1. What We Mean by Personal Information
2. Information We Collect
Information You Provide To Us
When you use the Services or otherwise communicate with us, we collect information that you provide to us directly. For example, we collect information in the following circumstances: when you (i) visit the Site, (ii) register for the Services or create an account or profile or accept the creation of an account or profile on your behalf (an “Account”), (iii) access the Services through third party services, (iv) subscribe to newsletters; (v) invite your friends to join the Services, “share” the Services on social networking sites or perform other similar actions; (vi) request technical support; (vii) otherwise use our online Services where Personal Information is required for such use and/or participation, (viii) when you sign up for a newsletter, and (ix) when you contact us via the Site or when you otherwise communicate with us. You can choose not to provide information that is requested of you by us; however, this may limit your ability to use or access the Services.
The information you provide to us directly may include, without limitation, the following information that may, alone or in combination with other data, constitute Personal Information:
Moreover, if you contact us, a record of such correspondence may be kept.
Additionally, if another user refers you to us by providing us with your e-mail address, we may send you a message. However, we will use your e-mail address only to send such other user’s message unless you otherwise affirmatively provide your information to us.
Automatically Collected Information
Most of the data we collect in and through the Site and the Services is technical in nature and is collected and processed automatically through so-called application programming interfaces, software development kits, cookies and similar software-based technologies. Alone or in combination with other data, such automatically collected data may constitute Personal Information. The data we may collect by automated means may include, without limitation:
Google Analytics is an element of the Site. By using cookies, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the Site, the Internet Protocol address, and the type of operating system used in the devices used to access the Site. By using a browser plugin available at http://www.google.com/ads/preferences/plugin/ provided by Google, you can opt out of Google Analytics.
Information You Share on Third Party Websites
The Services may include links to third party websites. Your use of these third party websites may result in the collection or sharing of information about you by these third party websites. We encourage you to review the privacy policies and settings on the third party websites with which you interact to make sure you understand the information that may be collected, used, and shared by those third party websites.
The following sets out how we may use different categories of cookies and your options for managing cookie settings:
We and our service providers may also use “pixel tags,” “web beacons,” “clear GIFs,” or similar means in connection with the Services and HTML-formatted email messages to, among other things, track the actions of users, to determine the success of marketing campaigns and to compile aggregate statistics about Site usage and response rates.
3. Use of Collected Information
We use the information you provide to us for the following purposes: (i) to further our legitimate interests in providing the Services, including without limitation to collect and remit payment for paid features, (ii) to administer your use of the Services and any Accounts you may have with us, (iii) to personalize your experience, (iv) to provide to you Service announcements or inform you of new releases and features, (v) to provide you with further information and offers from us that we believe you may find useful or interesting, such as newsletters, marketing or promotional materials, (vi) to perform tasks on behalf of and according to instructions of a third party, such as payment processors or third party-service providers, (vii) to enforce our Terms of Service, (viii) to resolve any disputes between users of the Site or between such users and us, (ix) comply with a legal requirement or process, including, but not limited to, civil and criminal subpoenas, court orders or other compulsory disclosures; (x) to further our legitimate interest in protecting our rights, property, or safety and the rights, property and safety of the Services, our users or the public, and (xi) to contact you to obtain feedback from you regarding the Site and the Services.
In addition to the purposes described above, we use the information collected automatically to (i) to further our legitimate interests in monitoring and analyzing the use of the Services and for the technical administration of the Site, (ii) improve the Site and the Services, (iii) generate and derive useful data and information concerning the interests, characteristics and website use behavior of our users, and (iv) verify that users of the Services meet the criteria required to process their requests. We may use demographic and geo-location, as well as information logged from your hardware or device, including data such as IP address, device model and ID, MAC address, operating system, application usage data, device time zone, region and language, and click ID, to ensure relevant advertising is presented within the Services.
4. Third Parties We Share Personal Information With
We may disclose Personal Information you provide to us or that we collect automatically on the Site and in and through the Services with the following categories of third parties:
5. Links to Other Websites
We understand the importance of privacy and security of Personal Information to our users and have made them a priority. BotNot uses a variety of industry-standard security technologies and procedures to help protect Personal Information about you from unauthorized access, use, or disclosure and trains BotNot employees on privacy and security issues. However, we cannot guarantee that unauthorized third parties will never be able to overcome those measures or use your Personal Information for improper purposes, and we do not promise that Personal Information about you or private communications will be protected from unauthorized disclosure or use.
7. Do Not Track Signals and Similar Mechanisms
Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.
8. Managing Your Privacy
9. Your Rights
We take steps to help ensure that you are able to exercise your rights regarding Personal Information about you in accordance with applicable law. If you would like to access, review, erase, withdraw your consent, or object to, or restrict the processing of Personal Data we collect about you, you may submit a request to email@example.com. We will promptly review all such requests in accordance with applicable laws. Depending on where you live, you may also have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning Personal Information about you. We encourage you to first reach out to us at firstname.lastname@example.org, so we have an opportunity to address your concerns directly before you do so.
