Last Revised: 6-25-2020
This Policy applies to the information you provide to Intellicheck in connection with your use of the Services. We have no control over, and no responsibility or liability for, any third party's collection, use, disclosure, or retention of the Personal Information that you provide to a third party, and that collection, use, disclosure, and retention is not subject to this Policy.
If you are an individual whose driver's license or government-issued identification card has been scanned using the Services, the person, organization, or entity who used the Services to execute the scan is under legal obligations, which limit the information that person, organization, or entity can collect about you. You should contact that person, organization, or entity directly if you have questions about its collection, use, or storage of your information.
Information Collection Practices.
The Services collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device ("Personal Information"). Personal Information does not include:
- Publicly available information from government records; or
- Deidentified or aggregated consumer information.
When you visit a web site without registering, you can browse without submitting personally identifiable information about yourself. If you register for an account within a Service or to access a Service, we will collect some Personal Information from you, including your full name, username, email address, and a password that you select. When you interact with the Services, we also receive and store certain additional types of information which, in general, do not directly identify you. This Section of the Policy outlines the various ways that information is collected from the Services. Please fully review this Policy before you use the Services or submit information to us.
b) Information Automatically Collected
The Services may automatically collect certain information from users through the use of "cookies," locally shared objects, or other technologies (see Section 5 below). In general, information automatically collected does not directly identify you and the information may include, but is not limited to: browser type; other browser history; platform type; device's MAC address or MSISDN or other unique device identifier; information about your device operating system; number of clicks; landing pages; cookie information; the amount of time spent on particular pages; the time and date when you downloaded the our software applications or access or use the Services; the frequency with which your device attempts to contact our servers, time, and date of those attempts. We collect this information for the purposes described in this Policy, including to better understand our customer base and to improve the quality of our Services. We may use this information for any lawful purpose, including, for example, to improve the performance of the Services or to develop updates.
c) Information That You Manually Provide.
Account Holders. It is your choice whether to provide Personal Information to Intellicheck by which you may be personally identifiable, such as your first name, last name, email address, postal mailing address, company or organization affiliation, phone number and other contact information. The Personal Information we collect on or through Services includes but is not limited to information that you provide when creating your user's account ("Account") and may include information provided by the company or organization to which you are affiliated. It is your responsibility not to provide Personal Information about yourself that could be misused by others.
Information that you provide to Intellicheck may be collected in the following ways.
- Registration and Login. Certain Services require you to register for an account with us. When you register for an Account, you will be asked to provide some personally identifiable information, such as your full name, email address, and a user name and password that you select. When you register an Account and log in to a Service, you must provide your current, complete, and accurate information. It is your responsibility to keep your information up to date. We are not responsible for any problems, interruptions in access, or liability that may arise if you do not give us complete and accurate information or if you fail to update your information so that it is current.
- Payment Data. We will collect data necessary to process your payment if you make purchases on our websites or through our Services. However, we generally do not view or store credit card holder information, as credit card processing is handled by third parties.
- Correspondence. If you send us personal correspondence, such as emails or letters, contact us via telephone or through our website, or if other users or third parties send us information about your use of the Services, we may save the information in a profile specific to you. We also collect feedback, questions and information that you provide to us for customer support, surveys and testimonials. We will collect and use any data files you send to us for troubleshooting and improving our Services. When you contact us, phone conversations or chat sessions with our representatives may be monitored and recorded in order to improve our Services, and facilitate the processing and resolution of your request or complaint.
Individuals Subject to Scans. If you are an individual whose driver's license or government-issued identification card has been scanned using the Services, the Personal Information we collect about you is limited to the information related to or presented on your driver’s license or government-issued identification card and the results of validating your driver’s license or government-issued identification card. It is your choice whether to provide information relating to your driver’s license or government-issued identification card to Intellicheck.
d) Information From Other Sources
We may obtain both Personal Information and non-personal information about you from our business partners, your employer, our customers, our contractors, our suppliers, and other third parties and add it to our account information or other information we have collected. We and third parties we engage may combine information we collect from you over time and across our Services with information obtained from other sources. This helps us improve the information’s overall accuracy and completeness, and also helps us better tailor our interactions with you.
e) Information Collected in the Past Year
In particular, we have collected the following categories of Personal Information from users in the last twelve (12) months, using the various methods described above.
- Identifiers - A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
- Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) - A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.
- Protected classification characteristics under California or federal law. - Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
- Commercial Information - Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Biometric Information (NOT COLLECTED) - Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
- Internet or Other Similar Network Activity - Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
- Geolocation Data (NOT COLLECTED) – Physical location or movements.
- Sensory Data (NOT COLLECTED) – Audio, electronic, visual, thermal, olfactory, or similar information.
- Professional or Employment-Related Information (NOT COLLECTED) – Current or past job history or performance evaluations.
- Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) (NOT COLLECTED) – Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
- Inferences drawn from other Personal Information (NOT COLLECTED) – Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Use of Information
Account Holders. We may use directly or indirectly information collected on the Services, which may include information gathered about you, for various purposes. In general, we use Personal Information we collect to pursue our mission and operations, including the management of the Services and your Account. This may include storing information in connection with your Account profile so that we can recognize you when you access your Account and determine if you are using the Services in accordance with the terms of your subscription or your affiliated company or organization’s subscription. We may also use your Personal Information to operate, maintain, and improve the Services (including providing you a more personal experience); communicate with you; provide you information about products and services (including products and services of third parties); resolve complaints and disputes; collect fees owed; detect and protect against errors, fraud, and criminal activity; assist law enforcement; enforce this Policy and any terms related to our Services; an any other purposes described in this Policy or that we describe to you at the time of collection.
You understand, consent and agree that we may collect, transmit, process, maintain, store, analyze, and otherwise use data about you and aggregate it with information from multiple users for the purpose of improving and enhancing the quality and nature of services offered by Intellicheck, or to market or publish general information and statistics. You also acknowledge that we may collect, transmit, process, maintain, store, analyze and otherwise use data about you that relates to your personal use of the Services or Account.
We may use your Personal Information to send you emails or other communications related to your Account or the Services, or in response to your inquiries or requests. You may not opt-out of receiving service-related messages that are not promotional in nature. We may also send you marketing emails, surveys, or newsletters to notify you about products or services that may be of interest to you. If you would like to stop receiving marketing emails from us, please click on the unsubscribe link at the bottom of any marketing email you receive. If you opt-out, you will continue to receive service-related emails.
We reserve the right, but do not undertake a duty, to notify you of court orders, subpoenas or other legal process if allowed. If you do not want us to respond to legal process compelling us to disclose your information, you need to seek a valid order permitting us to refuse to disclose it and serve the order on us at least three (3) business days before the response deadline.
In general, unless otherwise required by law, we will retain your Personal Information only as long as necessary for the uses described in this Section. We do not undertake retention obligations through this Policy. We may dispose of information in our discretion without notice, subject to applicable law.
Individuals Subject to Scans. If you are an individual whose driver's license or government-issued identification card has been scanned using the Services, we may use your Personal Information to provide the Services, including but not limited to, validating your driver’s license or government-issued identification card, providing details presented on your driver’s license or government-issued identification card to the person, organization, or entity who used the Services to execute the scan, and communicating the results of such validation to the person, organization, or entity who used the Services to execute the scan.
Once a scan of your driver’s license or government-issued identification card is executed using the Services, we create a temporary copy of such document submitted for scanning and the results of validating your driver’s license or government-issued identification, which we delete once the validation is completed. Generally, we do not permanently store a copy of your driver’s license or government-issued identification card that you submit for scanning except in the following circumstances:
- If we have problems validating your driver’s license or government-issued identification card, we will retain your information for as long as it is required to perform diagnostics, trouble-shoot the error, rectify the error, or to make improvements to the Services;
- If the person, organization, or entity who used the Services to execute the scan requests that we retain your information, we will do so for the period specified by that person, organization, or entity; or
- We may retain the general information relating to your driver’s license or government-issued identification card, including but not limited to the following information: date and time of the executed scan, details regarding the issuer of the identification document, authenticity and type of identification document, date of issue and date of expiration, and format and rotation of the identification document. In general, we will retain such information indefinitely, or as long as legally required or allowed.
When we disclose Personal Information to a third party, we enter into a contract that describes the purpose of the disclosure and requires the recipient to keep that Personal Information confidential and use it only for performance of the contract, and not for any other purpose. We disclose your information, including any Personal Information, in the circumstances described below.
We will not sell or rent any of your Personal Information to third parties for marketing purposes. However, we may disclose your information to any affiliated entity or organization and to service providers and the company or organization with which you are affiliated. We may also share non-identifying information with third parties for any lawful purposes, including analyzing trends, research, Services administration, tracing users’ movements around the Services, and to improve our business, products, and Services. Use of information by affiliated entities and organizations will be subject to this Policy or an agreement that is at least as restrictive as this Policy.
