Privacy Policy
Published on: Oct 1, 2024
1. Introduction and Scope
This privacy policy (this “Privacy Policy”) covers and describes how YeshID Inc. and its subsidiaries and affiliates (“YeshID”, “We” or “Us”) collect, use, share, secure and disclose the personal data we collect from individuals who interact with www.yeshid.com and our websites that link to this Privacy Policy or who initiate communications with us (“Visitors”), individuals who register to use our products and services on behalf of a themselves or an entity or organization (“Customers”) individuals who register for or attend our marketing events or receive our marketing emails (“Attendees”) and individuals who submit an application for a career opportunity at YeshID (“Job Applicants”).
Our websites, apps, and services are designed for businesses and their representatives. We do not target consumers – individuals who seek to use products and services for their personal or household use. Accordingly, we treat all personal data we collect as pertaining to individuals in their business capacity and not their individual capacity.
YeshID as a Data Processor or Service Provider.
In their use of our products and services, Customers may submit data and information to YeshID to be processed. The security and privacy practices governing our Customers’ use of our services and how we store, process, transmit and disclose the data submitted to the services by our Customers are described in and governed by our service contracts with our Customers. To the extent a Customer submits to the services the personal data of European persons (including the United Kingdom and Switzerland) or other persons who are protected by similar data privacy laws, YeshID processes that personal data as a data processor or as the Customer’s sub-processor (as the case may be). Customers are solely responsible for establishing the policies governing, and ensuring compliance with all applicable laws and regulations related to, the Customer’s collection and submission of personal data to our services. Any personal data about an individual (i.e., a “data subject”) provided to us by a Customer is the responsibility of the Customer and is not covered by this Privacy Policy.
YeshID acknowledges that you may have the right to access your personal data. YeshID has no direct relationship with the data subjects whose personal data we process on behalf of our Customers. An individual who seeks to access, correct, amend, or delete personal data about them that we process on behalf of our Customers should direct their requests or queries to our Customer (i.e., the data controller). In addition, we will forward to the applicable Customer any request by a data subject received by YeshID regarding personal data processed on behalf of that Customer.
YeshID as a Data Controller
Please read this Privacy Policy carefully to understand the categories and specific pieces of personal data we collect and how we collect, use, disclose, and protect the personal data of our Visitors, Customers, Attendees, and Job Applicants, as well as the choices available to you regarding that information.
International Data Transfers
When YeshID operates as a data controller (i.e., when we determine the manner, purposes and means of the processing of others’ personal information), YeshID may collect from, transfer to, or process, and store your personal information in the United States and other countries other than the country where you live. When we transfer personal data from the EU, Switzerland, or UK to any other country, we will do so according to an adequate mechanism of transfer as required by applicable laws or regulations.
2. YeshID Collection and use of personal information
Information that we collect from or about you includes the following:
2.1. What categories and specific types of personal data does YeshID collect?
Information that we collect from or about you includes the following:
We do not collect any “Special Categories of Personal Data” or Sensitive Information as defined by California Consumer Privacy Act about you. This includes details about your race or ethnicity, religious or philosophical beliefs, financial account information, precise geo-location data, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offenses.
Legal Basis and Purpose for Processing Personal Data
Where we process personal data as a processor or a service provider pursuant to service contracts with our Customers, we only process personal data on the instructions of the Customer, and only as necessary, appropriate and customary to provide our services.
If you are an individual located in the European Economic Area (EEA) or an individual whose personal data is protected by laws similar to the General Data Protection Regulation (“GDPR”), our legal basis and purpose for collecting and using the personal data described above in this Section 2.1 will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data from you only where: (a) we have your consent to do so, (b) where we need the personal data to perform a contract with you (e.g. to deliver the services you have requested), or (c) where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or those of another person.
Examples of Legitimate Basis and Purpose for Collecting Your Personal Data
In connection with your use of our services, we collect and process personal data to perform our contractual obligations related to the services that you have requested. Where we collect personal data in connection with operating our websites and services, we have a legitimate interest in ensuring our websites, services and associated networks and IT systems operate properly and securely. Where you have requested to receive information about our products, services and business or other marketing communications, then we process personal data based upon our legitimate interest in engaging in direct marketing with Visitors, Customers, Attendees, individuals and companies that have requested to receive information from us.
Where you have responded to a job posting on our websites, we collect and process personal data as part of our consideration of your application. Where we rely on your consent to process the personal data, you have the right to withdraw or decline your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.
Where we collect data about online behavior, including through the use of cookies, we have a legitimate interest in providing you with an optimal user experience and understanding and analyzing how Visitors interact with our website. You can find more about the use of cookies in our websites, please read and review our Cookie Policy.
2.2 How does YeshID collect my personal data?
YeshID collects your information both actively and passively (in accordance with our Cookie Policy) as you interact with our websites or contact us.
YeshID may directly collect personal data you provide us in the following ways:
- When you complete forms on our websites, such as requesting a demo, or applying for a job.
- When you perform search queries on our websites.
