Effective Date: December 30, 2022
If you are a California or Virginia resident, please see Section 18 of this policy for more information about your specific privacy rights.
- Information We Collect
- How We Use Information We Collect
- Our Legal Basis for Collecting Personal Data
- Information We Share
- Your Failure to Provide Personal Data
- Our Retention of Your Personal Data
- Your Choices and Accessing, Updating or Deleting Your Personal Data
- Third Party Links
- International Transfer
- How We Protect Personal Data
- Direct Marketing and “Do Not Track” Signals
- IDology Partners
- How to Contact Us
- Your US Privacy Rights
Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.
Information We Collect
Common examples of Personal Data include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.
“Sensitive Personal Data” may vary by jurisdiction and refers to a smaller subset of Personal Data which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation.
When you use our Services, we collect Personal Data in the following ways:
Information You Give to Us
As you evaluate whether IDology is the right solution for your company, you may choose to provide us with Personal Data about yourself, including your name, organization name, phone number, and email address by completing forms on our website, such as when you request to schedule a demo. You may also choose to provide us with employment and education information in addition to Personal Data when you apply for a job at IDology via our Site.
In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Data about yourself when you report a problem or have a question about our services.
The Sites offer interactive and social features that permit you to submit content and communicate with us. You may provide Personal Data to us when you post information in these interactive and social features. Please note that your postings in these areas of the Sites may be publicly accessible or accessible to other Users.
Information We Obtain from Your Use of Our Services
We collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Sites and Services, such as creating or logging into your account, or opening or interacting with the Services on Your mobile device. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited. We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties.
We may partner with third parties that offer IDology Services to their employees and customers. In such cases, those companies may provide us with your name, email address, or similar information.
Cookies and Similar Technologies
We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third-party advertising and analytics partners include Google, Pardot and similar partners.
The technologies we use for this automatic data collection may include:
- Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count Users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
- Clickstream Data. Clickstream data is information collected by our computers when you request Web pages from the Sites. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.
How We Use Information We Collect
We use your Personal Data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:
- To present, operate or improve the Site and Services, including analysis of Site activity;
- To inform you about Services and products available from IDology;
- To authorize access to our Sites and Services;
- To provide, maintain, administer or expand the Services, performing business analyses, or for other internal purposes to support, improve or enhance our business, the Services, and other products and services we offer;
- To offer and administer programs;
- To customize or tailor your experience of the Services;
- To administer content, promotion, sweepstakes, surveys, voting polls or other Site features;
- To communicate about, and administer your participation in, special programs, surveys, contests, online campaigns, online programs, sweepstakes, and other offers or promotions, and to deliver pertinent emails;
- To improve our Site and Services;
- To secure our Services, including to authenticate Users;
- To use statistical information that we collect in any way permitted by law, including from third parties in connection with their commercial and marketing efforts;
- To respond to and support Users regarding their use of the Sites and Services;
- To comply with all applicable legal requirements;
- To perform data analysis and testing;
- To resolve disputes;
- To otherwise fulfill the purpose for which the information was provided.
We use the information we collect from our Sites to provide, maintain, and improve them, to develop new services, and to protect our company and our Users.
We use information collected from cookies and other technologies, to improve your User experience and the overall quality of our services. For example, by saving your language preferences, we’ll be able to have our services appear in the language you prefer. We may use your Personal Data to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it. We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
Our Legal Basis for Collecting Personal Data
Whenever we collect Personal Data from you, we may do so on the following legal bases:
- Your consent to such collection and use;
- Out of necessity for the performance of an agreement between us and you, such as your agreement to use our Services or your request for Services;
- Our legitimate business interest, including but not limited to the following circumstances where collecting or using Personal Data is necessary for:
- Intra-organization transfers for IDology Partner data for administrative purposes;
- Product development and enhancement, where the processing enables IDology to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our Users, and to better understand how people interact with our Sites;
- Communications and marketing, including processing data for direct marketing purposes, and subject to your opt-in for these purposes, and to determine the effectiveness of our promotional campaigns and advertising;
- Fraud detection and prevention;
- Enhancement of our cybersecurity, including improving the security of our network and information systems; and
- General business operations and diligence;
Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
Information We Share
- With your consent. We will share Personal Data with companies, organizations or individuals outside of IDology when we have your consent to do so.
- Enterprise Accounts. Your employer or your organization may offer you access to our Services. We will share Personal Data with your employer or organization. Your employer or organization can review and manage your use of such enterprise Services.
