Legal & Privacy Framework

These terms govern your use of the Drinkscanner website, platform, and associated services.

By using our services, you agree to these terms and confirm that you have the authority to act on behalf of any business or organization you represent.

Drinkscanner provides tools for creating, managing, and hosting digital product information (e-labels) to help producers comply with applicable labeling regulations, including but not limited to:

• EU Regulation 1169/2011 (Food Information to Consumers)
• EU Regulation 2021/2117 (Wine Labeling Requirements)
• Other relevant national and international labeling standards

Users creating accounts on Drinkscanner are responsible for maintaining the confidentiality of login credentials and all activities under their account.

Producers and agents retain ownership of their uploaded product information. Drinkscanner acts as a data processor for hosted label data and a data controller for website user data.

We aim to ensure continuous uptime but do not guarantee uninterrupted service. Planned maintenance will be communicated in advance when possible.

Users may not:

• Upload illegal, defamatory, or misleading content
• Use the service to track or profile individuals
• Attempt to access systems or data beyond authorized scope

Drinkscanner provides services "as is." We are not liable for indirect, incidental, or consequential damages resulting from use or inability to use the service.

By creating an account and using Drinkscanner's services, users acknowledge and agree to the following:

2.8.1 Full Responsibility for Published Content

Users are solely and exclusively responsible for all content, information, data, claims, and materials they publish, upload, or make available through the Drinkscanner platform. This includes, but is not limited to:

• Product descriptions and ingredient listings
• Nutritional information and allergen declarations
• Health claims, sustainability statements, and awards
• Images, logos, trademarks, and other intellectual property
• Compliance with labeling regulations
• Accuracy and completeness of all published data

2.8.2 Regulatory Compliance Across Markets

Users acknowledge that labeling requirements, standards, and regulations vary significantly across different jurisdictions and markets. Users are responsible for:

• Understanding and complying with all applicable laws and regulations in each market where their products are distributed
• Ensuring compliance with EU Regulations 1169/2011, 2021/2117, and any other relevant directives
• Meeting specific national requirements in addition to EU-wide regulations
• Staying informed of regulatory changes and updating published content accordingly
• Obtaining all necessary certifications, approvals, and authorizations before making claims

Drinkscanner provides a technical framework and platform for digital labeling. We do not provide legal advice, regulatory guidance, or verification of compliance. Users must consult with qualified legal and regulatory experts for their specific markets and products.

2.8.3 No Liability for User Content

Drinkscanner assumes no responsibility or liability for any content published by users. This includes, but is not limited to:

• Accuracy, completeness, or legality of published information
• Compliance with applicable labeling laws and regulations
• Validity of health claims, sustainability certifications, or award statements
• Infringement of third-party intellectual property rights
• False, misleading, or deceptive product descriptions
• Consequences arising from incorrect or incomplete information

2.8.4 Financial Liability for Non-Compliance

Users agree that they are fully liable for all fines, penalties, sanctions, legal fees, and damages arising from:

• Non-compliance with applicable labeling regulations in any market
• Publication of false, misleading, or unsubstantiated claims
• Incorrect or incomplete product information
• Violation of consumer protection laws
• Infringement of intellectual property or trademark rights
• Any other violations of law related to published content

All fines, penalties, and related costs must be paid in full by the responsible user or account holder. Drinkscanner shall not be held liable for any such costs and reserves the right to seek indemnification from users for any claims, damages, or expenses incurred as a result of user content or non-compliance.

2.8.5 Substantiation and Documentation Requirements

Users must be able to provide immediate substantiation and supporting documentation for all claims made on their published labels, including but not limited to:

• Health and nutrition claims: Scientific evidence, authorized claim references, or pre-approval documentation
• Sustainability and environmental claims: Valid certifications (e.g., organic, biodynamic, carbon neutral), third-party audits, or verifiable data
• Awards and recognitions: Official certificates, competition results, or award documentation
• Origin and geographical indications: PDO, PGI, or other protected designation documentation
• Production methods: Certifications, production records, or quality system documentation

Failure to provide adequate substantiation upon request by regulatory authorities, Drinkscanner, or other authorized parties will result in:

• Immediate suspension of the affected content or account
• Full financial liability for any resulting fines or penalties
• Potential termination of service access without refund
• Reporting to relevant regulatory authorities if legally required

2.8.6 Audit Rights and Compliance Verification

Drinkscanner reserves the right to conduct unannounced audits and compliance reviews of user-published content at any time, including but not limited to:

• Random quality assurance checks of published information
• Verification of claims, certifications, and award statements
• Review of compliance with applicable regulations and platform terms
• Investigation of complaints, reports, or suspicious content
• Response to regulatory inquiries or legal requirements

During an audit, users must:

• Provide requested documentation and substantiation within the specified timeframe (typically 7-14 business days)
• Cooperate fully with the audit process and respond to inquiries promptly
• Correct any identified non-compliance issues immediately
• Accept that content may be temporarily suspended during verification

Failure to cooperate with audits or provide adequate documentation will result in immediate content suspension and potential account termination.

