Security + Privacy
Last revised and effective as of: October 24, 2022
“we” or “us” or “our”) through your use of the Adept ID website at https://www.adept-id.com/ and
any subdomains thereof (the “Site”) and the services, features, and information available on the
Site (together with the Site, along with associated and successor websites, applications, features,
information, and services, or any part thereof, the “Service”) and in connection with our provision
Regulation (EU) 2016/679; (b) “UK Data Protection Laws” means data protection laws enacted
under the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit)
Regulations 2019 (“UK GDPR”) and the UK Data Protection Act 2018 (“UK DPA 2018”); and (c)
“European Data Protection Laws” means the GDPR and/or UK Data Protection Laws, in each
case to the extent applicable.
sets out our practices and obligations under the European Data Protection Laws, to the extent
applicable. If an organization with which you are associated (an “Organization”) signs up to use
our Service, we may receive personally identifiable information about you in connection with our
provision of the Service to your Organization. To the extent we process (as defined below) that
personally identifiable information solely in order to provide the Service to your Organization,
under the European Data Protection Laws, to the extent applicable, we will act as a processor (as
defined in the European Data Protection Laws) on behalf of your Organization in respect of that
personally identifiable information; and your Organization will act as a controller (as defined in the
European Data Protection Laws) in respect of that personally identifiable information and is
responsible for obtaining all necessary consents and providing you with all requisite information
as required by applicable law. To the extent we process your personally identifiable information
for any other lawful business purpose of ours, under the European Data Protection Laws, to the
extent applicable, we will act as a controller of such personally identifiable information and this
cookies on a computer, subjecting the information to statistical or other analysis and using or
handling information in any way, including, but not limited to collecting, storing, evaluating,
modifying, deleting, using, combining, disclosing and transferring information within Adept ID or
among our affiliates within the United States or internationally.
- What information about me is collected?
- action tags)?
- Is information submitted to the Public Areas of the Service private?
- Does Adept ID collect information from children under 13 years of age?
- What does Adept ID do with the information it collects?
- When does Adept ID disclose information to third parties?
- Is the information collected through the Service secure?
- Could my information be transferred to other countries?
- For how long will my personally identifiable information be kept?
- What choices do I have regarding my personally identifiable information?
- Who do I contact if I have any privacy questions?
WHAT INFORMATION ABOUT ME IS COLLECTED?
Depending on your use of the Service, we may collect two types of information: personally identifiable information and non-personally identifiable information.
Personally Identifiable Information
Personally identifiable information is information that identifies you or can be used to identify or contact you. Such information may include your name, address, e-mail address, role, company name, company type, use case, API key, telephone number, and the contents of any message you submit to us. Additionally, our Outside Contractor (as defined below) that is responsible for billing and payment processing services (the “Payment Services Provider”) may collect your billing and credit card information from you directly. We may also receive employment data from third-party sources as well as from publicly available sources. Personally identifiable information amounts to ‘personal data’ for the purposes of and as defined in the European Data Protection Laws (to the extent applicable). All references to personally identifiable information shall be deemed to include ‘personal data’ as defined and used in the European Data Protection Laws (to the extent applicable).
Non-Personally Identifiable Information
Non-personally identifiable information is information, any single item of which, by itself, cannot be used to identify or contact you, including non-identifiable demographic information, browser types, unique device identifiers, device types, requested URL, referring URL, browser language, the pages you view, the date and time of your visit, domain names, city/state, and statistical data involving the use of the Service. Certain non-personally identifiable information may be considered a part of your personally identifiable information if it were combined with other identifiers in a way that enables you to be identified. However, the same pieces of information are considered non-personally identifiable information when they are taken alone or combined only with other non-personally identifiable information (for example, your viewing preferences) in a way that would not enable you to be identified.
We may collect, analyze, and create anonymized data, statistics, or other information obtained through the provision, use and performance of various aspects of the Service or otherwise (collectively, “Anonymized Data”), and aggregate such Anonymized Data, statistics or other information. Please note that Anonymized Data is not personally identifiable information and we may use or disclose such Anonymized Data for any lawful business purpose without notice or your consent. We will not re-identify, or attempt to re-identify, any of the Anonymized Data or otherwise link or associate Anonymized Data with any information relating to an identified or identifiable natural person.
We will collect personally identifiable information that you submit to us. We may also receive employment data from third-party sources. We may also access publicly available information, including through LinkedIn.
Registering to Use the Service and in the Course of Using the Service.
You may be required to establish an account in order to take advantage of certain features of the Service. If so, if you wish to establish an account you will be required to provide us with information (which may include personally identifiable information and non-personally identifiable information) such as name, e-mail address, company name, and API Key, and including credit card and billing information directly to the Payment Services Provider. In addition, we may obtain your personally identifiable information from you if you identify yourself to us by communicating with us including by sending us an e-mail with questions or comments. Also, we will have access to any personally identifiable information that you choose to share through the Service.
