Last Updated: June 22, 2022
The privacy of your data – and it is your data, not ours! – is a big deal to us. We are committed to the protection of any personal information we obtain from you. This policy applies to all products and services provided by AnonyDoxx, LLC (“AnonyDoxx”). In this policy, we specify (i) what data we collect, use and share, and why we do so, (ii) how your data is handled, including with whom and under what circumstances we may share it and (iii) your rights with respect to your data and how to exercise those rights.
We promise we will never sell your data: never have, never will.
A. Data You Provide to Us
The types of personal data we collect directly from you varies based on how you interact with us and our services, including when you register, connect your wallet and/or use our Vault Verification protocol. The types of data we collect may include:
B. Data From Other Sources
We may obtain information about you from other sources, including if you connect or link a profile or wallet from a third party, we may obtain certain information that identifies you. We may also obtain data from publicly-available sources and/or data suppliers from which we obtain data to validate or supplement the information we hold.
C. Data We Collect Automatically
When you browse our website/application(s), your browser or device automatically shares certain information such as your IP address, information about how you interact with our website/application(s), and which operating system and browser version you are using. We may collect this information through tracking technologies like cookies (for further information regarding cookies, see Section VII below).
A. Vault Verification
The data identified above is processed to provide our Vault Verification service, a form of identity check whereby we:
Biometric Data is stored only so long as is needed conduct step (1), above.
Certain data (e.g., your image and certain identification materials) will be securely stored by AnonyDoxx for the duration of your verification (AnonyDoxx Vault Verification expires after one year).
Your blockchain certificate is a unique, personal identifier. Your information will be stored in an immutable chain as part of a database called a distributed ledger, and may not later be changed or deleted.
Please carefully consider how the use of blockchain may limit the exercise of certain of your rights regarding personal data, as discussed in “Your Rights with Respect to Your Information” (Section III).
B. Using Your Data
We and third parties working on our behalf may use the information we collect about you for various purposes, including:
C. Sharing Your Data
We may share your information with third parties as permitted or required by law, including:
A. Regulatory Matters
At AnonyDoxx, we apply the same data rights to all customers, regardless of their location. Currently, some of the most privacy-forward regulations in place are the European Union’s (“EU”) General Data Protection Regulation (“GDPR”) and California Consumer Privacy Act (“CCPA”) in the United States (“U.S.”). AnonyDoxx recognizes all of the rights granted in these regulations, except as limited by applicable law.
These rights include:
Please note, you have the right at any time to withdraw a previously-provided consent. We will promptly honor such requests; however, withdrawing consent will not affect the lawfulness of any authorized processing which precedes the withdrawal of your consent.
If you are in the EU, you can identify your specific authority to file a complaint or find out more about GDPR, at https://edpb.europa.eu/about-edpb/board/members_en.
AnonyDoxx may send you information about products and services of ours or our partners that we think you may like. If you have agreed to receive marketing, you may always opt out by following the unsubscribe link in each marketing email or by contacting us directly at [email protected]
AnonyDoxx collects and processes Biometric Data, including facial scans, to provide its services, as outlined in Section II.A (Vault Verification), above. AnonyDoxx collects such information based on the written consent of its users, and we will share such data with our service provider(s) solely to provide requested services.
Like all data we collect, we will never sell Biometric Data.
A. Biometric Data Defined
We base our practices with respect to biometrics on what we assess to be the most stringent requirements for biometric privacy, which are laid out in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq. (“BIPA”). As used in this policy, the term Biometric Data means “biometric data”, “biometric identifiers,” and “biometric information” as defined in BIPA:
For clarity, Biometric Data also includes any similar state or local law definitions related to any biological characteristic of a person, or information based upon such a characteristic, including but not limited to, “biometric identifier” as defined under the Texas Biometric Privacy Law, Tex. Bus. & Com Code § 503.001, “biometric information” as defined in the Washington Biometric Privacy Law, Wash. Rev. Code Ann. § 19.375.020, “biometric information” as used in the CCPA, and “biometric information” as used in the New York Stop Hacks and Improve Electronic Data and Security Act (NY SHIELD Act), N.Y. Gen Bus. Law § 899-bb.
B. Purpose for Collection of Biometric Data
Our Vault Verification creates Biometric Data (face scans) for the purpose of identifying you and issuing a certification via blockchain. Our facial recognition technology compares your “selfie”, government-issued identification, and self-recorded, video attestation. This process is reviewed by AnonyDoxx staff prior to issuing the blockchain Vault Verification. (The process is detailed above at “Vault Verification” (Section II.A).)
Prior to receiving Biometric Data, we must:
AnonyDoxx will not disclose or disseminate any Biometric Data to anyone other than its authorized vendor(s) without/unless:
E. Biometric Data Retention Schedule
As a general matter, we will retain biometric information for only so long as is necessary to complete the initial identification (i.e., step (1) as described at Vault Verification (Section II.A) above), but in no instance longer than the first of:
F. Data Storage
AnonyDoxx will use, and will ensure its vendor(s) use, a reasonable standard of care to store, transmit and protect from disclosure any Biometric Data it collects or is collected on its behalf. Such storage, transmission and protection from disclosure will be performed in a manner that is the same as, or more protective than, the manner in which AnonyDoxx stores, transmits and protects from disclosure other confidential and sensitive information, including personal information.
This website and our services are not intended for children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you are under 13, you are prohibited from providing any information through this website or our services.
AnonyDoxx is based in the United States. As such, if you are located outside the U.S., your information may be transferred to or processed in the U.S., which may not offer the same level of protection to personal data as your home jurisdiction.
A. Grounds for Processing
When we collect personal information from within the European Economic Area, we do so:
A. First-Party Cookies
We use only essential, persistent first-party cookies to store certain preferences, we make it easier for you to use our applications. A cookie is a piece of text stored by your browser to help it remember your login information, site preferences and more. You can adjust cookie retention settings in your own browser. Please note that if you restrict the placement of cookies on your device, certain areas of our services may be affected and/or not function as intended. To learn more about cookies, including how to view which cookies have been set and how to manage and delete them, please visit: www.allaboutcookies.org.
B. A Note on Do-Not-Track (DNT)
Our website does not respond to DNT signals.
We use reasonable measures to prevent unauthorized access, use or disclosure of your information. However, no method of transmission over the Internet is absolutely secure. Accordingly, we cannot guarantee the absolute security of your information.
Subject to any limitations or restrictions provided in law, we will maintain your information for as long as is reasonably necessary to fulfill the purposes of collection. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation.