Privacy Policy

This privacy policy (“Privacy Policy”) sets out how Private Identity LLC (“Private Identity,” “we”, “our” or “us”) collects, uses, maintains and discloses Personal Data about you, including, without limitation, when you visit or use our website at privateid.com (the “Site”), attend a Private Identity event or otherwise interact with us. This Privacy Policy accompanies our “Terms of Use” applicable to the Site.

Please read this Privacy Policy carefully to understand how we will process your Personal Data and to learn about your rights in relation to it, including, without limitation, your rights of access, correction and control over your Personal Data.

As used in this Privacy Policy, “Personal Data” means any information that identifies you or your household directly or indirectly, including, without limitation, by reference to identifier(s) such as your name, identification number, location data, online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural, educational, commercial, professional or social identity.

This Privacy Policy does not apply to our products, services or demo features accessible via our Site, including, without limitation, our identity and age verification services. These services are governed by separate privacy policies and terms of use, which will be made available to you at the point of access or use of those specific services.

By accessing or using our Site or otherwise interacting with us, you acknowledge that you have read, understood and agree to be bound by this Privacy Policy. If you do not agree with the terms set out herein, please do not access or use our Site. We may update this Privacy Policy from time to time, and the current version will apply each time you engage with us. You should check the effective date of this Privacy Policy (shown at the top of the page) and review any changes periodically.

A. Personal Data We Collect

Information you provide to us. We collect Personal Data that you voluntarily provide to us, or that may be provided on your behalf. This may occur when you visit our Site and complete a contact or request form (e.g., “Try the demo”); subscribe to receive communications or marketing materials from us; create or manage a user account on any part of our Site; request technical or customer support; register for or attend one of our events (in-person or virtual); apply for a job or otherwise engage with us in a recruitment process; or communicate with us by phone, email, chat, social media or other channels.

Depending on the nature of your interaction with us, the categories of Personal Data you may provide include, without limitation:

i. Contact information: Such as your name, email address, phone number, employer, job title and mailing address.

ii. Account and credential information: Including, without limitation, usernames, passwords, password hints or other identifiers used to access an account.

iii. Marketing preferences: Including, without limitation, your preferences for receiving promotional communications and information about your interaction with our emails or messages.

iv. Event information: Such as event registrations, dietary or accessibility requirements and a record of your participation.

v. Payment and financial data: Including, without limitation, invoice information, payment card details, billing contact information and associated transaction history. (Note: payment processing may be handled by third-party providers).

vi. Employment or recruitment data: If you apply for a position with us, we may collect your CV or resume, cover letter, employment history, qualifications, education records and any other information you submit as part of a job application or recruitment process.

vii. User content: Including, without limitation, any information you provide through surveys, forms, reviews or in your communications with us, whether by email, social media or other means.

viii. Social media information: If you engage with us on third-party platforms, we may receive information such as your profile name, handle and content you make publicly available.

We also may collect limited sensitive Personal Data where required and permitted by law (for example, health or disability-related information submitted for event access or accommodation purposes), but only with your explicit consent or where otherwise legally permitted.

Where appropriate, we may de-identify or aggregate the Personal Data you provide to remove direct or indirect identifiers. Such data will be treated as non-personal to the fullest extent permitted under applicable law unless re-identification is reasonably possible or required for compliance.

Information we collect automatically. When you visit or interact with our Site, we may automatically collect certain information about your device and usage through cookies, log files, pixels and similar tracking technologies. This helps us understand how visitors use our Site and allows us to improve its functionality, security and user experience. The categories of Personal Data we may collect automatically include, without limitation:

i. Device information: This may include, without limitation, your device type, operating system, browser type and version, screen resolution, language preferences and other technical attributes that help us optimize your browsing experience.

ii. Usage data: We may collect data about your interactions with the Site, including, without limitation, pages viewed, time spent on pages, navigation paths, referring and exit URLs, clickstream data and other behavioral metrics.

iii. Log information: Our servers may automatically record log data such as your Internet Protocol (IP) address, the date and time of access, browser user agent and error or performance information.

iv. Location data: Where enabled by your device or browser settings, we may collect general location information (such as city-level geolocation) derived from IP address or browser signals, for analytics and security purposes.

v. Interaction with our communications: If you receive an email or other communication from us, we may use tracking technologies to understand whether you opened it, clicked links or took other actions in response.

vi. Cookies and tracking technologies: We and authorized third parties may use cookies, web beacons, tags, software development kits (SDKs) or similar technologies to collect and store information about your browsing behavior. For more detail on our use of these technologies and how you can manage your preferences, please refer to our Cookie Notice.

vii. Support interactions: If you engage with support tools on our Site, such as a help chat feature or contact form, we may log or record those interactions (where permitted by law) to improve customer support, ensure quality and maintain security.

viii. Social media features: Our Site may include, without limitation, features that allow you to engage with content via third-party social media platforms. If you choose to interact with these features, we may collect certain information in accordance with your privacy settings on the applicable platform.

