Privacy Policy

Privicy Policy

This Privacy Policy explains what personal information AllLinkX (“we”, “our”, “us”) collects, why we collect it, how we use it, who we share it with, how long we keep it, and the rights you have. It also explains region-specific rights and compliance commitments (EU/EEA/UK, California, Canada, Brazil, Australia, and other jurisdictions). If anything below is unclear, contact us at privacy@alllinkx.com.

  1. Scope & who we are

AllLinkX provides cellular modules, development kits and related online services. This policy applies to personal information collected through our website, web forms, emails, evaluation kit orders, event signups, marketing and support interactions, and related online services. It does not govern third-party websites (links to third parties are covered in Section 9).

  1. Summary — the quick version
  • We collect only the personal information needed to provide services, communicate with you, perform contracts, and meet legal obligations.
  • We use cookies and similar technologies for site operation, analytics, functionality, and advertising (see Cookies section).
  • You have rights to access, correct, delete, port, and limit processing of personal information — detailed below with region-specific instructions.
  • We implement reasonable technical and organizational measures to protect your data.
  1. What personal information we collect

Categories (examples):

  • Contact & identity data: name, job title, company, business email, business phone.
  • Account & order data: billing address, purchase history, order details, delivery address. (Payment processing is handled by third-party payment processors; we do not store full card numbers.)
  • Technical & usage data: IP address, device/browser, operating system, pages visited, referrer, timestamps, crash logs.
  • Support & communications: message contents from contact forms, live chat transcripts, support tickets.
  • Marketing data: marketing preferences, cookie identifiers, analytics identifiers.
  • Limited sensitive data where necessary: in rare cases (e.g., regulatory/contractual requirements) we may process limited sensitive categories (e.g., government ID for certifications) — in such cases we restrict use and rely on explicit consent or another lawful basis.
  1. How we collect it
  • Directly from you (forms, account registration, purchases, email, phone).
  • Automatically (cookies, analytics, log files).
  • From third parties (resellers, distributors, analytics providers, public sources).
  • From partners where you’ve consented to information sharing.
  1. Purposes for which we use personal information

We use personal information to:

  • Provide, operate, and maintain our website and services (orders, shipments, account management).
  • Process transactions and billing.
  • Provide support and respond to inquiries.
  • Send transactional messages and, where you consent, marketing communications.
  • Improve services, run analytics, and detect/prevent fraud and abuse.
  • Comply with legal obligations (tax, export controls, certification, court orders).
  • Facilitate business operations (e.g., mergers, legal requests).
    We limit uses to those compatible with the purpose at collection or as otherwise permitted by law.
  1. Legal bases (EU/UK/EEA residents)

If you are located in the EU/EEA or UK we rely on one or more lawful bases to process personal data, including:

  • Performance of a contract (e.g., orders, subscriptions).
  • Legitimate interests (e.g., preventing fraud, improving site performance) — we balance these interests against your rights.
  • Your consent (for marketing, non-essential cookies, advertising where required).
  • Compliance with legal obligations.
    You may request the lawful basis applied to specific processing. See GDPR text and guidance for details. GDPR+1
  1. Your rights (how to exercise them)

We respond to privacy requests in line with applicable law. Typical rights include:

EU/UK (GDPR) — data subject rights: access, rectification, erasure (“right to be forgotten”), restriction, portability, object to processing, withdraw consent where processing is by consent, and right to lodge a complaint with a supervisory authority. For guidance on privacy notices and required information see ICO guidance. GDPR+1

California (CCPA / CPRA): California residents have rights to: know categories and specific pieces of personal information collected and disclosed; request deletion; request correction; opt out of the “sale” or “sharing” of personal information (we provide an opt-out mechanism); and non-discrimination for exercising rights. Under CPRA there are additional protections for sensitive personal information and new obligations for businesses. To submit a verifiable request for California rights, see Section 14. California DOJ+1

Canada (PIPEDA): Individuals have the right to access and correct their personal information, and organizations must obtain meaningful consent for collection, use and disclosure. See the Office of the Privacy Commissioner (OPC) for guidance. Privacy Commissioner Canada

Brazil (LGPD): Data subjects have rights similar to the GDPR (access, correction, anonymization, portability, erasure, information about data sharing, and to withdraw consent). The LGPD applies to processing of personal data of individuals in Brazil and establishes local supervisory oversight. Usercentrics

Australia (APPs): APP entities must provide open and transparent management of personal information and offer access and correction rights in most cases. See OAIC guidance for details. OAIC

How to make a request:
Email privacy@alllinkx.com with the subject line “Privacy Request — [Your Region]”. Provide sufficient information to verify your identity. We will acknowledge receipt and respond within the timeframes required by applicable law (e.g., GDPR/UK: one month; California: within required statutory timeframe). We may need additional information to verify identity for certain requests.

