Last updated 02/10/2014

Epikonic Ltd (formerly known as SocialMeetsCRM Ltd) allows its users, via the toha mobile application, to manage loyalty cards, membership ID’s, and other barcoded and non-barcoded cards (collectively, the Service). The Service is owned and operated by Epikonic Ltd., a New Zealand based corporation (“Epikonic”, “we” or “us”).

Your use of the Service is subject to the terms and conditions set forth in this Privacy Policy (the “Privacy Policy”).


We are committed to respect and protect the privacy of the personal information we obtain from you through the Service and we have created this Privacy Policy to inform you about how we collect, use and share your personal information, and our privacy practices in general. We are always ready to address your questions and concerns regarding this policy and our privacy practices. If you would like to contact Customer Service, please contact us via We continually strive to find new ways to enhance your experience with the Service and we may modify this Privacy Policy from time to time to reflect changes in our privacy practices. You are encouraged to review this Privacy Policy periodically and to check the “Last Updated” date at the top of the Privacy Policy for the most recent version. If we make changes to this Privacy Policy, we will notify you here, or by means of notice on the Website or otherwise through the Service.

1. Terms of Service: Use of the Website and the Service is subject to the terms of our Terms of Service found at, which is hereby incorporated into and made part of this Privacy Policy. Please carefully review our Terms of Service. By using the Website or the Service, you agree to be bound by the terms of our Terms of Service.

2. Types and Uses of Collected Information: Key Ring collects two types of information about you:

a. Personally Identifiable Information. Personally Identifiable Information is information that identifies a specific person. When you engage in certain activities via the Service, including but not limited to creating an account, sending feedback, or otherwise participating in the Service (collectively, “Identification Activities”), we may ask you to provide certain information about yourself. If you elect to engage in an Identification Activity, however, we may ask you to provide us with certain personal information about yourself, such as your name, address (including zip code), email address, telephone number, and date of birth. When you enrol in the Service, we may also ask you to provide us with additional information, such as card information. Depending on the Identification Activity, some of the information we ask you to provide may be identified as mandatory and some identified as voluntary. If you do not provide the mandatory information for a particular Identification Activity that requires it, you will not be permitted to engage in that Identification Activity. Depending on the Identification Activity, Epikonic may not re-ask you for Personally Identifiable Information if such are already stored with us under the Service. If you choose to refer someone through the Service, we will ask you for your referral’s contact information, such as his or her name and email address. We may then send your friend an email inviting him or her to join the Service. Epikonic stores this information for the sole purpose of sending this email and maintaining the Service. Your friend may contact us at to request that we remove his or her contact information from our records. We may use Personally Identifiable Information to provide products and/or services to you, administer sweepstakes and contests, enhance the operation of the Service, improve our marketing and promotional efforts, analyse Service use, improve toha and the Service, and to tailor your experience with third parties as provided below in this Privacy Policy. If you use the Service to send information to another person, we may store your personal information. We may also use Personally Identifiable Information to troubleshoot, resolve disputes, accomplish administrative tasks, contact you, enforce our agreements with you, including our Terms of Service and this Privacy Policy, comply with applicable law, and cooperate with law enforcement activities.

b. Non-Personally Identifiable Information. Non-Personally Identifiable Information is information that does not identify a specific person. This type of information may include things like the Uniform Resource Locator (“URL”) of the website you visited before coming to our Website or otherwise participating in the Service, the URL of the website you visit after leaving our Website or the Service, the type of browser you are using, your Internet Protocol (“IP”) address, statistical information regarding what barcodes are scanned, pages are visited, the date and time of the visits, how long it took a user to download a page, debugging/crash data, the, IMEI and TCP/IP address of the user, or general and/or aggregated location data that does constitute Personally Identifiable Information. We, and/or our authorised Third Party Service Providers, may automatically collect this information when you visit our Website or use the Service through the use of electronic tools like Cookies and Web beacons or Pixel tags, as described below in this Privacy Policy. Most of the other information Epikinic collects for mobile, such as your device and hardware IDs and device type, the request type, your carrier, your carrier user ID, and the content of your request, does not by itself identify you to Epikonic, though it may be unique or consist of or contain information that you consider personal. We use Non-Personally Identifiable Information to troubleshoot, administer the Website and the Service, analyse trends, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. We may also share this information with our authorised Third Party Service Providers to measure the overall effectiveness of our Service, content, and programming.

