Privacy Policy
This privacy policy was last revised on August 30, 2020.
SUR-ID is a digital health screening application (collectively, “SUR-ID,” “we,” or “us”). SUR-ID is the owner of a cloud-based digital health platform and provides services to companies and other organizations (collectively our “Clients”) wishing to ensure individuals entering their premises are without fever (the “SUR-ID Services”).
1. Scope
This Privacy Policy (“Policy”) describes how we collect, use and otherwise process personal information (sometimes referred to as “data”) about visitors of our websites (the “Sites”) and from our cloud-based digital health screening application (the “Application”) (collectively, the Sites, Applications, and SUR-ID Services are the “Services”). Please note that our business is generally not targeted at consumers but other businesses (i.e., our Clients) and when we act as a service provider on behalf of our Clients, we collect, use, and disclose the relevant personal information only under the business’ instruction, and their privacy policy will apply to how they (and we on their behalf) process personal information.
To make this Policy more reader-friendly, we use everyday words such as use, transfer and storage to describe what we do with your personal information – but this Policy covers all our data processing activities. By partnering with us as a Client or visiting the Site and/or otherwise using the SUR-ID Services or Services, you agree to the terms of this Policy.
2. Information We Collect
We generally collect facial recognition data and certain other biometric data such as an individual’s body temperature by utilizing an infrared temperature reader or other touchless temperature reading device. We use that information to match an individual against a database of facial images and logging their body temperature along with the time and date that they utilized the Application. This information is utilized by our Clients for purposes of ensuring visitors to their physical locations are fever free and to log attendance. SUR-ID does not have access to, nor does it utilize, any personal or biometric data collected through the Application for any use other than to provide the Services to the Client. An individual accessing the Application through a Client’s physical location shall be referred to as a “User” for purposes of this Policy.
Personal information we collect directly from you
SUR-ID generally does not collect personal information regarding individual Users through the SUR-ID Sites. However, we may collect certain personal information via the Sites about you, for example if you contact us, such as by submitting a question, downloading a whitepaper or registering to use the SUR-ID Services. However, in most cases, if and/or when we obtain personal information, it relates to our current or prospective clients and business partners.
To the extent we receive personal information through our Sites, we use personal information only in ways compatible with the purposes set out in this Policy, such as to respond to email communications or questions, improve our products and services, develop new products, services, and features, to provide you with promotional content and newsletters, to facilitate registration for and delivery of the SUR-ID Services, or for billing purposes. By voluntarily providing us with personal information, you are consenting to our use of it in accordance with this Policy.
Information We Collect Automatically
The SUR-ID Sites may collect information about your device and your interaction with the Sites. This information, which is collected passively using various technologies, may come from such sources as your web browser or the apps that you use. We also obtain the precise geolocation (e.g., latitude and longitude coordinates) of your device and may use that information to assist our Clients with targeting ads tailored to your interests. For purposes of the Application, when a User approaches the SUR-ID device the device may recognize a User’s face and will automatically take the User’s temperature and log the results. A User will be prompted as they approach the device on how to position their face in order to obtain an accurate reading. As stated elsewhere in this Policy SUR-ID does not have access to the User level data or logs of its Clients.
Cookies and other Web Technologies
In operating the SUR-ID Sites, we use a technology called “cookies,” which are small text files that our Site serves to your browser when you access the Site or that some of our Clients and Ad Partners serve to your browser when you engage with them. Our cookies and other tracking mechanisms collect and store audience segments, help provide additional functionality to the SUR-ID Services and Site and help us analyze usage more accurately.
Although most web browsers automatically accept cookies, many browsers’ settings can be set to decline cookies or alert you when a website is attempting to place a cookie on your computer. However, some of our services may not function properly if you disable cookies. We do not currently support the Do Not Track browser option.
3. How We Use Your Information
This section describes how we use personal information in connection with operating the SUR-ID Services and our Site and Services.
A. To Respond to Your Requests
If you interact with us on our Site or request information from SUR-ID, we use and/or share your information, including personal information, to respond to your inquiries. We may also use your personal information to send your updates about the SUR-ID Services or changes to this Policy.
C. Advertising and Marketing
To send or display targeted advertising and marketing and reach you with more relevant ads and to evaluate, measure and improve the effectiveness of our advertising campaigns. We may also send you newsletters, offers or other information we think may interest you or contact you about the SUR-ID Services or Services and general information we think may interest you. We may also use your information to tailor the content we send or display on our websites.