In some cases, we may disclose your information as required by law: if we believe that disclosure is needed to protect our rights; to government regulators; to law enforcement authorities; in connection with any judicial proceeding, court order, subpoena, or legal process served on us or the Services; and to respond to a physical threat to you or another person.
Further, if we ever file bankruptcy or engage in a business transition such as merger with another company or if we sell or reorganize all or a part of the Services or our business or assets, we may disclose your information, including to prospective or actual purchasers in connection with one of these transactions.
If you are an individual whose driver's license or government-issued identification card has been scanned using the Services, we will not generally disclose to third parties a copy of your driver’s license or government-issued identification card that you submit for scanning or the results of validating your driver’s license or government-issued identification card except as required by law or in the context of bankruptcy or business transition (as described above) or in the following circumstances:
- We may share the scan of your driver’s license or government-issued identification card or the results of validating your driver’s license or government-issued identification card with the person, organization, or entity who used the Services to execute the scan; or
- If we have problems validating your driver’s license or government-issued identification card, we may provide the scan of your driver’s license or government-issued identification card to a third party service provider for the purpose of performing diagnostics, trouble-shooting the error, rectifying the error, or to making improvements to the Services.
b) Disclosures of Personal Information in the Past Year
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose:
- Category A: Identifiers.
- Category B: California Customer Records personal information categories.
- Category C: Protected classification characteristics under California or federal law.
- Category D: Commercial information.
- Category F: Internet or other similar network activity.
We disclosed your Personal Information for a business purpose to the following categories of third parties:
- The organization or entity who used the Services to process your information.
- Service providers.
- Affiliated companies.
- Analytics providers.
Cookies, Locally Shared Objects and Similar Technologies.
Cookies, pixel tags, clear gifs, log file, web bugs, and locally shared objects are technologies that install a small amount of information on your device or its software to permit an application to recognize future visits using your device. We may place cookies, pixel tags, clear gifs, log file, web bugs, locally shared objects, or similar technology in the Services or on your hardware or device (including on its browser). These technologies may enhance the convenience and use of the Services. For example, the information provided through cookies may be used to recognize you as a previous user of the Services (so you do not have to enter your Personal Information every time), offer personalized information for your use, and otherwise facilitate your experience using the Services. Some cookies remain on your computer or device until you delete them. Others, like session ID cookies, expire when you close your browser. If you choose to access or use the Services, you may not be able to decline all tracking technologies. You may decline cookies or other technologies through your device, browser or application settings, but this decision may affect your ability to access or use certain features of the Services.
Steps To Keep Personal Information Secure.
Keeping secure the Personal Information that we collect is of great concern to us. We exercise care in providing secure transmission of your information from your computer to our servers in connection with the Services. Personal Information collected by, through, or in the Services is stored in secure operating environments that are not available to the public. While Intellicheck has mechanisms in place to safeguard your personal information once we receive it, no transmission of data across servers over the Internet or any other public network can be guaranteed to be 100% secure. When you provide information to the Services, you do so at your own risk.
Persons Under the Age of 18.
The Services are intended for users that are 18 or older and are not directed to anyone under the age of 18. We do not knowingly collect Personal Information from anyone under the age of 18. If you become aware that a person under the age of 18 has provided us with personal information without parental consent, please contact us by using the contact information at the bottom of this Policy, and we will take steps to remove the information and terminate that person’s Account.
Accessing and Updating Your Personal Information.
If you would like to cancel your Account or update your Personal Information associated with your Account, you may make such changes by logging into your Account and modifying the applicable fields or contacting Intellicheck. If you do not want your information accessed or stored as described in this Policy, you should not access, use, or register an Account with the Services, and you should not access or use the Services.
Notice to Users Outside the United States.
We are headquartered in the United States. Except as stated in Section 11 below, the Services are governed by United States law. If you are using any of our products or services from outside of the United States, your information may be transferred to, stored and processed in the United States where our servers are located. The United States might not have the same standard of legal privacy protection as Europe. By using any of our products or services and/or communicating with us via mail, email or telephone, you consent to your information being transferred to our facilities in the United States and to the facilities of those third parties with whom we share it as described in this Policy.
