Privacy Policy

Welcome to GlobaliD Privacy Policy (the “Policy”) where we describe the types, means and purposes by which GlobaliD processes your Personal Data when you use GlobaliD Services (“Services”), and how you can control your Personal Data and exercise your Privacy Rights. This Policy also tells you about your rights and choices with respect to your personal information (“Personal Data”), and how you can reach us to get answers to your questions.

Privacy is the foundation upon which we built GlobaliD. At GlobaliD, we provide a platform where users can establish a unique identity comprised of user-specific Verifications. We provide our users the ability to store Personal Data securely on their devices or through our platform, and share Personal Data only as needed with GlobaliD or third parties. Therefore, instead of transferring Personal Data to third parties, users only share access to their Personal Data. This way we eliminate the need to store Personal Data and enable our users to control access to their digital identities. All capitalized terms used in this Policy are defined in the “Definitions” table below.

The GlobaliD identity system is built on three core pillars: privacy, security, and trust.

1. Privacy

We enable privacy through verifications or securely-made claims about the validity of some piece of information about your identity. Verifications associated with your GlobaliD Name are public and viewable to GlobaliD Name holders and partners, but the underlying Personal Data (e.g. date of birth, phone number) is private and is only ever seen by the third party providing the verification, or if you chose to grant an entity or person access to your Personal Data.

2. Security

Our user’s Personal Data is encrypted, anonymized and backed up to the cloud. The key required to decrypt that data is only held by the owner of the name.

3. Trust

Permissions are based on trust: before granting permission to a GlobaliD user to perform a given action, an app or website needs to trust that the user is (a) who they claim to be, and (b) authorized to perform that action. Trust, therefore, has two components: authentication and authorization. GlobaliD authenticates users with cryptography techniques where the owner of a name has a private key used to prove ownership. This private key is stored securely on the user’s mobile phone or in encrypted version in the cloud.

Authorization is the process by which an app or website checks that a given user is allowed to perform a given action. The Verifications acquired by GlobaliD Name holders prove that a given piece of information about a particular GlobaliD Name holder was valid at a particular point in time. Collectively, the Verifications associated with GlobaliD Name holders allow users to build a reputation. Using this reputation, an app, website, or merchant can decide whether or not to allow the name’s owner to perform a given action.

Click here to read a summary of our Privacy Policy.

Click here to check the meaning of any terms in capital letters (Definitions) used in this Policy.

How We Collect and Use Information

The following provides examples of the type of information that we collect from you and how we use that information.

Context

Personal Data we Collect

How we Use Data

Account Registration

We may collect your name, display name, unique description and telephone number when you create a GlobaliD account. We also collect information relating to the actions that you perform while logged into your account.

We collect this information to provide you with our Services. We also use your account preferences and transaction history to identify you when you visit our website or use our application.

Cookies and First Party Tracking

We use cookies and clear GIFs. “Cookies” are small pieces of information that a website stores locally on your computer’s hard drive while a website is viewed. See our Cookie Policy for more information.

We use cookies to operate our website and Services efficiently and capture website analytics.

Demographic Information

If you use certain GlobaliD Services, you may give us Consent to collect demographic information about you.

We use certain demographic information to provide tailored Services to our users by identifying when you visit our website or use our application.

Feedback/Support

If you provide us with feedback or contact us for support, we collect your name and email address or GlobaliD Name, as well as any other content that you send to us.

We use this information to receive, respond to, and act upon your feedback or support issues.

Location-based Information

If you use certain GlobaliD Services you may give us Consent to collect information about your general location.

We collect location-based information to provide tailored Services to our users.

Mobile Devices

We collect information from your mobile device such as unique identifying information broadcast from your device when visiting our application.

We use this information to understand how users interact with us on their mobile devices to provide tailored Services.

Messaging

We collect information about your GlobaliD Messenger actions, including who you add or remove from contacts, your chat history, message length, blocked users, and message type, (image or text).

We use your GlobaliD messaging activity to provide the Messenger functionality to our users.

User Information

We collect Personal Data about our users, including but not limited to their name, email address and phone number.

We require user information to provide users with access to our Services, communicate with users and manage accounts, and for safety and security reasons, such as Verifications of accounts. We also use this data pursuant to a contractual agreement with the user.

Website Interactions

We use technology to monitor how you interact with our website. This may include which links you click on or information that you type into our online forms. This may also include information about your device or browser.

We collect website interaction information to make improvements to our website and to understand your preferences. We also collect this information to prevent against malicious, deceptive or fraudulent activity.

Web Logs

We collect information, including your browser type, operating system,Internet Protocol (“IP”) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors.

We use web log information to monitor our networks, conduct analytics, and to prevent fraudulent or illegal activity, including violations to our Terms of Service.

