Version 2.10

Effective Date: 22 November 2022

Maintaining your privacy and your trust is very important to us at PrivacyCheq. We create privacy-enhancing technologies and services, so we strive to be especially clear on how we use your personal information if and when we collect it, and on the ways in which we can work together to protect your privacy.

This Privacy Policy explains:

  • PrivacyCheq’s overriding general principles regarding your personal information
  • What products and services this policy covers
  • What information we might collect from you and store
  • How we get your consent for the collection and storing of your information
  • How we use that information
  • Who we share that information with
  • Your rights and choices with respect to your information
  • How you can access and update your information
  • The steps we take to protect your information
  • What happens if/when our policy changes
  • Special information regarding children, California and European residents
  • How to contact us directly with questions
  • How to view a less detailed, more concise summary of our policy

Our overriding general principles regarding your personal information

If and when we gather and process your personal information, we are guided by the following best practical principles:

  • Personal data must be processed fairly, lawfully, and in a transparent manner.
  • Personal data must only be collected for specified, explicit and legitimate purposes and must not be further processed in a manner that is incompatible with those purposes.
  • Personal data must be adequate, relevant and limited to only what is necessary in relation to the purposes for which they are processed.
  • Personal data must be accurate and kept up to date. Inaccurate data should be updated or deleted.
  • Personal data should be kept in identifiable format for no longer than necessary.
  • Personal data should be kept secure.
  • We are committed to the principles of data protection by design and data protection by default.

What products and services are covered by this policy?

This Privacy Policy applies to the information that we may obtain from you through your use of PrivacyCheq’s software and services (including AgeCheq, ConsentCheq, our mobile apps, our websites, and our APIs), collectively called the “Services”. If you have any questions or need more information about these Services, please contact us at privacy@privacycheq.com.

What information does PrivacyCheq collect from you and store?

From you directly: You can visit a PrivacyCheq site without telling us who you are and without revealing any personal information about yourself. To provide full service however, we will most often need to collect some personal information. For instance, we collect information about you when you register for an account and when you create or modify your personal data on one of our Services. The types of Information we collect may include email address, country of residence, and (optionally) your name, and phone number.

From cookies: We may also collect “cookie” information that we may save to your computer or mobile device. Cookies are small data files stored on your hard drive or in device memory. We use cookies to improve and customize our Services and your experience; to allow you to access and use our Services without re-entering your username or password; to log visits and to understand which areas and features of the Services are most popular. We may also associate the information we store in cookies with personal information you submit while using our Services. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Services.

Logs: We may record certain information and store it in log files when you interact with our Services. This information may include Internet protocol (IP) or other device addresses or ID numbers as well as browser type, Internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, your mobile carrier, and system configuration information.

Third Party Services: We may obtain information, including personal information, from third parties such as our partners and service providers, and combine it with other information we collect from you.

How do we get your consent for collecting and storing your information?

Prior to asking for your consent to collect personal information from you for any aspect of our Services, it is PrivacyCheq’s policy to make available the highest possible quality information explaining your options at the point of consent. To the extent possible, we believe that pre-consent “Notice” should be explicit, specific, informed, and intelligible. And, it should be easily accessible and use clear and plain language.

As to content of the notice, as appropriate, it should clearly set forth:

  • Who is collecting the data, and why
  • The legal basis under which your data is being collected
  • A description of what your data will be used for
  • How long the data controller will keep the personal data, or how that period is calculated
  • If automated processing is used the notice should reveal where data subjects may lodge complaints
  • The existence of  important rights regarding your personal information
  • Whether the controller intends to further process the data
  • Any data processors the data controller hopes to use
  • Information on how to reach a data privacy officer of the data collector

Once proper information supporting your options has been presented, you can make your informed choice for positive explicit consent or withhold your consent. The legal basis for processing personal data is based on the consent of the data subject as enumerated in point (a) of Article 6(1) of the GDPR.

How do we use the information we collect?

We may use the information we collect for a variety of purposes, including to:

  • Make the PrivacyCheq Services work for you;
  • Provide, operate, maintain, improve, personalize, and promote our Services;
  • Process and complete transactions, and send you related information, including purchase confirmations and invoices;
  • Communicate with you, including responding to your comments, questions, and requests; providing customer service and support;
  • Providing you with information about services, transmitting technical notices, updates, security alerts, administrative messages, or advertising or marketing messages;
  • Providing other news or information about us and our select partners;
  • Monitor and analyze trends, usage, and activities in connection with our Services;
  • Investigate and prevent fraudulent transactions, unauthorized access to our Services and other illegal activities;
  • We may also use the information we collect for other purposes about which we notify you in subsequent versions of this document.

Who does PrivacyCheq share information with?

PrivacyCheq is not in the business of selling your personal information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your personal information with third parties, as set forth below:

With your express consent: We will not share your personal information with companies, organizations, or individuals who are not associated with PrivacyCheq unless we have your affirmative consent to do so.

For your use: When you use our Services, certain features allow you to make some of your personal data (such as what applications you give your consent to process your data) accessible to organizations that use our Services in their applications. We urge you to consider the sensitivity of any information prior to sharing it publicly or with other users.

Access by a PrivacyCheq support administrator: PrivacyCheq support may be able to:

  • Access information in and about an account on one of our Services
  • Disclose, restrict, or access information that you have provided or that is made available to you when using a PrivacyCheq Service
  • Delete your PrivacyCheq Services account(s).

Credit Card Processing: We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use billing information except for the sole purpose of credit card processing on PrivacyCheq’s behalf.