3. Release of Personally Identifiable Information. We will not sell or share your Personally Identifiable Information with other parties except as provided below:

a. Authorized Third Party Service Providers. Epikonic may provide services and products through third parties. These “Third Party Service Providers” perform functions on our or your behalf. You or We may share your Personally Identifiable Information with such Service Providers to fulfil orders, move data in or out of the Service, analyse data, provide marketing assistance, provide search results and links, operate the Website and the Service, troubleshoot, and provide customer service. We may also collect personal information from individuals and companies (“Affiliates”) with whom we have business relationships and may share your information with Third Party Service Providers to accomplish our administrative tasks. We encourage Affiliates and Third Party Service Providers to adopt and post privacy policies. However, the use of your Personally Identifiable Information by such parties is governed by the privacy policies of such parties and is not subject to our control.

b. Remarketing. Remarketing is a way for Epikonic to connect with people, based upon your past interactions with the Service. Third-party marketing vendors may be hired by Epikonic to perform remarketing services. As a result, third-party vendors, for example Google, may show Epikonic ads on sites on the Internet. Third-party vendors may use cookies to serve ads based on a user’s prior visits to the Website. Users may opt out of Google’s use of cookies by visiting the Google advertising opt-out page at

c. Acquisition. As with any other company, we could merge with, or be acquired by another company. If this occurs, the successor company would acquire the information we maintain, including Personally Identifiable Information. However, Personally Identifiable Information would remain subject to this Privacy Policy.

d. As required by law. We reserve the right to disclose your Personally Identifiable Information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our Website; enforce or apply this Privacy Policy, Terms of Service or other agreements; or protect the rights, property or safety of the Website and Service, users of the Service, employers, or others.

4. Release of Non-Personally Identifiable Information. We may disclose or share Non-Personally Identifiable Information with Affiliates and Third Party Service Providers, and Third Party Advertisers. For example, we may share aggregated demographic information (which does not include any Personally Identifiable Information) with “Third Party Advertisers” or “Third Party Advertising Companies.” We may use Third Party Advertising Companies to serve ads when you participate in the Service. These companies may use Non-Personally Identifiable Information about your visits to this Website, your use of the Service, and visits to other websites or locations in order to provide, through the use of network tags, advertisements about goods and services that may be of interest to you. We may also use Third Party Service Providers to track and analyse Non-Personally Identifiable usage and volume statistical information from our users to administer our Website and the Service, in order to constantly improve their quality. We may also publish this information for promotional purposes or as a representative audience for Third Party Advertisers. Such data is collected on our behalf, and is owned and used by Epikonic. Epikonic may leverage location information. This information may reveal your actual location, such as GPS data, or it may not, such as when you submit a partial address to look at a map of the area or when coarse location is used to triangulate your approximate position using cellular towers. Based on this information Epikonic may present location based alerts such as nearby loyalty card retailers, coupons, and may organise card lists based on the closest retailer in your list.

5. Updating Information. If you are enrolled in the Service, you may change any of your Personally Identifiable Information by contacting us We encourage you to promptly update your Personally Identifiable Information if it changes, as out-of-date Personally Identifiable Information may negatively affect the quality of your Service use and experience.

6. Choices on Collection/Use of Information. You can always choose not to provide certain information, although a certain level of information is required to engage and to participate in the Service. You cannot opt-out of Administrative Emails. “Administrative Emails” relate to a your activity on the Website and the Service, and include but are not limited to emails regarding a your account, requests or inquiries, and purchases of products and services. If you do not want to receive promotional emails from us, you may elect to opt-out of receiving promotional emails at any time by hitting the “unsubscribe” button at the bottom of any of our e-mails.

7. Security of Information. You can access your Personally Identifiable Information through toha with your password and username. This password is encrypted. We advise against sharing your password with anyone. In addition, your Personally Identifiable Information resides on a secure server that only selected personnel and contractors have access to. We may encrypt certain sensitive information using Secure Socket Layer (SSL) technology to ensure that your Personally Identifiable Information is safe as it is transmitted to us. However, no data transmission can be guaranteed to be 100% secure. As a result, while we employ commercially reasonable security measures to protect data and seek to partner with companies that do the same, we cannot guarantee the security of any information transmitted to or from the Website or via the Service, and are not responsible for the actions of any third parties that may receive any such information.