- When you use our publicly accessible blogs.
- When you contact us outside of our websites, such as via email or LinkedIn.
- When you request assistance from our support team.
- When you respond to surveys we ask you to complete for research purposes.
- When you register for or attend our marketing activities.
- When you submit an entry to a sweepstakes or contest that we sponsor.
2.3 Does YeshID collect personal data automatically?
As is true of most websites and services provided using the Internet, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), the referring page that you navigated to our websites from, the page that you navigated to from our websites, the files viewed on our site (e.g. HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
The information we collect automatically is statistical data, which we may associate with personal data we collect in other ways or receive from third parties. This information helps us to improve our websites and to deliver better and more personalized service.
YeshID and our partners use cookies or similar technologies (such as web beacons) to gather information, analyze trends, administer our websites, track users’ movements around our websites, and to gather demographic information about our user base as a whole. These technologies may provide us with personal data, information about devices and networks you utilize to access our websites, analytics information and other information regarding your interactions with our websites. Users can control the use of cookies at the individual browser level but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service. For detailed information about the use of cookies and related technologies in our websites, please read and review our Cookie Policy.
We partner with third parties to manage our advertising on other sites. Our third party partners may use technologies such as cookies to gather information about your activities on our websites and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union, click here). Please note that this does not opt you out of being served ads, you will continue to receive generic ads.
2.4 How does YeshID use my personal data?
We use your information to enhance your experience using our websites and services.
We use personal data that we collect about you or that you provide to us, including any personal data about Visitors, Customers, and Attendees:
- To present our websites and their content to you.
- To provide you with access to our services and to maintain access controls over secured areas of our websites.
- To provide you services for which you have engaged us.
- To provide you with information, products, or services that you request from us, including technical instructions for implementing your service and responding to customer support and sales inquiries.
- To fulfill any purpose for which you provide it.
- To provide you with notices about your account and/or subscription, including expiration and renewal notices.
- To provide you with information or services that you request from us.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
- To save your preferences (including requests to not receive communications).
- To allow you to participate in interactive features on our websites.
- To personalize our websites to optimize your experience and match your preferences.
- To send you promotional materials about our services and events, including newsletters, product updates, information about and invitations to marketing events.
- To process and deliver contests or sweepstakes entries and rewards.
- To plan and host marketing activities.
- To communicate with you about corporate marketing events, which may include promotional information.
- In any way we describe when you provide or we collect the information.
- To comply with applicable legal and regulatory requirements.
- To assure the safety of your account and our platform.
- For any other purpose with your consent.
Service improvement and analytics. We may use your personal information to analyze your usage of the Service, improve the Service and our business, help us understand user activity on the Service, including which pages are most and least visited and how visitors move around the Service, as well as user interactions with our emails, and to develop new products and services.
2.5 How long does YeshID retain my information?
We retain your information for as long as needed to provide you our services or perform our contractual obligations, unless a longer retention period is required or permitted by law. The retention period shall not exceed the duration of our business relationship with you plus (7) years unless we have a legitimate business interest need to retain the information for a longer period, which include maintaining a record of your preferences, securing the integrity of databases, conducting audits, complying with our legal and contractual obligations, resolving disputes, and enforcing our agreements.
3. Third Party Collection and Use of Personal Data
3.1 Does YeshID share my personal data with others?
Third-Party Service Providers
We engage third-party service providers in the operation of our business or to support our business. We consequently share information, including personal data, with these contracted third-party service providers in connection with using their services. These include cloud-based productivity and collaboration tools, customer relations management, security tools, staffing service providers, backup, storage, payment processing, analytics and other services. We also engage and share information with third-party service providers for fraud protection, credit risk reduction and payment collection associated with our accounts. Our service providers may have access to, process or store your personal data for the purpose of providing us with their contracted-for services.
Our service providers are not authorized to process your personal data for purposes other than as necessary, appropriate or reasonable to provide the service we have purchased.
Affiliates
YeshID, Inc. and its subsidiaries and affiliates share information, including personal data, in the operation of our global business because our YeshID, Inc. , and/or subsidiaries and affiliates may provide you services under our contracts or other functions, consistent with the purposes described in Section 2.4 above.
Third Party Cookies
As described in our Cookie Policy, we collect and share information through the use of cookies.
Consent
We may disclose your personal data to any third party with your consent and appropriate notice.
Compliance with Laws; Law Enforcement Requests; Protection of Our Rights
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet law enforcement requirements. We may disclose personal data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
We may also share such information if we believe it is necessary or appropriate in order to protect our rights, property, or safety of YeshID, our Visitors, Customers, or Attendees, Job Applicants, our personnel or others, to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our contracts, or as otherwise required by law.
Corporate Events
We may share your personal data to a potential buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of YeshID’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by YeshID about our websites users is among the assets transferred. We may also share your personal data with potential investors, financing sources, auditors or agents that may conduct due diligence of our business. You will be notified via email and/or a prominent notice on our websites of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.