Please note that we may aggregate or de-identify automatically collected information so that it no longer constitutes Personal Data under applicable law. In such cases, we may use or disclose that information for any lawful purpose.

Information we collect from other sources. We may collect Personal Data about you from third-party sources and publicly available databases, where permitted by law. This may include, without limitation:

i. Public sources: Such as public websites, social media platforms (in accordance with your privacy settings), public records or industry directories.

ii. Business partners and affiliates: Including, without limitation, partners who help us with sales, marketing, lead generation, event co-hosting or customer support.

iii. Service providers: Who may collect or process Personal Data on our behalf, such as analytics or advertising providers, or recruitment platforms in connection with employment applications.

iv. Professional networks or platforms: Such as LinkedIn or similar platforms where you interact with our content or representatives.

Any Personal Data we obtain from other sources will be processed in accordance with this Privacy Policy and any applicable legal requirements. Where appropriate, we will notify you of such collection and the source of the information, especially where required under applicable data protection laws.

B. How We Use Your Personal Data

We process your Personal Data for the purposes set out below, and only where we have a valid legal basis to do so under applicable data protection laws, including, without limitation, the EU/UK General Data Protection Regulation (“EU/UK GDPR”), where applicable.

The lawful basis depends on the purpose for which your Personal Data is used. These may include, without limitation:

i. Performance of a contract: where processing is necessary to fulfil our obligations or to take steps at your request before entering into a contract;

ii. Compliance with a legal obligation: where processing is necessary to comply with laws to which we are subject;

iii. Legitimate interests: where we process your Personal Data for purposes that are in our legitimate business interests, and these are not overridden by your fundamental rights and freedoms; and/or

iv. Consent: where you have given your consent to process your Personal Data for a specific purpose (which can be withdrawn at any time).

The table below sets out how we use your Personal Data and includes the applicable lawful basis under the EU/UK GDPR, where applicable:

We may process your Personal Data for other purposes consistent with those listed above, or as otherwise notified to you at the time of collection, with your consent or as required by law.

If you have questions about how we determine the applicable lawful basis or wish to object to specific types of processing, please contact us using the details in the “How to Contact Us” section of this Privacy Policy.

C. When We Disclose Your Personal Data

We do not share your information with third parties for their direct marketing purposes.

We may disclose your Personal Data to unaffiliated third parties in the following circumstances, and only to the extent permitted by applicable law:

i. With your consent or at your request: We may disclose your Personal Data when you request or authorize us to do so, such as when you opt in to receive communications from third parties.

ii. To facilitate transactions or provide requested information: We may disclose Personal Data where it is necessary to fulfil your requests, respond to your inquiries or support the completion of a transaction initiated by you.

iii. To comply with legal or regulatory obligations: We may disclose Personal Data to comply with applicable law, regulations, governmental or regulatory requests, court orders or legal processes. This includes, without limitation, disclosures to law enforcement agencies or supervisory authorities or courts, as well as for fraud prevention, public safety or the enforcement of our Terms of Use or other agreements.

iv. In connection with a business transaction: In the event of a corporate transaction (e.g., merger, acquisition, reorganization, divestiture, financing or sale of all or part of our assets) affecting us, Personal Data may be shared with or transferred to relevant third parties (such as advisers, counterparties or acquiring entities) as part of due diligence or the completion of the transaction. We will take steps to ensure any recipient respects the security and confidentiality of your Personal Data in accordance with applicable law.

v. With service providers and vendors: We may share Personal Data with third-party service providers who perform functions on our behalf and under our instructions. These may include, without limitation, providers of website and infrastructure hosting, IT support and cloud services, data analytics and visualization, CRM, communications, marketing support, event registration, administration, and professional services such as legal, audit or consulting.

vi. To protect legal rights and safety: We may disclose Personal Data to protect our rights, property or safety or that of our customers or others. This may include, without limitation, sharing information with fraud prevention agencies, credit reference agencies or security consultants.

vii. As otherwise set out in this Privacy Policy: We may disclose your Personal Data for other purposes identified in this Privacy Policy, provided such disclosures are lawful and proportionate.