8. Data Tracking

a. Cookies: To facilitate and customise your experience with the Website and the Service, we may store cookies on your computer or other similar device through which you access the Website or the Service. A cookie is a small text file that is stored on your computer or other device for record-keeping purposes which contains information about you. We may use cookies to save you time while using the Website and the Service, remind us who you are, and track and target your interests in order to provide a customised experience. Cookies also allow us to collect Non-Personally Identifiable Information from you, like which pages you visited, what links you clicked on, and how you used the Service. We may use Third Party Advertising Companies to display advertisements on our Website. As part of their service, they may place separate cookies on your computer or similar device. We have no access to or control over these cookies. This Privacy Policy covers the use of cookies by our Website and the Service only and does not cover the use of cookies by any Advertiser. Most browsers automatically accept cookies, however you may be able to modify your browser settings to decline cookies. Please note that if you decline or delete these cookies, some parts of the Website or the Service may not work properly.

b. Other Tracking Devices: We may use other industry standard technologies like pixel tags and web beacons to track your use of our Website pages and promotions, or we may allow our Third Party Service Providers to use these devices on our behalf. Pixel tags and web beacons are tiny graphic images placed on certain pages on our Website, or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, pixel tags and web beacons generate a Non-Personally Identifiable notice of that action. Pixel tags allow us to measure and improve our understanding of visitor traffic and behaviour on our Website, as well as give us a way to measure our promotions and performance. We may also utilise pixel tags and web beacons provided by our Affiliates and/or marketing partners for the same purposes.

9. Privacy Policies of Third Party Websites: This Privacy Policy only addresses the use and disclosure of information we collect from you on and via the Service. Other websites or services that may be accessible through this Website or the Service may have their own privacy policies and data collection, use and disclosure practices. If you use, link or visit any such website, we urge you review the website’s privacy policy. We are not responsible for the policies or practices of third parties.

10. Privacy Settings: As a user, you may have limited access to privacy settings. These settings help hide information you wish to share with other users and/or the public. It is up to you to select the appropriate privacy settings. If you don’t agree with the available privacy settings, please stop using the Service.

11. Public Areas: We may provide areas on our Website or via the Service where you can publicly post information about yourself including your location, can communicate with others such as forums. This information may be accessible by other users and companies and may appear on other websites or web searches, and therefore this information could be read, collected, and used by others. We have no control over who reads your postings or what other users may do with the information you voluntarily post, so please use caution when posting any content or providing anything that could be deemed personal information.

12. Facebook. The Website or Service may allow you to access Facebook to interact with friends and to share on Facebook through your or your friends’ “Walls” and “News Feeds.” By doing so, you agree to allow the Service to access your information and you are agreeing to the Facebook Terms of Use in your use of the Service. If you are not currently enrolled in the Service and you click on “Sign in Using Facebook,” you will first be asked to enter your Facebook credentials and then be given the option to register and join the Service.

13. Notice of Privacy Rights to California Residents. California law requires that we provide you with a summary of your privacy rights under the California Online Privacy Protection Act (“COPPA”) and the California Business and Professions Code. As required by COPPA, we will provide you with the categories of Personally Identifiable Information that we collect through the Website and the categories of third party persons or entities with whom such Personally Identifiable Information may be shared for direct marketing purposes at your request. California law requires us to inform you, at your request,

(1) the categories of Personally Identifiable Information we collect and what third parties we share that information with;

(2) the names and addresses of those third parties;

(3) examples of the products marketed by those companies.

COPPA further requires us to allow you to control who you do not want us to share that information with. To obtain this information, please send a request by email or physical mail to the address found below. When contacting us, please indicate your name, address, email address, and what Personally Identifiable Information you do not want us to share with Affiliates or marketing partners. The request should be sent to the attention of our legal department, and labeled “California Customer Choice Notice.” Please allow 30 days for a response. Also, please note that there is no charge for controlling the sharing of your Personally Identifiable Information or requesting this notice.

14. Children: The Website and the Service are not directed to people under 13. If you become aware that your child has provided us with personal information without your consent, please contact us at If we become aware that a child under 13 has provided us with personal information, we take steps to remove such information and terminate the child’s account.

15. Customer Service: For assistance or questions regarding this Privacy Policy or the Service, you may email us at