Referrals
If you provide us with contact information for persons you would like to refer, we will communicate with the referred persons and may disclose you as the source of the referral. If you believe that one of your contacts has provided us with your personal data and you would like to request that it be removed from our databases, please contact us at [email protected].
3.2 Data Supplementation
We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal data about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. If we receive personal data about you from a third party in order to engage in marketing of our services, then we will market to you only in your capacity as representatives of companies we wish to sell to and we will present you an opportunity to opt-out of future communications.
Examples of the types of personal data that may be obtained from public sources or purchased from third parties and combined with information we already have about you, may include:
- Contact information about you, including your name, email address telephone number, from third party sources to verify your address so we can properly prevent fraud or communicate with you; or
- Data purchased from third parties, such as social networking sites and conference attendee lists, that is combined with information we already have about you, to create more tailored advertising and products. If you receive a marketing communication or promotion from us, you may opt-out of these communications at any time by clicking the unsubscribe link provided in the email or by sending a request to [email protected].
3.3 How is my personal data handled by third-party sites?
Our websites may include links to other websites whose privacy practices may differ from those of YeshID. If you submit personal data to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.
4. Your Choices and Rights
The following table explains your rights with respect to your Personal Data that YeshID controls:
4.2 How can I report abuse?
If you need to report abuse, please contact us by email at [email protected]. YeshID’s language for official communications is English.
5. Security and Privacy Measures
5.1 How does YeshID protect my information and data?
We have implemented measures designed to secure your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure.
Information you provide to us is stored on our secure servers behind firewalls. Any sensitive information is encrypted using Transport Layer Security (TLS) (sometimes referred to as Secure Sockets Layer or SSL).
You must also make sure that your personal data is safe and secure. Even if we give you (or you have chosen) a password for access to certain parts of our websites, you are responsible for keeping this password confidential. Do not share your password with anyone. We urge you to be careful about giving out information in public areas of our websites, for example, message boards. The personal data you share in public areas may be viewed by any user of our websites.
Information that is transmitted via the Internet is not completely secure. We cannot guarantee the security of your personal data transmitted to our websites. Any transmission of personal data is at your own risk. We are not responsible if you circumvent any privacy settings or security measures on our websites.
5.2 How does YeshID limit access to my personal data?
We limit access to certain pages on our websites and allow you to set certain privacy settings via your account profile; however, be aware that no security measures are perfect or impenetrable.
Additionally, we cannot control the actions of other users of our websites with whom you may choose to share your user contributions. Given that, we cannot and do not guarantee that your user contributions will not be viewed by unauthorized persons.
6. OTHER IMPORTANT INFORMATION
6.1 Children Under the Age of 16
Our websites are not intended for children under 16 years of age. No one under age 16 may provide any personal data to or on the websites.
We do not knowingly collect personal data from children under 16. If you are under 16, do not use or provide any information on our websites or on or through any of their features, register on the websites, make any purchases through the websites, use any of the interactive or public comment features of our websites or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received personal data from a child under 16, we will delete that information immediately.
If you believe we might have any information from or about a child under 16, please contact us via the Contact Information section below.
6.2 California Privacy Rights
California Civil Code Section § 1798.83 permits users of our websites that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an e-mail or write to us at our mailing address noted in the Contact Information section below.
7. Contact Information
If you have any questions or comments about this Privacy Policy and our privacy practices, contact us at: [email protected]. or YeshID Inc., Attn: Legal Department, PO Box 460664 · Denver, CO 80246 · United States.
YeshID’s language for official communications is English.
8. Changes to this Privacy Policy
It is our policy to post any changes we make to this Privacy Policy on this page that this Privacy Policy has been updated. The date this Privacy Policy was last revised is identified at the top of the page and will be reviewed, and revised if required, in accordance with applicable law.
YeshID California Consumer Privacy Act and Consumer Privacy Rights Act Compliance Statement
Starting on January 1, 2020, the California Consumer Privacy Act (“CCPA”) governs how businesses handle the personal information of California residents. CCPA was amended by the adoption of the Consumer Privacy Rights Act (“CPRA”) effective March 29, 2023. YeshID Inc. and its subsidiaries and affiliates (collectively, “YeshID”) is committed to our customers’ success, including their compliance efforts with respect to the CCPA.
How does YeshID address its customers’ compliance with the CCPA?
For YeshID’s customers, YeshID is a “service provider” under the CCPA. We process personal information only on behalf of our customers, pursuant to written contracts. Those contracts, which are already in place, permit YeshID to process our customers’ data (including personal information) only for the purpose of providing our services.
While we necessarily have to process personal information submitted to any of our services, we do not sell that information to third parties.
How does YeshID address consumer rights under the CCPA?
If you are an individual seeking to exercise your rights under the CCPA (as amended by the CRPA) please see our CCPA for more information. Our Privacy Policy is aligned with the requirements of the CPRA and provides you with information about how YeshID collects your personal information and how to exercise your rights with respect to that information.
Questions
If you or anyone in your organization has questions about how YeshID helps your organization comply with the CCPA, contact [email protected].