10. California Residents
California Civil Code Section 1798.83 requires certain businesses that share customer Personal Information with third parties for the third parties’ direct marketing purposes to respond to requests from California customers asking about the businesses’ practices related to such information-sharing. We currently do not share or disclose your Personal Information to third parties for the third parties’ direct marketing purposes. If we change our practices in the future, we will implement an opt-out policy as required under California laws.
Furthermore, subject to certain exemptions, California residents have the following rights with respect to Personal Information we may have collected about them:
Requests to Know
You have the right to request that we disclose:
You may submit a request to know via https://www.yofi.ai/information-request. The delivery of our response may take place electronically or by mail. We are not required to respond to requests to know more than twice in a 12-month period.
Requests to Delete
You have the right to request that we delete any Personal Information about you that we have collected. Upon receiving a verified request to delete Personal Information, we will do so unless otherwise required or authorized by law. You may submit a request to delete Personal Information via https://www.yofi.ai/information-request.
You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.
Methods for Submitting Consumer Requests and Our Response to Requests
You may submit a request for access and requests to delete Personal Information about you via:
Upon receipt of a request, we may ask you for additional information to verify your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose. We will acknowledge the receipt of your request within 10 days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. In order to protect your privacy and the security of Personal Information about you, we verify your request by authenticating your Account or asking for submission of identifying information, such as a driver’s license or other photo identification. In addition, if you do not have an Account and you ask us to provide you with specific pieces of Personal Information, we reserve the option to require you to sign a declaration under penalty of perjury that you are the user whose Personal Information is the subject of the request.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
The Right to Non-Discrimination
You have the right not to be discriminated against for the exercise of your California privacy rights described above. Unless permitted by the CCPA, we will not:
11. International Transfers of Personal Information
BotNot is based in the United States. As a result, Personal Information that we collect in and through the Services and on the Site may be transferred to our U.S. offices. In addition, we may work with third-party service providers in the U.S. and in other countries to support our business activities. Thus, Personal Information may be transferred to, stored on servers in, and accessed from the United States and countries other than the country in which the Personal Information was initially collected. In all such instances, we use, transfer, and disclose Personal Information solely for the purposes described in this Privacy Notice and in compliance with applicable laws.
Additional Disclosures for Data Subjects in the United Kingdom, European Economic Area (EEA), and Switzerland
I. International Transfers
Where we transfer your Personal Data to another country outside the UK, EEA and / or Switzerland, we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to data being transferred outside the UK and/or EEA, for example, this may be done in one of the following ways:
You can obtain more details of the protection given to your Personal Data when it is transferred outside the UK, EEA and/or Switzerland (including a copy of the standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in Section 14 below. Please note, following recent decisions invalidating the adequacy of the EU-U.S. and Swiss-U.S. Privacy Shields, we no longer rely on the Privacy Shields for cross-border personal data transfers.
II. Legal Basis for Processing
We have listed the use of your Personal Data by us in Section 3 above. The legal grounds on which we process the Personal Data for those uses includes; if you consent to the processing, to satisfy our legal obligations, if it is necessary to carry out our obligations arising from any contracts we entered with you or to take steps at your request prior to entering into a contract with you, or for our legitimate interests to providing our services to our customers and the effective management of BotNot and to protect our property, rights or safety of BotNot, our customers or others. If data processing is based on consent, note that you have the right to withdraw your consent at any time, but that the withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
III. Your Privacy Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data, such as:
The rights described above may not be absolute and are limited by applicable laws.
You can exercise your privacy rights by contacting us via email at email@example.com. We will handle your request under applicable law. When you make a request, we may verify your identity to protect your privacy and security.
IV. International and Onward Transfers of Data
For individuals located in the European Economic Area (“EEA”), United Kingdom, or Switzerland: Where personal data are transferred to a third country or to an international organisation, BotNot implements appropriate safeguards, such as contractual obligations, and standard contractual clauses adopted by the European Commission relating to the transfer.
You also have a right to lodge a complaint with a competent supervisory authority situated in a member state of your habitual residence, place of work, or place of alleged infringement. You can find the relevant supervisory authority name and contact details here for individuals located in the EEA and here for individuals located in the United Kingdom.
12. Data Retention
We keep Personal Information related to your Account for as long as it is needed to fulfill the purposes for which it was collected, to provide our services, to deal with possible legal claims, to comply with our business interests and/or to abide by all applicable laws. Thereafter, we either delete Personal Information about you or de-identify it. Please note that even if you request the deletion of Personal Information about you, we may be required (by law or otherwise) to retain the Personal Information and not delete it. However, once those requirements are removed, we will delete Personal Information about you in accordance with your request.
14. Contacting Us
Enhance your business with Yofi, a cutting-edge identity platform designed to safeguard profits and ensure data integrity by filtering out bad actors and fake profiles. Get started with a complimentary report.