California Shine the Light Law
California Civil Code § 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed Personal Information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to firstname.lastname@example.org or write us at Intellicheck, Inc.; 535 Broad Hollow Road; Melville, New York 11747.
While the Services are not intended for anyone under the age of 18, if you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by emailing us at email@example.com or writing us at Intellicheck, Inc. 535 Broad Hollow Road; Melville, New York 11747. When requesting removal, you must specify the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you do not follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your information from the Services do not ensure complete or comprehensive removal of that information from our systems or the systems of our service providers. We are not required to delete information posted by you; our obligations under California law are satisfied so long as we anonymize the information or render it invisible to other users and the public.
California Consumer Privacy Act (CCPA)
In addition to the disclosures made above, California residents are entitled to additional rights under the CCPA. If you are a California resident, please see the Intellicheck Privacy Addendum for California Residents for further information regarding your CCPA rights and how to exercise them in relation to the Services.
The Services and our privacy practices are compliant with The Personal Information Protection and Electronic Documents Act (“PIPEDA”) fair information principles. In addition to the disclosures made above, we:
- Have appointed a privacy officer to monitor our compliance with PIPEDA.
- Only collect Personal Information for the uses described in Section 3 above.
- Only use and disclose Personal Information as described in Section 3 and 4 above.
- Take reasonable steps to verify the accuracy of the Personal Information we collect.
- Take appropriate safeguards to protect the Personal Information, as further described in Section 6 above.
- Implement reasonable technical and organizational measures to safeguard Personal Information and, to the extent we share your Personal Information with third parties who process it on our behalf, we instruct the third parties to process and manage your Personal Information in a manner consistent with Intellicheck standards and the standards of the company or organization that has engaged us to provide services to it, as may be applicable.
If you are a Canada resident, you have the right to request access to the existence, use and disclosure of your Personal Information. Additionally, you have the right to challenge the accuracy and completeness of the information and request to have it amended as appropriate. Finally, you have the right to challenge Intellicheck’s compliance with the PIPEDA fair information principles by contacting our privacy officer. To exercise your rights under this Section, please send an e-mail to firstname.lastname@example.org or write us at Intellicheck, Inc.; 535 Broad Hollow Road; Melville, New York 11747.
Changes to Our Policy.
It is our practice to post any changes we make to our Policy on this page and update the “last modified” date at the top of this document. The date the Policy was last revised is identified at the top of the page. You should periodically visit our Policy to check for any changes.
If you have questions or concerns about our privacy practices, please send an e-mail to email@example.com or write us at Intellicheck, Inc.; 535 Broad Hollow Road; Melville, New York 11747.
Intellicheck Privacy Addendum for California Residents
Last Revised: 6-25-2020
Right to Access Specific Information and Data Portability Right.
You may have the right under the CCPA to request that we disclose certain information to you about our collection and use of your Personal Information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of Personal Information that we have collected about you.
- The categories of sources for the Personal Information that we have collected about you.
- Our business or commercial purpose for collecting or making available that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information that we have collected about you (also called a data portability request).
- If we disclosed your Personal Information for a business purpose, the business purpose for which such Personal Information was disclosed, and the Personal Information categories that each category of recipient obtained.
- If applicable, (1) the categories of your Personal Information that we have made available for valuable consideration; (2) the categories of third parties to whom such Personal Information was made available; and (3) the category or categories of Personal Information that we have made available to each category of third parties.
Right to Delete.
You may have the right under the CCPA to request that we delete any of your Personal Information that we have collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) or vendor(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation or legal order.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Right to Opt-Out.
If you are 16 years of age or older, you may have the right under the CCPA to direct us not to make your Personal Information available for valuable consideration at any time (the “right to opt-out”). We do not make available the Personal Information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in may opt-out at any time.
To exercise the right to opt-out or right to opt-in, you (or your authorized representative) may submit a request to us by sending us an e-mail at firstname.lastname@example.org or writing us at Intellicheck, Inc.; 535 Broad Hollow Road; Melville, New York 11747. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize certain information sharing practices. However, you may change your mind and opt back in at any time by notifying us using the contact information set out above. We will only use Personal Information provided in an opt-out request to review and comply with the request.
Exercising Your Rights.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
Calling us at +1-866-702-6069
Sending us an e-mail at email@example.com
Writing us at Intellicheck, Inc.; 535 Broad Hollow Road; Melville, New York 11747
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make such a request for access or data portability twice within a twelve (12) month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.