Privacy Notice – Services

Last Modified: 2020-06-26

Introduction

SheerID, Inc. (“SheerID” or “We”) respects your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you use our verification services (the “Services“) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect from you when you use the Services to validate your eligibility status for special offers of SheerID’s customers.

It does not apply to information collected:

  • On our websites;
  • In email, text, and other electronic messages between you and SheerID, other than those communications specifically attributed to the Services;
  • By us offline or through any other means, including on any other websites operated by SheerID or any third party (including our affiliates and subsidiaries); or 
  • By any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to our Services.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By using the Services, you agree to this privacy policy.

Children Under the Age of 16

Our Services are not intended for children under 16 years of age. No one under age 16 may provide any information to or through our Services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information to the Services. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at [email protected].

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Services, including information:

  • By which you may be personally identified, such as name, email address, and date of birth (“personal information“);
  • That is about you but individually does not identify you, such as IP address, username, password, military status, education status, organizational association, etc.

We collect this information:

  • Directly from you when you provide it to us.
  • Automatically when you use our Services. Information collected automatically may include usage details, IP addresses, logs, location data, and information collected through cookies and other tracking technologies.
  • From third parties, for example, our business partners and customers.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

  • To fulfill the purpose for which you provide it, including to verify your eligibility for our customers’ benefits. Verification of your eligibility may be automated, may be performed by our employees, or may be performed by contractors who assist us in providing our services.
  • To protect our customers from fraud in association with the benefits and offers they provide.

If you have provided access credentials to us in your use of the Services, you expressly authorize SheerID to access your information maintained by the third parties associated with the access credentials, on your behalf as your agent, and you expressly authorize such third parties to disclose your information to us. For purposes of this Agreement and solely to provide the Services, you grant SheerID a limited power of attorney, and appoint SheerID as your attorney-in-fact and agent, to access the relevant third party sites, retrieve and use your information.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. 

We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To fulfill the purpose for which you provide it. If you seek to accept a benefit from one of our customers, we may share your information with the customer. Your information may be used by our customers to provide you with products or services or to inform you of additional products or services. When your information is forwarded to our customer or when you land on one of our customers’ websites, your information becomes subject to our customer’s privacy policy. Each customer’s privacy policy should be published on its website and you should review their policy as well as this one.
  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our business by providing verification services on our behalf. Each is bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of SheerID’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by SheerID about our Services users is among the assets transferred.

We may also disclose your personal information:

  • If we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud in the use of our Services or to protect the property or other rights of SheerID, our customers, or other users, third parties or the public at large;
  • If we believe that you have abused the Services by using it to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws or in violation of our Terms of Use. You should be aware that, following disclosure to any third party, your information may be accessible by others to the extent permitted or required by applicable law.
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

Accessing and Correcting Your Information

You may send us an email at [email protected] to request access to, correct or delete any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Your California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit our CCPA Privacy Notice for California Residents.

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We DO NOT disclose your personal information to third parties for their direct marketing purposes.

Binding Arbitration

You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your compliant directly with SheerID and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration).

Other Applicable Laws

SheerID is headquartered in the United States of America and our Services are primarily directed to visitors who are located in the U.S.A.  Our use of personal information is subject to applicable US privacy laws. SheerID’s verification services comply with all applicable privacy laws, including but not limited to the Family Educational Rights and Privacy Act (FERPA) and the Children’s Online Privacy Protection Act (COPPA).

We comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

In compliance with the EU-US and Swiss-US Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at: [email protected].

We have further committed to refer unresolved privacy complaints under the EU-US and Swiss- US Privacy Shield Principles to an independent dispute resolution mechanism, the BB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

We are subject to the investigatory and enforcement powers of the Federal Trade Commission in the case of any failure to comply with the Privacy Shield.

We are required to take certain steps when transferring personal data received from the European Union or Switzerland to third parties (such as including necessary contractual provisions in our third-party contracts). We may be potentially liable in cases of onward transfer of EU or Swiss individuals’ data received pursuant to the Privacy Shield to third parties.

SheerID is committed to the Géant Data Protection Code of Conduct, available at: http://www.geant.net/uri/dataprotection-code-of-conduct/v1.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. 

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted through our Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained in the Services.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

[email protected]

Remember that email is not secure. We recommend that you do not send sensitive information to us via unencrypted email.