- For Legal Reasons. We will share Personal Data with companies, organizations or individuals outside of IDology if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request.
- detect, prevent, or otherwise address fraud, security or technical issues.
- protect against harm to the rights, property or safety of IDology, our Users or the public as required or permitted by law.
We attempt to notify Users about legal demands for their Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
- Business Transfers. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Data about our Users is often a transferred business asset. In the event that IDology itself or substantially all of our assets are acquired, Personal Data about our Users may be one of the transferred assets.
- Non-Personal and Aggregate Site Use Information. IDology may compile and share your information in aggregated form (i.e., in a manner that would not personally identify you) or in de-identified form so that it cannot reasonably be used to identify an individual (“De-Identified Information”). We may disclose such De-Identified Information publicly and to third parties, or to IDology Partners under agreement with us.
Your Failure to Provide Personal Data
Your provision of Personal Data is required in order to use certain parts of our services and our programs. If you fail to provide such Personal Data, you may not be able to access and use our Services and/or our programs, or parts of our Services and/or our programs.
Our Retention of Your Personal Data
We may retain your Personal Data for a period of time consistent with the original purpose for collection. For example, we keep your Personal Data for no longer than reasonably necessary for your use of our programs and Services and for a reasonable period of time afterward. We also may retain your Personal Data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
Your Choices and Accessing, Updating or Deleting Your Personal Data
Whenever you use our Services, we aim to provide you with choices about how we use your Personal Data. We also aim to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of personal information we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that personal information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.
Your EEA Rights With Respect to Personal Data
Some data protection laws, including the European Union’s General Data Protection Regulation (“GDPR”), corresponding legislation in the United Kingdom, and some U.S. state laws, provide you with certain rights in connection with Personal Data you have shared with us. If you are resident in the European Economic Area, you may have the following rights:
- The right of access. You have the right to request a copy of your Personal Data which we hold about you.
- The right of correction. You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
- The right to be forgotten. You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
- The right to object (opt-out). You have the right to opt-out of certain uses of your Personal Data at any time.
- The right to data portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers / IT environment to another service provider’s servers / IT environment.
- The right to refuse to be subjected to automated decision making, including profiling. You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- The right to lodge a complaint with a supervisory authority.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. To make these requests, you may contact us using the contact information below, and we will consider your request in accordance with applicable laws. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.
In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Changing or Deleting Your Information
You may update or correct information about yourself by making changes to your profile by emailing us at email@example.com. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.
We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.
Our Marketing Opt-in/Opt-out Policy
We currently provide the following opt-out opportunities:
- At any time, you can follow a link provided in offers, newsletters or other email messages (except for e-commerce confirmation or service notice emails) received from us or an IDology Partner to unsubscribe from the service.
- At any time, you can contact us through firstname.lastname@example.org or the address or telephone number provided below to unsubscribe from the service.
Your Ad Choices
Please note that we do not “share” (as defined under the California Privacy Rights Act) your personal information; we do not engage in targeted or cross-context behavioral advertising.
You may find more information about entities involved in online advertising and additional choices you may make, including opt-out of having your information used for internet-based advertising, through the Network Advertising Initiative (“NAI”) at the NAI Service, and the Digital Advertising Alliance (the “DAA”) at the DAA consumer choice service. IDology is a participant in the online industry’s self-regulatory program administered by the DAA and has agreed to adhere to the DAA’s principles applicable to interest-based ads.
The tools provided at the DAA opt-out page and the NAI opt-out page are provided by third parties, not IDology. IDology does not control or operate these tools or the choices that advertisers and others provide through these tools.
The Sites may contain links to webpages operated by parties other than IDology. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the User to take precautions to ensure that whatever links the User selects or software the User downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature. These websites and services may have their own privacy policies, which the User will be subject to upon linking to the third party’s website. IDology strongly recommends that each User review the third party’s terms and policies.
We are committed to complying with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data.
If we transfer your Personal Data out of your jurisdiction, we will implement suitable safeguards and rely on legally-provided mechanisms to lawfully transfer data across borders to ensure that your Personal Data is protected.
How We Protect Personal Data
IDology maintains administrative, technical and physical safeguards designed to protect the User’s Personal Data and information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms. For example, we restrict access to personal information to IDology employees, contractors, business partners and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We use commercially reasonable security measures such as encryption, firewalls, and Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.