We may also share aggregated or anonymized information that does not identify you with third parties for statistical, analytical or research purposes. This information is not considered Personal Data under applicable data protection laws.

D. Minors and Children Privacy

Children Online Protection. Our Site is not intended, designed to be attractive to, or directed to children under the age of 18; if you are not 18 years or older, do not access or use our Site. We do not knowingly collect Personal Data from children under the age of 18. If we learn that Personal Data of persons less than 18 years-of-age has been collected through our Site, we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child or a minor under the age of 18 has submitted Personal Data to us through the Site without your consent, then you may alert us at compliance@privateid.com so that we may take appropriate action to remove the minor's Personal Data from our systems.

E. Links to Third Party Services

Our Site may contain links to third party websites, applications and services not operated by us. These links are provided as a service and do not imply any endorsement by Private Identity of the activities or content of these sites, applications or services, nor any association with their operators. Private Identity is not responsible for the privacy policies or practices of any third party, including, without limitation, websites or services directly linked to our Site. We encourage you to review the privacy policies of any third-party site that you link or access from our Site.

F. How We Secure Your Personal Data

We take reasonable technical and organizational precautions to protect the confidentiality, security and integrity of all data. Although we use security measures to help protect data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the Internet. While we strive to use commercially acceptable means to protect data, there is no guarantee that information may not be accessed, disclosed, altered or destroyed.

G. Our Retention of Your Personal Data

We retain Personal Data collected through the Site only for as long as is reasonably necessary to fulfil the purposes for which it was collected, as outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our criteria for determining the appropriate retention period for each category of Personal Data include, without limitation: the duration necessary to operate the Site and maintain user interactions, your requests and the exercise of any rights (such as deletion or access), our contractual or legal obligations, the need to enforce our terms and protect our rights, applicable legal, regulatory or reporting obligations, and technical constraints (e.g. secure deletion or backup limitations).

We also may store and use your Personal Data as necessary to comply with our legal obligations, resolve disputes, detect or prevent fraud or enforce our agreements and rights. In cases where deletion is not technically and reasonably feasible, we will take appropriate steps to securely store and isolate the data from further processing. Otherwise, we will seek to delete your personal data within a reasonable timeframe upon request, subject to applicable law and our data retention obligations.

H. Jurisdiction & Cross-border Transfers

We are headquartered in the United States, and the Site is operated from there. If you access or interact with the Site from outside the United States, please be aware that your Personal Data may be transferred to, stored in or accessed from the United States or other jurisdictions where our affiliates, service providers or partners are located. The data protection laws in these jurisdictions may differ from those in your country of residence and may not offer the same level of protection. However, we take appropriate measures to safeguard your Personal Data in accordance with this Privacy Policy and applicable data protection laws. Where required under applicable law (including, without limitation, the EU/UK GDPR), we ensure that appropriate safeguards are in place for international data transfers. These may include, without limitation: (i) entering into contracts based on the European Commission's Standard Contractual Clauses (or the UK International Data Transfer Agreement or Addendum, as applicable); and/or (ii) implementing other lawful safeguards recognized under applicable data protection regimes. You may request further information about these safeguards, or obtain a copy of relevant contractual terms, by contacting us at compliance@privateid.com. Please note that Personal Data transferred to the United States may be accessible to United States authorities in accordance with applicable laws. We remain committed to ensuring that your data is protected and handled with care, wherever it is processed.

I. Your Marketing Preferences – Text and Email

We will obtain your consent to send marketing communication where required by applicable law. You can withdraw your consent or choose not to receive promotional emails from us by “unsubscribing,” using the instructions in any email or SMS you receive from us. Note that we reserve the right to send you certain email communications relating to your use of our Site, service announcements, notices of changes to this Privacy Policy or our other terms, or similar administrative or transactional messages, and these transactional account messages may be unaffected if you choose to opt-out from e-mail marketing communications.

J. Your Rights

US Privacy Rights

Notice at Collection. To understand the categories and sources of Personal Data we collect, please refer to the “Personal Data We Collect” section of this Privacy Policy. To understand the business or commercial purpose for collecting Personal Data, please refer to the “How We Use Your Personal Data” section of this Privacy Policy. To understand the third parties to whom we have disclosed your Personal Data for a business purpose, please refer to the “When We Disclose Your Personal Data” section of this Privacy Policy.

