deliver communications (for example, email/SMS). They may access data only to provide services to Huntly and are expected to protect it.
• Legal and safety: We may disclose information if we believe it is reasonably necessary to comply with law, enforce our terms, or protect users, the public, or the platform.
• Business changes: If Huntly is involved in a merger, acquisition, or asset sale, information may be transferred as part of that transaction, subject to this policy and applicable law.

8) Data retention

We keep personal information only as long as needed to provide the service, support event operations, resolve disputes, and comply with legal obligations. Where possible, we retain aggregated or de-identified analytics rather than identifiable logs.

9) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. No system is perfectly secure; however, minimizing data collection and limiting access are core parts of our security posture.

10) Children's privacy

Huntly is intended for general audiences and event participants. We do not knowingly collect personal information from children under 13 without appropriate permission. If you believe a child has provided personal information, contact us to request deletion.

11) International users and transfers

If you use Huntly from outside the United States, your information may be processed in the United States or other locations where our service providers operate. We take steps to ensure appropriate protections when required by applicable law.

12) Your privacy rights (CCPA/CPRA and GDPR-oriented summary)

We aim to honor privacy rights requests in a practical, good-faith way. Some rights apply only in certain jurisdictions.

California (CCPA/CPRA): If you are a California resident and Huntly is subject to the CCPA/CPRA for the relevant processing, you may have rights including the right to know/access, delete, correct, opt out of sale or sharing, limit use of sensitive personal information, and non-discrimination for exercising these rights.

European Economic Area / UK-style GDPR rights: If GDPR applies to our processing, you may have rights including access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent at any time where processing is based on consent.

How to submit a request: Send your request to the contact methods listed at the end of this document. To protect you, we may need to verify your identity and/or your connection to a specific event participation record before fulfilling certain requests.

13) Cookies and similar technologies

Huntly may use cookies or similar technologies for basic site functionality (for example, session management) and to understand performance. If we use analytics tools, we prefer configurations that reduce or avoid unnecessary identifiers where feasible.

14) Changes to this policy

We may update this policy from time to time. If changes are material, we will take reasonable steps to provide notice (for example, posting the updated policy with a new effective date).