Web Privacy Policy

Effective: March 31, 2022

For more information about ID5's broader privacy practices and models, including its placement of and access to online cookies and how to opt-out, please read the ID5 Platform Privacy Policy.

The purpose of this Privacy Policy is to explain how data collected through this website is used. This Privacy Policy only applies to data collected through the id5.io website, or other websites operated by ID5 and linked to this website.

This Web Privacy Policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; where we determine the purposes and means of the processing of that personal data.

You may view or change your consent choices for this website at any time

Collection and use of your information

In the Collection and use of your information section we have set out:

(a) The general categories of personal data that we may process;
(b) In the case of personal data that we did not obtain directly from you, the source and specific categories of that data (i.e., Tracking Information);
(c) The purposes and legal basis for which we may process personal data; and
(d) The use of cookies on our websites.

When you visit our websites, we may collect certain information from you. This information falls into two categories: 1) personal data you voluntarily supply when you log into or submit data on our websites and 2) tracking data collected as you navigate our sites.

Personal data you provide to us

We may retain and use for our business purposes (including to contact you, provide services to you, provide customer service and to send newsletters) personally identifiable information you provide to us such as your name, email address, and company. The legal basis for this processing is legitimate interests, namely the proper administration of our website and business, in accordance with Article 6(1)(f) of the GDPR.

Tracking information

We may retain and use technologies to track your use of our websites and tailor your web experience. The tracking information data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services, in accordance with Article 6(1)(f) of the GDPR.

Use of cookies on our websites

Cookies are small, unique strings of code stored on your computer that make it easier for you to use our site and help us improve site functionality and security. We may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer until you delete them).

We use our own proprietary cookies, as well as cookies hosted by third party vendors. These cookies include non-personally identifiable information that allows advertisers and content owners provide a more customized web experience. They may be used to tailor ad content on sites you may visit in the future. They may collect data such as your browser type, your operating system, Web pages visited, time of visits, content viewed, and other clickstream data. (These first-party cookies, targeted at our customers and site users, are different from the cookies we deploy through the ID5 service, which may capture browser data including but not limited to your IP address, browser version, OS type, etc. We do not, however, collect information regarding clickstream, browsing behavior, or web page keywords. To learn about these cookies please read the ID5 Platform Privacy Policy.

When you visit our web sites or open an email you have received from us, we, or one of our technology vendors, may place or recognize a unique cookie on your browser. These cookies, which do not contain personally identifiable information, enable us to customize our services and gather analytics about our web traffic. Additionally, emails we send to you may contain a bit of code known as a “web beacon.” This code helps us understand the time and date that a user has opened an email and when he/she has used a link within the email to visit a website, allowing us to collect analytics about our traffic and customize our services. You can disable our web beacons by turning images “off” in your email client (e.g., Outlook, Outlook Express). Please see your email client for more information.

We may also use cookies to automatically collect information about your computer when you visit our sites, and automatically store it in log files. This may include the type of browser software you use, the operating system you are running, the website that referred you, and your Internet Protocol (“IP”) address.

Your browser may permit you to reject or delete cookies, but this may prevent proper working of our website.

We may disclose your personal data as follows:

We will share your personal data with third parties only in the ways that are described in this privacy policy. We do not sell your personal data to third parties.

Disclosure to Vendors and other service providers

We may use third party service providers for network, security, email, and hosting services. Suppliers and service providers are required by contract to keep confidential the information received on our behalf, and may not use it for any purpose other than to carry out the services they are performing for us.

We use Piwik PRO Analytics Suite (Piwik) as our website/app analytics software [and consent management tool]. Piwik collects data about website visitors based on cookies. The collected information may include a visitor's IP address, operating system, browser ID, browsing activity and other information. You can find the scope of data collected by Piwik PRO here.

Through Piwik, we calculate metrics like bounce rate, page views, sessions and the like to understand how our website/app is used. [We may also create visitors' profiles based on browsing history to analyze visitor behaviour, show personalized content and run online campaigns.]

Piwik hosts its solution on Microsoft Azure in Germany/Netherlands/United States/Singapore/ElastX in Sweden, and the data is stored for 14/25 months.

The purpose of data processing: analytics and conversion tracking based on consent. Legal basis: Art. 6 (1)(a) GDPR. Piwik does not send the data about you to any other sub-processors or third parties and does not use it for its own purposes. For more information you can read Piwik PRO's privacy policy.

Disclosure required by law

Under certain circumstances personal data may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders. Also when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request or to any other third party with your prior consent to do so. If we are ever legally compelled to disclose your personal data to a third party, we will notify you with the contact information we have unless doing so would violate the law or a court order.

Disclosure to Insurance

We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Disclosure of non-personal data

We may share with third parties or service providers non-personally identifiable information about your use of our website, which could include demographics, interests, and other online habits.

Your Rights

In the Your Rights Section, we have summarized the rights that you have under data protection law.

As it relates to personal data collected on this site, your principal rights under data protection law are:

(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to complain to a supervisory authority; and
(g) the right to withdraw consent.

Access

You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information.

Rectify

You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

Erase

In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.

Restrict/Object Processing

You have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances, as listed above in Erase. When processing is restricted, we are permitted to store the personal data, but not use it.

Supervisory Authority

If you consider that our processing of your personal data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

Withdrawal Consent

If your personal data changes, or if you no longer desire our service, you may correct, update, amend, delete/remove, or deactivate it by making the change on your settings page or by emailing our customer support at privacy@id5.io.

If you wish to subscribe to our newsletter, we will use your name and email address to send the newsletter to you. Out of respect for your privacy, you may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, accessing the email preferences in your account settings page or you can contact us at privacy@id5.io.

We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Other important information

Children's privacy

We do not knowingly collect personal data about children. Our systems are not designed for use by children under the age of 13. If we learn we have collected or obtained personal data of someone under 13, we will delete that information from our database. If you believe that this has occurred, please contact us at privacy@id5.io.

Security

We take the security of our data and client's information seriously. We always take what we believe are reasonable precautions to protect against unauthorized access to our systems and to prevent data from being disclosed to unauthorized parties. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee absolute security.

Business transitions

If we ever go through a business transition such as a merger, acquisition, or sale of all or a portion of its assets, your personal data and non-personal data will likely be among the assets transferred. You will be notified in advance by email where possible, and we will post a prominent notice on our website. We will require an acquiring company or merger agreement to uphold the material terms of this privacy statement, including honoring requests for account deletion.

Data Transfers

Where business needs exist, ID5 intends to transfer personal data to entities outside the EU. However, your personal data will not be transferred unless a valid transfer mechanism is in place legitimizing such a transfer. In the case referred to in Article 46,47, or the second paragraph of Article 49(1), this will typically involve EU model clauses or the EU-US Privacy Shield Framework. Safeguards afforded by the EU model clauses may be accessed here.

Links to third-party sites

Our website includes links to other websites whose privacy practices may differ from those of ID5. If you submit personal data to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Blog / Forum

Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You can request the removal of your personal data from our blog or community forum, by contacting us at privacy@id5.io. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why.

Changes to this policy

This Privacy Policy was last updated on May 1, 2019. We will provide notice for 30 days whenever this Privacy Policy is changed in a material way. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact information

If you have questions about this statement, please e-mail our privacy administrator at privacy@id5.io or contact us at:

Privacy Administrator, ID5, 15 Bishopsgate, London EC2N 3AR, UK