If you use certain Services within the GlobaliD App or the GlobaliD Site, or functionality enabled through GlobaliD SDKs and APIs, third parties may provide information to us and you in the context of those Services. These third parties include business partners, our affiliates, or publicly available sources, including the Verifications provided by our Verification Providers. We retain your data for as long as is necessary and/or required by law.

In addition to the purposes and uses described above, we use information in the following ways:

  1. We process Personal Data relating to GlobaliD Name holders for the purpose of rendering the GlobaliD Service, allowing GlobaliD Name holders to create and use their own portable digital identity and to build their reputation by adding Verifications to their GlobaliD Name.
  2. Anonymous Data: We may create Anonymous Data from the Personal Data we receive about our users. We make Personal Data into Anonymous Data by excluding information (such as your first name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze usage patterns in order to make improvements to the GlobaliD Service.

We may also use your Personal Data that you Consent to allowing GlobaliD access (e.g., GlobaliD Name, public name, public description):

  1. To operate, maintain, and improve the GlobaliD Site, products, and Services;
  2. To manage your account, including to communicate with you regarding your account, if you have an account with us(or use our Services);
  3. To identify you when you visit our website or use our application;
  4. To conduct analytics;
  5. To respond to inquiries related to support, or other requests;
  6. To send information including technical notices, updates, security alerts, and support and administrative messages;
  7. To process financial transactions and other permissions you initiate via our Services; and
  8. As further described herein.

GlobaliD does not use your data for ad targeting.

Legal Bases for Processing Information

We only collect and process Personal Data about you where we have a legal basis for doing so under applicable data protection laws. We process Personal Data in the following ways:

  1. With your Consent where appropriate or legally required;
  2. To perform a contract that you have with us;
  3. For our legitimate interests, including to improve our Services, optimize your experience, or market our Services;
  4. As required by law, such as compliance with a subpoena or similar legal process, when we believe in good faith disclosure is necessary to protect our rights or property, protect your health and safety or the health and safety of others, investigate fraud or respond to a government request.

Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you submit Personal Data to procure GlobaliD Services, we may collect your information to perform our contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete. As a result, our collection and processing of your information is based in different contexts upon your Consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.

How We Share Information

In addition to the specific situations discussed elsewhere in this Policy, we disclose your Personal Data as described in the following situations:

  1. Affiliates and Acquisitions. We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or plans to acquire, our company, business, or our assets, we will also share information with that company, including at the negotiation stage.
  2. Other Disclosures with Your Consent. We may ask if you would like us to share your information with other unaffiliated third parties who are not described elsewhere in this Policy. We do not share your Personal Data unless either you specifically provide your Consent to do so, or we are under a legal obligation to provide your Personal Data according to applicable laws.
  3. Other Disclosures without Your Consent. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or the provision of Services by a third party intermediary.
  4. Service Providers. We may share information with service providers. Among other things service providers may help us to administer our website, application, provide technical support, and/or process payments.

Your Choices

You can make the following choices regarding your Personal Data:

  1. Access Your Personal Data. You may request access to your Personal Data by contacting us at the address below. If required by law, upon request, we will grant you reasonable access to the Personal Data that we have about you. Note that California residents may be entitled to ask us for a notice describing what categories of Personal Data (if any) we share with third parties or affiliates for direct marketing
  2. Change Your Personal Data. We rely on you to update and correct your Personal Data. The GlobaliD Site and GlobaliD App allows you to modify or delete your account profile. If it does not permit you to update or correct certain information or delete your account, you may contact us at the address below in order to request that your information be modified. Note that we may keep historical information in our backup files as permitted by law.
  3. Delete Your Personal Data. Typically, we retain your Personal Data for the period necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. You may, however, request information about how long we keep a specific type of information, or request that we delete your Personal Data by contacting us at the address below. If required by law, we will grant a request to delete information, but you should note that in many situations we must keep your Personal Data to comply with our legal obligations, resolve disputes, enforce our agreements, or for another one of our business purposes. Your information is kept in encrypted form and only parties that you have consented to will have access to such information.
  4. Object to Certain Processing. You may object to our use or disclosure of your Personal Data by contacting us at the address identified below.
  5. Online Tracking. We do not currently recognize automated browser signals regarding tracking mechanisms, which may include “Do Not Track” instructions.
  6. Withdraw your Consent. If you revoke your Consent for the processing of Personal Data, then we may no longer be able to provide you with GlobaliD Services. In some cases, we may limit or deny your request to revoke Consent if the law permits or requires us to do so, or if we are unable to adequately verify your identity. You may revoke Consent to processing (where such processing is based upon Consent) by contacting us at the address described below.