2.8.7 Acceptance by Registration

By completing registration and creating an account on Drinkscanner, users explicitly acknowledge and accept:

• Full understanding of their regulatory responsibilities across all applicable markets
• Complete financial and legal liability for all published content
• The requirement to maintain adequate documentation and substantiation
• Drinkscanner's right to conduct audits and compliance reviews
• The framework nature of the platform and absence of regulatory advice
• All consequences of non-compliance, including fines, penalties, and account termination

No separate acceptance is required — registration constitutes full and binding acceptance of these responsibilities and terms.

2.8.8 Indemnification

Users agree to indemnify, defend, and hold harmless Drinkscanner, its officers, directors, employees, agents, and affiliates from and against any and all claims, liabilities, damages, losses, costs, expenses, or fees (including reasonable attorneys' fees) arising from or related to:

• User content or published information
• Violation of these terms or applicable laws and regulations
• Claims by third parties related to user content or activities
• Regulatory enforcement actions or penalties resulting from user content
• Intellectual property infringement or misappropriation

This indemnification obligation survives termination of the user's account and use of Drinkscanner services.

We are committed to protecting your privacy and ensuring compliance with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws.

On drinkscanner.com and app.drinkscanner.com, we may collect:

• Account information (name, company, email address)
• Billing information (if applicable)
• Technical logs (for system security and maintenance)
• Voluntary communication (support requests, feedback)
• Usage data and analytics (page views, feature usage, session duration)
• Device information (browser type, IP address, operating system)

We may use third-party analytics and tracking services to improve our platform and understand how users interact with our services. These may include:

• Analytics tools (e.g., Google Analytics, Plausible, or similar services) to measure website traffic and user behavior
• Performance monitoring to identify and fix technical issues
• Marketing pixels (if applicable) for conversion tracking and advertising optimization

These services may use cookies or similar technologies. Data collected through these services is processed in accordance with their respective privacy policies and our data processing agreements.

Important: Full analytics and tracking services (including third-party tools and cookies) are only used on drinkscanner.com and app.drinkscanner.com. Public QR code pages (/i and /p) use a different, privacy-preserving approach — see Section 4.1 below.

• To provide and improve our services
• To ensure regulatory compliance and system integrity
• To communicate with registered users about updates, security, or support

We do not sell, rent, or share personal data with third parties for marketing or profiling purposes.

We retain user and label data only as long as necessary for service provision, legal compliance, or security purposes.

Users can request:

• Access to their data
• Correction or deletion of data
• Export of data (data portability)
• Withdrawal of consent at any time

Requests can be made to: privacy@drinkscanner.app

To improve our service and ensure e-labels display correctly, we collect minimal, anonymous technical data when QR code pages are visited:

• Device type and browser information
• Approximate location (to determine appropriate language)
• Time of visit
• Anonymous page view statistics

How we protect your privacy:

• No cookies are used on these pages.
• No personal data is collected, stored, or transmitted.
• No cross-session tracking — we cannot identify or follow individual visitors.
• No marketing or profiling — data is never used for advertising or behavioral targeting.
• Immediate anonymization — technical details (like browser type and language) are converted into short-lived, random codes using ephemeral hashing with different salts on each request.
• No persistent identifiers — we never store raw IP addresses or any data that could be used to reconstruct or recognize a specific browser or individual.
• Aggregated statistics only — all data is immediately aggregated into anonymous visit counts.

GDPR Compliance:

This approach is compliant with GDPR because the data collected does not constitute personal data. Under GDPR Recital 26: "Data which do not relate to an identified or identifiable natural person… are not personal data."

Since we:

• Never retain identifiers long enough to identify anyone,
• Immediately anonymize and aggregate all technical data, and
• Use no cookies or cross-session tracking mechanisms,

→ The data processing falls outside GDPR's scope as no personal data is being processed.

This technical data helps us understand e-label usage patterns and ensure optimal performance across different devices and regions, while fully respecting consumer privacy.

• All pages are served over HTTPS using modern encryption standards.
• Content is delivered from secure servers hosted within the European Union.
• Databases are managed under strict access control, encryption at rest, and continuous monitoring.
• Regular backups and security audits ensure data integrity and compliance.

These pages are fully compliant with:

• EU Regulation 1169/2011
• EU Regulation 2021/2117
• GDPR principles (lawfulness, fairness, transparency, data minimization)

The QR-code landing pages are informational only, designed for regulatory compliance — not for marketing or data collection.

On drinkscanner.com and app.drinkscanner.com (the main website and platform), we may use:

• Essential cookies – required for site functionality (e.g., authentication)
• Preference cookies – optional, to remember user settings

No cookies are used on public QR code pages (/i or /p).

Users can control or delete cookies through their browser settings. If cookies are disabled, some features of the platform may not function properly.