D. Securing and protecting our business
We may use your personal information to secure and protect our business including to protect and secure our business operations, assets, Services, network and information and technology resources, or to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third party, or other unauthorized activities or misconduct.
E. Defending our legal rights
To manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation.
F. Auditing, reporting, corporate governance, and internal operations
For financial, tax and accounting audits, assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; to maintain appropriate business records.
G. Complying with Law
To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
4. How We Disclose Your Information
A. Service Providers
We may share your data with our service providers, including our contractors and business partners, who we engage to help us provide and manage the SUR-ID Services on our behalf, for example to ensure network and information security, provide a more personalized experience, and analyze usage of the Site and the SUR-ID Services. For example, we use Google Analytics, Google Tag Manager, and Yahoo Analytics. Our service providers are located in the United States and other countries and we share your personal information with them subject to obligations consistent with this Policy, impose other appropriate confidentiality and security measures, and only share your information on the condition that these third parties use your personal information only on our behalf and pursuant to our instructions.
B. Affiliates and Change of Ownership
We share your information within our SUR-ID group for uses consistent with this Policy, such as to help operate the SUR-ID Services.
We may share, disclose, or transfer your information if SUR-ID is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, as permitted by law and/or contract.
C. Non-Personal Information
We share your non-personal information, such as aggregated or de-identified information (in statistical or summary form that does not include any personal identifiers) with third parties in order operate and improve our service and conduct research about and analyze usage of the SUR-ID Services.
D. Securing and protecting our business
We may use your personal information to secure and protect our business including to protect and secure our business operations, assets, Services, network and information and technology resources, or to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third party, or other unauthorized activities or misconduct.
E. To Protect our Legal Interests and Comply with Law
Additionally, we will use your personal information for other purposes permitted under this Policy, such as to protect or comply with legal rights and obligations.
There may be instances when we will use and/or disclose information we collect and receive where we have, in our discretion, a good faith belief that such use and/or disclosure is necessary in order to: (i) protect or defend our or your legal rights or property or those of our affiliates, employees, agents and contractors (including enforcement of our agreements); (ii) protect the safety and security of members of the public, including responding to emergencies where there appears to be a danger of death or injury to any person; (iii) comply with the law, law enforcement, or legal process or proceedings or requests from public or government authorities; (iv) prevent fraud or other liabilities.
5. Children’s Information
We do not knowingly target advertisements to children under the age of 16. If you believe we have collected information about a child please contact us at
privacy@SUR-ID.com to have the data associated with your child deleted.
6. How We Secure Your Information
SUR-ID is committed to protecting the security of the information we collect. We use a variety of technical and organizational measures designed to protect information from unauthorized access, use or disclosure, both during transmission and once we receive it. We store your information on secure servers. However, no digital transmission or form of electronic storage is completely secure. Therefore, we cannot guarantee its absolute security.
7. How Long We Keep Your Information
We store personal information for so long as you continue to have a business relationship with SUR-ID and for a reasonable time thereafter for record keeping purposes.
8. Additional Information for California Residents
This section of the Privacy Policy provides additional information solely for California residents, as required under the California Consumer Privacy Act of 2018 (“CCPA”), and applies to personal information, whether collected online or offline. As used in this section of the Privacy Policy, “personal information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
Personal Information Not Covered by this California Section
This section does not address or apply to our handling of publicly available information made lawfully available by state or federal governments or other personal information that is subject to an exemption under Section 1798.145(c) – (f) of the CCPA.
This section also does not apply to personal information we collect about California job applicants, independent contractors, or current or former full-time, part-time and temporary employees and staff, officers, directors or owners of SUR-ID, and use solely in that context.