  1. Cookies, tracking and consent

We use cookies and similar technologies for: necessary site functions, performance & analytics, functionality, and advertising/targeting. We present a cookie banner where required and provide granular controls via our Consent Management Platform (CMP). You can change your preferences anytime via the “Cookie Settings” link in the site footer. See our Cookie Notice page for full details and a cookie table.

  1. Sharing & third parties

We share personal information only as necessary to deliver services or where required by law, including:

  • Vendors and service providers (hosting, analytics, CRM, payment processors, fulfillment).
  • Professional advisors (legal, audit).
  • Buyers in the event of a corporate transaction (merger, acquisition).
  • Law enforcement or regulators where required by law.
    We require third parties to process data per our instructions and contractually bind them to protect personal data.
  1. International transfers

AllLinkX is based in the United States and may transfer personal information to the U.S. and other countries. When transferring personal data from the EU/EEA or UK, we use lawful transfer mechanisms (e.g., adequacy decisions, standard contractual clauses or other appropriate safeguards) or rely on permitted derogations where applicable. If you want details about the transfer mechanism used for your data, contact privacy@alllinkx.com. (See GDPR and supervisory guidance for transfer options.) GDPR

  1. Data retention

We retain personal information for as long as needed to provide services, meet business or legal obligations, resolve disputes, and enforce agreements. Specific retention periods depend on the data type and purpose (e.g., transactional records: typically 6–7 years for tax and audit; marketing preferences: until changed). Where required by law, we retain data for the statutory retention period.

  1. Security

We maintain reasonable administrative, technical, and physical safeguards to protect personal data. These include access controls, encryption in transit, secure hosting, vulnerability management, and employee training. No system is perfect; if there is a security incident affecting personal data we will notify affected individuals and regulators as required by applicable law.

  1. Children

Our services are not directed to children under 16 (or a higher age where local law sets a higher threshold). We do not knowingly collect personal information from children. If we learn we have collected a child’s personal data in violation of law, we will delete it as soon as reasonably possible.

  1. California-specific disclosures (CCPA/CPRA)

If you are a California resident, in addition to the rights described above, AllLinkX provides:

  • A way to exercise opt-out of sale/sharing: Do Not Sell or Share My Personal Information link on our homepage and in the footer.
  • Methods to submit requests: email privacy@alllinkx.com, call our toll-free number [if applicable], or use the web form at [link].
  • A description of categories of personal information collected, sold or shared and categories of third parties with whom we share personal information is provided in our full California Privacy Notice (available here: [link]). For more on California rights see the California Attorney General/California Privacy Protection Agency guidance. California DOJ+1
  1. Regional notes (quick reference)
  • EU / EEA / UK: We comply with GDPR/UK-GDPR principles and provide data subject rights and data transfer safeguards. GDPR+1
  • United Kingdom: We follow ICO guidance on privacy notices and individual rights. ICO
  • Canada: We follow PIPEDA guidance; Canadians may contact the OPC if unresolved. Privacy Commissioner Canada
  • Brazil: We follow LGPD principles; Brazilian data subjects have rights similar to GDPR. Usercentrics
  • Australia: We follow the Australian Privacy Principles (APPs) where applicable. OAIC

If you want additional jurisdictional detail (e.g., Japan, South Korea, or specific country-by-country guidance), tell us which countries to include and we’ll add tailored language and local supervisory authority contact details.

  1. Automated decision-making & profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects individuals, except for limited automated tools used for fraud detection and security. If we implement any profiling with significant effects, we will disclose this and provide rights to contest or obtain human review where required.

  1. Vendor/processor list & sub-processors

We maintain a list of third-party processors (hosting, analytics, payment) and update it periodically. For an up-to-date list or for specific partner names for a particular region, contact privacy@alllinkx.com and we will provide the information.

  1. Changes to this policy

We may update this Privacy Policy to reflect changes in our practices, services, legal obligations, or guidance from supervisory authorities. Material changes will be posted with a new “Last updated” date and where required we will provide notice.

  1. How to contact us / supervisory authorities

Privacy contact: privacy@alllinkx.com
Data Protection Officer (DPO) (EU/UK/Brazil inquiries): dpo@alllinkx.com

If you remain unsatisfied after contacting us you can lodge a complaint with your local data protection authority. For example:

  • EU/EEA: refer to your national supervisory authority; see the European Data Protection Board list. GDPR
  • UK: Information Commissioner’s Office (ICO). ICO
  • California: California Privacy Protection Agency / California Attorney General. California DOJ
  • Canada: Office of the Privacy Commissioner of Canada (OPC). Privacy Commissioner Canada

Brazil: Autoridade Nacional de Proteção de Dados (ANPD). Usercentrics

Last Updated: 11/2025

Linkedin