If IDology collects account information for payment or credit, IDology will use the information only to complete the task for which the account information was offered.
The Site is not intended for use by minors. We do not intentionally gather Personal Data about visitors of this Site who are minors. If a minor has provided us with Personal Data, a parent or guardian of that minor may contact us to have the information deleted from our records. If you believe that we might have any information from a minor, please contact us at email@example.com. If we learn that we have collected the personal information of a minor, we will take steps to delete the information as soon as possible.
Please note that we do not control the information that we receive for processing under our Services from our customers or Partners, which we know may contain information from consumers under the age of 16. Therefore, we have actual knowledge that we may sell the personal information of consumers under 16 years of age (but not of consumers under the age of 13).
Direct Marketing and “Do Not Track” Signals
IDology does not track its users over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.
California residents are entitled to contact us to request information about whether we have disclosed Personal Data to third parties for the third parties’ direct marketing purposes. Under the California “Shine the Light” law, California residents may opt-out of our disclosure of Personal Data to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your Personal Data with third parties for marketing purposes at any time by submitting a request via our webform. California users may request further information about our compliance with this law by contacting us via our webform or by writing to us at the address listed in the “How to Contact Us” section.
How to Contact Us
Via our toll-free number at: 1(833) 383 0085
Send mail to our address:
2018 Powers Ferry Rd SE, Suite 720
Atlanta, GA 30339
Your US Privacy Rights
California and Virginia residents may exercise the following rights via our webform, or by calling our toll-free number: 1(833) 383 0085.
- Right to Know. You have the right to request information on, the personal information we collected about you in the last 12 months, including the categories of personal information, the categories of sources from which your personal information was collected from, the business or commercial purpose for collecting, selling, or sharing your personal information, the categories of third parties to whom we disclosed your personal information to, and the specific pieces of personal information we have collected about you;
- Right to Delete. You have the right to request that we delete Personal Data that we have collected from you, subject to certain exceptions.
- Right to Correct.You have a right to request that we correct inaccurate Personal Data that we maintain on you.
- Right to Opt Out.You have the right to opt out of the sale of your Personal Data. To make a request please use our Opt-Out Webform.
- Right to No Discrimination.You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights. This includes employee, applicant, or independent contractor rights to not to be retaliated against for the exercise of your privacy rights. We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights.
Sensitive Personal Data: We will not use or discloses your sensitive personal information for purposes other than those specified in section 7027 of the California Consumer Privacy Act regulations, subsection (m).
Verification: In order to exercise your rights, we will need to obtain information to locate you in our records and verify your identity depending on the nature of the request. If you are submitting a request on behalf of a household, we will need to verify each member of the household in the manner set forth in this section.
For Right to Know, Right to Correct, and Right to Delete, we will request an ID Document, as well as information on your First Name, Last Name, , Email Address, Phone, Postal Address, and Date of Birth to verify your identity and ask that you declare, under penalty of perjury, that you are who you say you are.
For Right to Opt-Out, we will only request that you provide us with First Name, Last Name, Email Address, Phone, Postal Address, and Date of Birth (but we will not verify your identity and therefore will not need you to provide an ID document).
Opt-Out Preference Signal: If you have enabled your opt-out preference via a compatible web browser (i.e., DuckDuckGo and Brave)., our opt-out preference signal will be applied to your browser when you visit our Site.
Authorized Agents: You may use an authorized agent to exercise your rights on your behalf. If you are making any of the requests above through an authorized agent, we will request written authorization from you and will seek to verify you as described above or we will accept a legal Power of Attorney under the California Probate Code to the authorized agent. To make a request using an authorized agent, use our webform and upload documentation demonstrating you have authorized the agent to exercise rights on your behalf.
Appeal: If you are a resident of a US State that allows you to appeal a decision we have made in connection with your attempt to assert a right under applicable US Privacy Law, you may file an appeal of our decision by contacting us at firstname.lastname@example.org. Please ensure you provide us with the postal address in which you reside, accompanied with details for the basis of your appeal.
Your jurisdiction may allow you to file a complaint with the state’s Attorney General’s Office regarding any concerns with the result of your appeal request. For Virginia, you may do so by using the following: (www.oag.state.va.us/consumer-protection/index.php/file-a-complaint).
Timing: We will respond to Requests to Delete and Requests to Know within 45 days, unless we need more time in which case we will notify you and may take up to 90 days total to respond to your request.
Minors under 16: Please note that we do not control the information that we receive for processing under our Services from our customers or Partners, which we know may contain personal information from consumers under the age of 16. Therefore, we have actual knowledge that we may sell the personal information of consumers under 16 years of age (but not of consumers under the age of 13). The processes for collecting consent from these consumers are set by our customers who are the entity that is collecting the information directly from the consumer and transferring it over to us for subprocessing. We have put contractual obligations on them for compliance as required under applicable law.
Pursuant to US Privacy Law requirements, below is a summary of the Personal Data we collect and process:
Personal Data Collected/Processed:
|Personal Data Categories||Sources of Personal Data||Business or Commercial Purpose for Collection||Have we Sold the Personal Data to Third Parties||With Whom We Share Personal Data|
|Identifiers and information protected by Cal. Civ. Code 1798.80(e), such as real name, address, telephone number, email address, IP address, date of birth, login name or handle, and other similar identifiers||You or IDology partners/customers to whom you provide it to.||To enable use of our Sites, Services, products, to communicate with you, to understand how our users interact with our Sites, to improve our offerings, to market our products or services, to secure our Services, to fulfil our legal compliance obligations, in connection with a business merger or transaction, and otherwise for internal business purposes and to comply with applicable legal requirements||Yes, to our customers, to whom you provided the information to, and our technology providers, in order to enable our Services and products to function.||We share this information with our service providers, and with business partners and affiliates, in order to enable our Services and products to function.|
|Financial information, such as credit or debit card information (solely in relation to our B2B transactions with our customers).||You||To transact with you if you use our products or services, to enable transactions you’ve requested, and otherwise for our own internal business purposes||No||We share this information with our service providers and business partners and affiliates, in order to enable our Services and products to function|
|Commercial information and preferences, such as product purchase history, and contact information (name, job, title, work email, phone, and address) (solely in relation to our B2B transactions with our customers).||You||To transact with you, in your capacity as a B2B employee, if you use our Sites, products, or services, to enable transactions you’ve requested as a B2B employee, to market our products or services, and for our own internal business purposes such as record-keeping||No||We share this information with our service providers, third party advertising and analytics partners, and business partners and affiliates, in order to enable our Services and products to function|
|Internet or other electronic network activity information, such as system version, browser type, internet service provider, browsing history, websites visited prior to our Sites, cookie IDs, device type, details about how you use our Site, the referring web page and pages visited, and other similar activity information||Your device||To enable use of our Sites, services, and products, to communicate with you, to understand how you interact with our Sites, to secure our Services, to market our products or Services, and to improve our offerings||No||We share this information with our service providers, third party advertising and analytics partners, and business partners and affiliates, in order to enable our Services and products to function|
|Image: Photo on a passport, driving license, or other identification document, (including the personal information contained therein), self-taken photos||IDology partners/customers to whom you provide your image to.||To enable use of our services and products.||No||We share this information with our service providers, third party advertising and analytics partners, and business partners and affiliates|
|Sensitive Personal Information: your geolocation, driver’s license and passport numbers, social security numbers, citizenship/immigration status contained in passports; |
Biometric Information, meaning facial algorithms match scores for the purpose of authenticating ID documents
Information Pertaining to Minors and Children, our customers may provide us with personal information pertaining to individuals who fall under this age group. We do not target this group for collection ourselves and cannot control the data that our customers provide to us.
|You and Your device, or IDology partners/customers to whom you provide it to.||To enable use of our services and products. For employees, we would collect this for standard and/or legally mandated hiring and HR purposes.||* Yes, to our customers, to whom you provided the information to, and our technology providers, in order to enable our Services and products to function.|
*Excluding biometric information and for employment purposes, for which no sale of personal data is performed.
|We share this information with our service providers and business partners and affiliates, in order to enable our Services and products to function|
|Professional or employment-related information, such as job title, employment history, background checks, and organizational affiliation||You, or any third party to whom you have granted permission to provide us with the relevant personal information||To provide services or products you’ve requested, to comply with applicable legal obligations, and for internal business purposes. For employees, we would collect this for standard and/or legally mandated hiring and HR purposes||No||We share this information with our service providers and business partners and affiliates, in order to enable our Services and products to function|
|Inferences and insights drawn from your interactions or transactions with our customers (which they provide to us) to provide our customers with fraud detection services.||IDology partners/customers to whom you provide it to.||To enable use of our services and products.||Yes, to our customers, to whom you provided the information to, and our technology providers, in order to enable our Services and products to function.|