Depending on your state of residence, you may have the following rights with respect to your Personal Data:

• The right to know the categories and/or specific pieces of Personal Data collected about you, including, without limitation, the sources of your Personal Data, whether your Personal Data is sold or disclosed and the purpose, and with whom your Personal Data was shared;
• The right to request deletion of Personal Data;
• The right to correct inaccurate Personal Data;
• The right to opt-out of “sale” and/or “share” of your Personal Data; and
• The right to limit the use of your sensitive Personal Data. We collect sensitive Personal Data, as defined by applicable privacy laws, but only data that would be reasonably expected by you or for purposes allowed under the law or to provide you with the products and services you requested. Therefore, we do not offer the right to limit the use of sensitive Personal Data.

Exercising Your Right to Know, Delete and Correct. You can exercise any of these rights by using the details in the “How to Contact Us” section of this Privacy Policy. Depending on your state of residence, you may be able to appeal our decision responding to your request regarding your Personal Data. To appeal, please contact us using the details in the “How to Contact Us” section of this Privacy Policy. We do not discriminate against those who exercise any of their rights described in this Privacy Policy.

Notice of Right to Opt-Out of Sale/Sharing. Our use of online tracking technologies, as described in the “Cookies and tracking technologies” section above, may be considered a “sale” / “share” under applicable law. We do not have any actual knowledge that we sell or share Personal Data of consumers under 16 years of age. To exercise your right to opt-out of the “sale” and/or “share” of your Personal Data, please submit a request using the details in the “How to Contact Us” section of this Privacy Policy.

Authorized Agent Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth in the “How To Contact Us” section of this Privacy Policy and provide written authorization signed by you and your designated agent.

Verification To protect your privacy, we will take the following steps to verify your identity before fulfilling your request. When you make certain requests, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.

Shine the Light Disclosure. (CA Civil Code § 1798.83). Under California's “Shine the Light” law, California residents are entitled to opt out of the sharing of their Personal Data with unaffiliated third parties for those third parties' own direct marketing purposes. We do not share your Personal Data with unaffiliated third parties for their own direct marketing purposes without your consent. If we do share such information in the future, we will provide you with the opportunity to opt-in or, where permitted by law, opt-out of such disclosures.

Do Not Track: Some web browsers offer a “Do Not Track” (DNT) setting that allows you to express your preference not to be tracked across websites. At this time, we do not respond to DNT signals.

European Privacy Rights

If you are based in the EU or UK, in certain circumstances you have rights under data protection laws in relation to your Personal Data that we hold about you - specifically to:

i. Request access to your Personal Data: You may have the right to request access to any Personal Data we hold about you as well as related information, including, without limitation, the purposes for processing the Personal Data, the recipients or categories of recipients with whom the Personal Data has been shared, where possible, the period for which the Personal Data will be stored, the source of Personal Data and the existence of any automated decision making.

ii. Request correction of your Personal Data: You may have the right to obtain without undue delay the rectification of any inaccurate Personal Data we hold about you.

iii. Request erasure of your Personal Data: You may have the right to request that Personal Data held about you be deleted. (You may also delete your Account at any time using the settings page on the Service).

iv. Object to our processing of your Personal Data: You may have the right to object to our processing of your Personal Data, in certain circumstances.

v. Request restriction of processing your Personal Data: You may have the right to prevent or restrict processing of your Personal Data.

vi. Withdraw your consent: You may withdraw your consent to our processing of your Personal Data at any time (which will not impact the legality of any previous processing based on such consent). Note that we may continue to process your Personal Data where consent is not the legal basis relied upon.

vii. Request transfer of your Personal Data: You may have the right to request transfer of your Personal Data directly to a third party where this is technically feasible.

You can exercise any of these rights by using the details in the “How to Contact Us” section of this Privacy Policy.

Where you believe that we have not complied with our obligations under this Privacy Policy or European data protection law, you have the right to make a complaint to an EU Data Protection Authority or the UK's Information Commissioner's Office (“ICO”).

K. Changes to this Privacy Policy

We reserve the right to update or modify this Privacy Policy from time to time. If we make any material changes to this Privacy Policy or the way we use, share or collect Personal Data, we will revise the “Effective Date” at the top of this Privacy Policy and post the updated Privacy Policy on this page. We may also endeavor to notify you by, for example, prominently posting an announcement of the changes on our Site, or sending an email to the email address you most recently provided us (unless we do not have such an email address) prior to the new policy taking effect. We encourage you to review this Privacy Policy regularly to ensure that you are familiar with Private Identity's current practices.

L. How to Contact Us

If you have any questions in relation to this Privacy Policy, if you wish to request more information about our data protection practices or if you wish to exercise any of your data subject rights, please contact us at:compliance@privateid.com