Miscellaneous

The following additional information relates to our privacy practices:

  1. Transmission of Information to Other Countries. As a multi-national company, we transmit information between and among our affiliates and GlobaliD Partners. GlobaliD works with third party Verification Providers that may be located outside the United States. GlobaliD Name holders may choose to share information with these Verification Providers. As a result, your information may be processed in a foreign country where privacy laws may be less stringent than the laws in your country. Nonetheless, where possible we take steps to treat Personal Data using the same privacy principles that apply pursuant to the law of the country in which we first received your information. By submitting your Personal Data to us you agree to the transfer, storage and processing of your information in a country other than your country of residence including, but not necessarily limited to, the United States. If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us using the contact information below.
  2. Scope and Applicability. This Policy applies to GlobaliD Services and Personal Data that we collect, use, store, share, and process from the GlobaliD website, mobile application or other online activities. This Policy does not apply to Personal Data provided to us for recruiting or employment purposes or third party applications/websites, as described below.
  3. Third Party Applications/Websites. We have no control over the privacy practices of websites or applications that we do not own. Our Services allow GlobaliD Name holders to create links to their social and non-social network profiles. GlobaliD Name holders may also place links to their GlobaliD Public Profile on those network sites. This Policy does not cover the privacy practices of such third parties. These third parties have their own privacy policies and we do not accept any responsibility or liability for their websites, features or policies. Please read their privacy policies before you submit any data to them.
  4. Our Policy on Children: GlobaliD Services are not directed to children under 13. To use GiD Services, you must be old enough to consent to the processing of your Personal Information in your jurisdiction. If we learn that a child under 13 has provided us withPersonal Information, GiD will take immediate steps to delete such information. If you learn that a child has provided us with Personal Information, please contact us using the contact information listed below.
  5. Abusive or Inappropriate Information: We ask that you not send us, and that you not disclose, any information that may be considered abusive or inappropriate in the legal jurisdiction in which you reside or operate. Abusive or inappropriate submitted material may be flagged on our platform through community moderation and may be ghosted from public view.
  6. Changes to this Privacy Policy. We may change our Privacy Policy and practices over time. To the extent that this Policy changes in a material way, the privacy policy that was in place at the time that you submitted Personal Data to us will generally govern that information unless we receive your Consent to the new privacy policy. We will note the effective date of the latest version at the beginning of the policy.
  7. Information for California Residents. Sections 1798.115(c), 1798.130(a)(5)(c), 1798.130(c), and 1798.140 indicate that organizations should disclose whether certain categories of information are collected, “sold” or transferred for an organization’s “business purpose”(as those terms are defined under California law). You can find a list of the categories of information that we collect and share here. Please note that because this list is comprehensive it may refer to types of information that we share about people other than yourself. If you would like more information concerning the categories of Personal Data (if any) we share with third parties or affiliates for those parties to use for direct marketing, please submit a written request to us using the information in the “Contact Information” section below.  We do not discriminate against California residents who exercise any of their rights described in this Privacy Policy.
  8. This Privacy Policy and the rights and obligations hereunder shall be governed by and construed in accordance with the laws applicable to GlobaliD Services according to the relevant Terms of Service.

Contact Information

If you have any questions, comments, or complaints concerning our privacy practices, please contact us at the address below. We will attempt to respond to your requests and to provide you with additional privacy-related information.

You may contact us via email at privacy@global.id or contact us by mail at GlobaliD, 6114 La Salle Ave, #541, Oakland CA 94611.

If you are not satisfied with our response, and are in the European Union, you may have a right to lodge a complaint with your local supervisory authority.

Privacy Policy: Summary

1. Period for which your Personal Data will be stored

  • We will retain your Personal Data as long as necessary to render the GlobaliD Service and/or to comply with our legal obligations.

2. Automated decision-making, including profiling

  • We do not use your Personal Data for the purposes of automated decision-making. However, we may do so in order to fulfill obligations imposed by law, in which case we will inform you of any such Processing and provide you with an opportunity to object, as allowable by law.

3. How GlobaliD protects your Personal Data

  • Only the Personal Data you choose to designate public will be available publicly. While you may add, edit, and/or delete data you have made public, you acknowledge that once data has been made public, any and every one may have had access to, and made use of, your public data. We, and other third parties, may have made copies and preserved any public data that you have added, edited, and/or deleted.

For Personal Data that you have not designated public:

  • To protect your Personal Data from unauthorized access and use, we use security measures including computer safeguards.
  • We also maintain other physical, electronic and procedural safeguards to protect your Personal Data that you have Consented GlobaliD access to and we limit information access to employees for whom access is appropriate.
  • Your Personal Data are stored on our servers in an encrypted state such that only you or anyone to whom you specifically Consent to provide access can decrypt your Personal Data.
  • A copy of your information is stored in an encrypted vault which can be accessed in response to appropriate requests such as court orders, legal investigation, or requests by service providers to which you explicitly Consent to provide access.