Agents, Consultants and Related Third Parties: PrivacyCheq sometimes hires other companies to perform certain business-related functions on our behalf. Examples of such functions include mailing information, maintaining databases, maintaining websites, marketing, and processing payments. When we employ another company to perform a function of this nature, we only provide it with the information that it needs to perform its specific function. Compliance with Laws and Law Enforcement Requests, Protection of Our Rights: We may disclose your information (including your personal information) to a third party if:

  • We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request
  • To protect the security or integrity of PrivacyCheq’s products and services
  • To protect the property, rights, and safety of PrivacyCheq, our customers or the public from harm or illegal activities
  • To respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person; or
  • To investigate and defend ourselves against any third-party claims or allegations.

Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will notify you of such a change in ownership or transfer of assets by posting a notice on our website.

Aggregate or Non-identifying Data: We may share aggregate or other non-personal information that does not directly identify you with third parties in order to improve the overall experience of our Services.

What are your rights and choices with respect to your information?

PrivacyCheq’s policy is to always provide you with an informed choice where providing your personal information is concerned. In all of our operations regarding your privacy, we strive for full compliance with the European Union’s General Data Protection Regulation (also known as Regulation (EU)2016/679 or “GDPR”). The GDPR enumerates a number of Rights of Data Subjects which we respect as your rights. A partial list includes:

  • The right to have information presented to you in a concise, transparent, intelligible, and easily accessible form, using clear and plain language.
  • The right to have access to your data and the ability to correct inaccuracies and omissions.
  • The right to be informed about your data including what data is processed, and the purpose for which it is processed.
  • The right to object – If you ask, we will stop processing your data.
  • The right of erasure, or right to be forgotten – If you ask, we will erase the personal data that we hold.

You may decline to share certain personal information with us, in which case we may not be able to provide some of the features and functionality of our Services. You may make changes to your personal information at any time by logging onto the appropriate PrivacyCheq service web page and navigating to the account settings page. You may optionally choose to never receive normal email communications from PrivacyCheq. In the interest of security, even after you opt out from receiving email messages from us, you will continue to receive security-related administrative messages from us regarding our Services.

You can learn more about the specific EUs rights granted by GDPR at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/my-rights/what-are-my-rights_en.

How can you access and update your information?

You can access and update your personal information from the account settings section of the appropriate PrivacyCheq service web page at any time. To make such a request and/or to pose any other questions regarding this Privacy Policy, please contact PrivacyCheq via email at privacy@privacycheq.com.

Manual requests made to PrivacyCheq to access, change or delete personal information will be addressed within 15 business days. We will only retain your personal information for as long as your account is active or as needed to provide you products or services. We will retain and use your personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

What steps do we take to protect your information?

The security of your personal information is very important to us. When you enter personal information on our registration pages or dashboards, we follow generally accepted security standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, please contact us at privacy@privacycheq.com.

What if PrivacyCheq changes this privacy policy?

We may change and update this Privacy Policy from time to time. If we make any changes, we will so indicate by revising the version and date at the top of the Policy document and, in cases where appropriate, we may provide you with additional notice such as posting a statement on the login screen or by sending you an emailed notification. Your continued use of our Services after the revised Policy has become effective indicates that you have read, understood, and agreed to the current version of this Policy. If we change our policy in a way that materially affects your privacy, we may request your affirmative consent to the new terms.

How does PrivacyCheq address the privacy of children?

Children could potentially try to use some of the PrivacyCheq Services. We do not knowingly collect personal information from children under the age of consent in your location. Instead, our Services will guide a child to ask a responsible adult to create an account, prove their identity, and give their parental consent for us to collect that child’s personal information. If we become aware that a child under the age of consent has provided us with personal information without a parent or guardian’s consent, we will take steps to delete such information. If you become aware that a child has provided us with personal information without parental consent, please contact us at privacy@privacycheq.com.

How does PrivacyCheq comply with California privacy rights?

PrivacyCheq complies with the California Consumer Privacy Act of 2018 (CCPA) regarding the privacy rights of Californians. To learn more about the specifics of this law please visit https://oag.ca.gov/privacy/ccpa.

PrivacyCheq does not sell your personal information for any purpose. As an indication of our compliance with CCPA’s notice regulations, we may display a choice labelled Do Not Sell My Personal Information. Operationally, selecting this choice will simply provide reassurance that PrivacyCheq does not sell personal information.

California Civil Code Section 1798.83 permits State of California residents using PrivacyCheq’s Services to request information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, or to convey an opt-out choice for any use of your information, please contact us at privacy@privacycheq.com.

Privacy Shield Notice (As advised by US Dept of Commerce)

PrivacyCheq complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. PrivacyCheq has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. In cases of onward data transfer to third parties of data received pursuant to the EU-US Privacy Shield, PrivacyCheq is potentially liable. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

In compliance with the EU-US Privacy Shield Principles, PrivacyCheq is committed to resolve complaints about our collection or use of your personal information. Individuals in the European Union with inquiries or complaints regarding our Privacy Shield policy should first contact PrivacyCheq at privacy@privacycheq.com.

PrivacyCheq has further committed to refer unresolved Privacy Shield complaints to the EU Data Protection Authorities. Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. PrivacyCheq will cooperate with the appropriate EU Data Protection Authorities during investigation and resolution of complaints brought under Privacy Shield. These recourse mechanisms are available to you at no cost.

The US Federal Trade Commission has jurisdiction over PrivacyCheq’s compliance with this Policy and the EU-US Privacy Shield Framework. As a last resort, privacy complaints that remain unresolved after pursuing these and other channels may be subject to binding arbitration before the Privacy Shield Panel to be created jointly by the US Department of Commerce and the European Commission.

What if I have questions about this policy?

If you have any questions or comments about our privacy policies, about your personal information, about our use and disclosure practices, or about your consent choices, please email us at privacy@privacycheq.com and we will respond promptly.

How can I view more concise information about this privacy policy?

A summary of Privacy Facts in a more simple format can be viewed here.