Cookies and Action Tags.
We may collect information passively using “cookies” and “action tags.”
“Cookies” are small text files that can be placed on your computer or mobile device in order to identify your web browser and the activities of your computer on the Service and other websites. Cookies can be used to personalize your experience on the Service (such as dynamically generating content on webpages specifically designed for you), to assist you in using the Service (such as saving time by not having to reenter your name each time you use the Service), to allow us to statistically monitor how you are using the Service to help us improve our offerings, or to determine the popularity of certain content.
In addition to cookies that we may place on your computer or mobile device, cookies might also be placed on your computer or mobile device by third parties that we use to provide analytics-related services. In the course of serving services, such third-party service providers could place or recognize unique cookies on your browser.
You do not have to accept cookies to use the Service. Although most browsers are initially set to accept cookies, you may reset your browser to notify you when you receive a cookie or to reject cookies generally. Most browsers offer instructions on how to do so in the “Help” section of the toolbar. However, if you reject cookies, certain features or resources of the Service may not work properly or at all and you may experience some loss of convenience.
For the avoidance of doubt, the Service may use third-party service platforms (including to help analyze how users use the Service). These third-party service platforms may place cookies on your computer or mobile device. If you would like to disable “third party” cookies, you may be able to turn them off by going to the third party’s website.
Here are links to the main third-party platforms we use:
“Action tags,” also known as web beacons or gif tags, are a web technology used to help track website usage information, such as how many times a specific page has been viewed. Action tags are invisible to you, and any portion of the Service, including e-mail sent on our behalf, may contain action tags.
By using cookies and action tags together, we can gain valuable information to improve the Service and measure the effectiveness of our marketing campaigns. We may also combine information collected from cookies with information that you may provide, such as information provided in a form that you complete.
We also collect information through our Internet log files, which record data such as user IP addresses, browser types, domain names, and other anonymous statistical data involving the use of the Service. This information may be used to analyze trends, to administer the Service, to monitor the use of the Service, and to gather general demographic information. We may link this information to personally identifiable information for these and other purposes such as personalizing your experience on the Service and evaluating the Service in general.
Any information you share in a Public Area (including personally identifiable information) is by design open to the public and is not private. You should think carefully before posting any information in any Public Area. What you post can be seen, disclosed to or collected by others and may be used by others in ways we cannot regulate or predict. As with any public forum on any website, the information you post may also show up in third-party search engines like Google, Yahoo, and Bing. If you mistakenly post personally identifiable information in a Public Area you can send us an e-mail to request that we remove it by contacting us at [email protected]. You should understand that, in some cases, we may not be able to remove your information.
IS INFORMATION SUBMITTED TO THE PUBLIC AREAS OF THE SERVICE PRIVATE?
DOES ADEPT ID COLLECT INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE?
We are committed to protecting the privacy of children. The Service is not designed for or directed to children under the age of 13. We do not collect personally identifiable information from any person we actually know is under the age of 13.
WHAT DOES ADEPT ID DO WITH THE INFORMATION IT COLLECTS?
We will only use your personally identifiable information to the extent that the law allows us to do so. Pursuant to the European Data Protection Laws, legal bases for our processing your personally identifiable information may include (without limitation):
(a) where you have given consent to the processing, which consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal;
(b) where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Service or otherwise);
(c) where it is necessary for us to comply with a legal obligation to which we are subject; and/or
(d) where it is necessary for the purposes of our legitimate interests (or those of a third party) in providing or marketing the Service and your interests or fundamental rights and freedoms do not override those legitimate interests.
We use the information collected to provide the Service to you and process your transactions, to help us understand who uses the Service, for internal operations such as operating and improving the Service, to contact you for customer service and billing purposes, and, unless you ‘opt out’ (to the extent permitted by applicable law), so that we and third parties acting on our behalf can contact you about products and services that may be of interest to you.
We may use your information to send you a welcoming e-mail that may confirm your log-in credentials. Unless you ‘opt out’ (to the extent permitted by applicable law), we and third parties acting on our behalf may subsequently send you electronic newsletters, contact you about the Service, products, services, information and news that may be of interest to you, and provide you with targeted feedback. If you no longer desire to receive these communications, we will provide you with the option to change your preferences in each communication we send to you. You may also inform us by email to: [email protected].
If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personally identifiable information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.
We may also use the information collected to send announcements and updates regarding the Service or, if applicable, about your billing account status. You will not be able to unsubscribe from these Service announcements and updates as they contain important information relevant to your use of the Service and are necessary for the performance of our contract with you.
We may also use the information gathered to perform statistical analysis of user behavior or to evaluate and improve the Service. We may link some of this information to personally identifiable information for internal purposes or to improve your experience with the Service.
WHEN DOES ADEPT ID DISCLOSE INFORMATION TO THIRD PARTIES?
Laws and Legal Rights.
We may disclose your information (including personally identifiable information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. We may disclose personally identifiable information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating a contract with us, to detect fraud, for assistance with a delinquent account, or to protect the safety and/or security of our users, the Service or the general public.
Third Parties Generally.
We may provide to third parties non-personally identifiable information, including where such information is combined with similar information of other users of the Service. For example, we might inform third parties regarding the number of unique users who use the Service, the demographic breakdown of our users of the Service, or the products and/or services purchased using the Service and the vendors of such products and services. In addition to the above, when users use our Service, third parties (including without limitation third-party analytics service providers and commercial partners) may directly collect personally identifiable and non-personally identifiable information about our users’ online activities over time and across different websites. The third parties to which we may provide or who may independently directly collect personally identifiable and non-personally identifiable information may include potential or actual providers of analytics products or services (including vendors, analytics services providers, and website tracking services), affiliates and other actual or potential commercial partners, and other similar parties. Please note in particular that the Service may use Google Analytics, including its data reporting features. Information collected by Google Analytics includes but is not limited to web metrics. For information on how Google Analytics collects and processes data, please see the site “How Google uses data when you use our partners’ sites or apps”, currently located at www.google.com/policies/privacy/partners/. For information on opting out of Google Analytics, we encourage you to visit Google’s website, including its list of currently available opt-out options presently located at https://tools.google.com/dlpage/gaoptout.
We may provide your information to professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
We may employ independent contractors, vendors and suppliers (collectively, “Outside Contractors”) to provide specific services and products related to the Service, such as hosting and maintaining the Service, providing credit card processing and fraud screening, including the Payment Services Provider, and developing applications for the Service. In the course of providing products or services to us, these Outside Contractors may have access to information collected through the Service, including your personally identifiable information. We use reasonable efforts to ensure that these Outside Contractors are capable of protecting the security of your personally identifiable information.
Sale of Business.
We reserve the right to transfer information to a third party in connection with a sale, merger or other transfer of all or substantially all of the assets of Adept ID or any of its Corporate Affiliates (as defined below), or that portion of Adept ID or any of its Corporate Affiliates to which the Service relates, or in connection with a strategic investment by a third party in Adept ID, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding.
IS THE INFORMATION COLLECTED THROUGH THE SERVICE SECURE?
We want your information (including personally identifiable information) to remain secure. We strive to provide transmission of your information from your computer or mobile device to our servers through techniques that are consistent with commercially reasonable standards and to employ administrative, physical, and electronic measures designed to protect your information from unauthorized access.
Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information over the Internet. There is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.
COULD MY INFORMATION BE TRANSFERRED TO OTHER COUNTRIES?
FOR HOW LONG WILL MY PERSONALLY IDENTIFIABLE INFORMATION BE KEPT?
We will only retain your personally identifiable information for as long as necessary to fulfill the purposes for which we collected it or as otherwise permitted by applicable law.
To determine the appropriate retention period for personally identifiable information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personally identifiable information and whether we can achieve those purposes through other means, and the applicable legal requirements.
WHAT CHOICES DO I HAVE REGARDING MY PERSONALLY IDENTIFIABLE INFORMATION?
Under certain circumstances and in compliance with the European Data Protection Laws, you may have the right to:
Request access to your personally identifiable information (commonly known as ‘subject access request’). This enables you to receive a copy of the personally identifiable information we hold about you and to check that we are lawfully processing it;
Request correction of the personally identifiable information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
Request erasure of your personally identifiable information. This enables you to ask us to delete or remove your personally identifiable information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your personally identifiable information in certain circumstances;
Object to processing of your personally identifiable information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
Request the restriction of processing of your personally identifiable information. This enables you to ask us to suspend the processing of your personally identifiable information, for example, if you want us to establish its accuracy or the reason for processing it;
Request the transfer of your personally identifiable information to another party; and
Lodge a complaint with the relevant supervisory authority (as defined in the European Data Protection Laws). If you have any complaints about the way we process your personally identifiable information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.
If you want to review, verify, correct or request erasure of your personally identifiable information, object to the processing of your personally identifiable information, or request that we transfer a copy of your personally identifiable information to another party, please contact [email protected].
You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personally identifiable information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.
DO NOT TRACK
The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to automated Do Not Track requests. However, if you wish to stop such tracking, please contact us with your request, using our contact details provided below.
WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?
By postal mail or courier:
Adept ID, Inc.
184 High Street, Suite 602, Boston, MA 02110