4. Who can you contact if you have further questions or requests about your privacy?

Privacy Policy: Definitions

Anonymous Data

  • Data and information that does not permit you to be identified or identifiable, either alone or when combined with any other information available to a third party.

Consent

  • Any freely-given, specific, informed and unambiguous indication of the GlobaliD Name holder’s wishes by which he/she, through a statement or clear affirmative action, signifies agreement to the Processing of Personal Data relating to him/her.
  • Any GlobaliD user may withdraw his or her Consent; however, it will be subject to the applicable laws and regulations, including, but not limited to, data retention requirements.

Controller

  • The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
  • GlobaliD Name holders are Controllers of their own Personal Data associated with their GlobaliD Names, including Verifications, while GlobaliD acts as a Processor on behalf of GlobaliD Name holders facilitating them in creating, managing and using their own GlobaliD Names.

GlobaliD App

  • Mobile applications published by GlobaliD and available at Apple App Store and Google Play Store.

GlobaliD Directory

  • The public list of GlobaliD Names claimed by GlobaliD Name holders and associated Public Profile.
  • The GlobaliD Directory is available on the GlobaliD Site and via public API.
  • Access to the GlobaliD Directory is for authenticatedGlobaliD users that are authorized to use the data, consistent with the GlobaliD Terms of Use.
  • The information that appears in the GlobaliD Directory is determined by the Name holders themselves and not by GlobaliD.

GlobaliD Identity Name System (“INS”)

  • A registry of unique GlobaliD Names for every person or entity that uses the GlobaliD Service or seeks authorized access to participating GlobaliD interoperable third-party services.

GlobaliD Name

  • The name(s) chosen by each GlobaliD user, which represents his/her identity.
  • Every person and entity in GlobaliD has a GlobaliD Name.
  • No two parties can have the same GlobaliD Name, but GlobaliD Name holders can have multiple GlobaliD Names.

GlobaliD Nameholder (“Nameholder”)

  • The holder of a GlobaliD Name.

GlobaliD Partners

  • Any third party that accepts GlobaliD as a means of establishing identity.

GlobaliD Public Verifications Database

  • The list of Verification Types attached to GlobaliD Name holders.
  • GlobaliD Public Verifications Database is available on the GlobaliD Site or via API.

GlobaliD SDKs and APIs

  • The software development kits (“SDKs”) and application programming interfaces (“APIs”) designed and licensed by GlobaliD that third parties will be used to enable certain GlobaliD features.

GlobaliD Service

  • The functionality provided on the GlobaliD platform.
  • The functions and features provided to GlobaliD Name holders through GlobaliD that are created and operated by third party vendors with whom GlobaliD contracts, and that GlobaliD does not create and/or host itself.

GlobaliD Site

  • The main global.id website, including any subdomains, as well as any other websites GlobaliD owns and hosts.

Personal Data

  • Any information relating to an identified or identifiable natural person (“data subject”).
  • An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Policy

  • The GlobaliD Privacy Policy.

Privacy Rights

  • Your right to request from GlobaliD access to, and/or rectification and/or erasure, and/or restriction of Processing of your Personal Data, and/or to object toProcessing, and/or the right to data portability.
  • You have the right to withdraw Consent to any Processing based on your Consent; however, in some cases, we may limit or deny your request to revoke Consent if the law permits or requires us to do so, or if we are unable to adequately verify your identity.
  • You also have the right to lodge a complaint with a supervisory authority.

Processing (of Personal Data)

  • Any operation or set of operations which is performed by GlobaliD on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor

  • A natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.
  • GlobaliD Name holders are Controllers of their own Personal Data associated with their GlobaliD Names, including Verifications, while GlobaliD acts as a Processor on behalf of GlobaliD Name holders facilitating them in creating, managing and using their own GlobaliD Names.

Public Profile

  • The information that GlobaliD users choose to make public. Note, users may choose to not make any information public.

Recipient(s)

  • A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed by GlobaliD Name holders.

Verifications

  • Verification of certain data collected by GlobaliD Name holders from Verification Providers.
  • Verifications may include Personal Data.
  • Verifications are attached to the relevant GlobaliD Name holder.
  • The type of Verifications attached to a GlobaliD Name (not the Personal Data behind those types of Verifications) are visible on the GlobaliD Database.
  • GlobaliD does not audit or verify the validity, accuracy or certainty of Verifications.
  • Verifications are the sole responsibility of GlobaliD Name holders and Verification Providers.

Verification Provider

  • A third party from which GlobaliD Name holder collects Verifications, which the GlobaliD Name holder then attaches to his/her GlobaliD Name.

Verification Type

  • Refers to the object of a Verification, e.g. “Passport number”.
  • Verification Types do not include any Personal Data.
  • Verification Types are visible in the GlobaliD Public Verifications Database.

Voluntary Personal Data

  • The Personal Data you voluntarily provide us when you create your GlobaliD Name or any time afterwards.