Categories of Personal Information that we Collect and Disclose
Our collection, use, and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident. The table below sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect and disclose to others for a business purpose. We collect these categories of personal information from the sources described in the “Information We Collect” section above, and for the purposes described in the “How We Use Your Information” section above.
|
Categories of personal information collected (see below for more details) |
Do we collect? |
Do we disclose for business purposes? |
|
Name, contact info and other identifiers such as a real name, alias, address, unique personal identifier, online identifier, Internet Protocol address, email address, account name. |
Yes |
Yes |
|
Customer records such as electronic customer records containing personal information, such as name, address, telephone number, and household information in the context of surveys. |
Yes |
Yes |
|
Purchase history and tendencies such as commercial information including records of products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies. |
Yes |
Yes |
|
Usage data such as internet or other electronic network activity information, including, but not limited to, clickstream data, and information regarding a resident’s interaction with an internet website, application, or advertisement. |
Yes |
Yes |
|
Profiles and Inferences such as inferences drawn from personal information to create a profile reflecting preferences, characteristics, predispositions, behavior, attitudes. |
Yes |
Yes |
Categories of Personal Information Sold
The CCPA defines a “sale” as disclosing or making available personal information to a third party in exchange for monetary or other valuable consideration. You can read more about our use of personal information in digital advertising in the “How We Use Your Information” section above. Pursuant to the CCPA, the categories of Personal Information that we may “sell” as defined under the CCPA includes:
- Name, contact information and other identifiers
- Customer records
- Purchase history and tendencies
- Usage Data
- Profiles and Inferences
Your CCPA Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. This section describes your rights under the CCPA and explains how to exercise those rights. Subject to certain exceptions, California residents have the right to make the following requests:
Right to Opt-out of Sale (“Do Not Sell”): You have the right to direct us not to sell your personal information (“opt-out”). We do not sell personal information if we have actual knowledge that the consumer is less than 16 years of age, unless we receive affirmative authorization (“opt-in”) from either the consumer between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age.
If you prefer that we not sell your personal information you may submit a request online here. Please also refer to the non-California sections of this Privacy Policy for information about our use of cookies and similar technologies.
Right to Delete: You have the right to request that we delete and direct any service providers that have received that personal information to delete, the personal information that we have collected and retained, unless an exemption applies. Once we receive and confirm your verifiable request, we will delete (and, if applicable, direct our service providers to delete) your personal information from our records, unless an exemption applies.
Right to Know: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable request, we will disclose to you:
- the categories of personal information we collected about you;
- the categories of sources of personal information we collected about you;
- our business or commercial purposes for collecting or selling that personal information;
- the categories of third parties with whom we have disclosed or shared that personal information;
- the specific pieces of personal information we collected from you;
- the categories of third parties to whom your personal information has been sold; and
- the categories of personal information that we have sold (if any).
Submitting Requests: You can submit a Request to Delete or Request to Know by either:
- Sending an email to Support@SUR-ID.com
- Calling us at (888) 655-1873
We will respond to verifiable requests received from California residents as required by law. You can also designate an authorized agent to make a request under the CCPA on your behalf, however we may ask the agent to provide proof that the agent is authorized to make a request on your behalf. Please note that SUR-ID does not collect or have access to any personal information collected via the Application and any requests under CCPA should be directed to the Client.
If necessary, we may ask you for additional information necessary to verify or process your Request to Delete or Request to Know. Where applicable, we may ask for proof that an authorized agent is entitled to act on your behalf. We may also carry out checks, including with third-party identity verification services, to verify your identity before taking any action with your personal information. We will endeavor to respond to your verifiable requests within 45 days of receipt. If we require more time (up to 45 additional days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the consumer request receipt. Generally, California residents can exercise rights free of charge.
Non-Discrimination: You have the right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA. We will not discriminate against you for exercising any of your CCPA rights or impose unreasonable requirements on financial incentives offered to California consumers related to your personal information. We may offer different prices, rates, or quality of goods or services if the difference is reasonably related to the value of your personal information.
Shine the Light: California Residents may request a list of all third parties to which our online service has disclosed certain personal information (as defined by California law) during the preceding year for those third parties’ own direct marketing purposes. If you are a California resident and want such a list, please contact us at privacy@SUR-ID.com. For Shine-the-Light requests, you must put the statement “Shine the Light Request” in the body of your request. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. Please note that we will not accept Shine-the-Light requests via telephone, mail, or by facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.
9. This Privacy Policy May Change
SUR-ID will maintain personal information in accordance with this Policy. If SUR-ID decides to change this Policy, we will post the changes on this page and revise the “Last Updated” date above. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change, such as by highlighting the change on website. Any changes to this Policy will become effective upon our posting of a revised Privacy Policy on this page. Use of the SUR-ID Services or Site following such changes constitutes your acceptance of the revised Privacy Policy that is in effect.
10. Contact Information
For questions or concerns relating to privacy, please contact us at support@SUR-ID.com.