Privacy Policy.
Last updated: May 10, 2023
Welcome to Indicia Labs. We take your privacy seriously and know you do too. This Privacy Policy (“Policy”) is here to help you understand how we collect, use, disclose, and process your personal data. We also describe your rights and choices with respect to how we process your personal data. Please read this Policy carefully.
This is the Policy of Indicia Labs, Inc. (“Indicia Labs”, “us”, “our” or “we”), a Delaware corporation with offices at 75 E Santa Clara St, San Jose, CA 95113. You can contact us by emailing us at connect@indicia.io.
APPLICABILITY
This Privacy Policy applies to our “Services”, which include our websites that link to/post this Privacy Policy, including Sophia data insight service, and any subdomains or mobile versions (the “Site(s)” and mobile applications (the “Mobile App(s)”).
AGREEMENT
This Policy is incorporated into the Terms of Use [https://www.indicia.io/terms-of-use] governing your use of any of our Services. Any capitalized terms not defined in this Privacy Policy will have the definitions provided in our Terms of Use.
Following notice to you or your acknowledgment of this Privacy Policy (including any updates), your continued use of any of our Services indicates your consent to the practices described in this Policy.
THIRD PARTIES
Indicia Labs provides its users (“Users”) with insights on the crypto currency marketplace. We provide a platform for use by Users, and this Policy reflects the data processed and activities undertaken through our Services. However, the Policy does not apply to the User’s own uses of data, including processing they may choose to undertake that is not described in, or different from, this Policy.
Furthermore, this Policy does not apply to information processed by other third parties, for example, when you visit a third-party website or interact with third-party services, unless and until we receive your information from those parties. Please review any third parties’ privacy policies before disclosing information to them.
COLLECTION AND USE OF PERSONAL DATA
DATA WE COLLECT
We collect and process the following types of information, including data that relates to identified or identifiable individuals (“Personal Data”) (note, specific Personal Data elements listed in each category are only examples and may change):
Identity Data: Personal Data about you and your identity, such as your name, gender, date of birth, photo/avatar, username, and other Personal Data you may provide on applications, registration forms, or as part of an account profile (e.g. biographical information).
Transaction Data: Personal Data we collect in connection with a transaction or purchase, such as the item you purchased, the price, the delivery location, zip code, and other similar information.
Contact Data: Personal Data used to contact an individual, e.g. email address(es), physical address(es), phone number(s), or social media or communications platform usernames/handles, as well as a name or other salutation.
Financial Data: Personal Data relating to financial accounts or services, e.g. a credit card, bank, or other financial account numbers, and other relevant information you provide in connection with a financial transaction.
Device/Network Data: Personal Data relating to your device, browser, or application e.g. IP addresses, MAC addresses, application ID/AdID/IDFA, identifiers from cookies, session navigation history and similar browsing metadata, and other data generated through applications and browsers, including cookies and similar technologies.
Location Data: Personal Data relating to your precise location, such as information collected from your device’s GPS or other precise localization service.
Special Category Data: Personal Data revealing racial, national, or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, health information, or information relating to sex life or sexual orientation.
Custom Content: Custom Content: Information that a user provides in a free text or other unstructured format, or pursuant to custom fields created by a User; this may include Personal Data or Special Category Data to the extent provided by the user.
HOW WE COLLECT PERSONAL DATA
We collect Personal Data from various sources based on the context in which the Personal Data will be processed:
You: We collect Personal Data from you directly, for example, when you input information into an online form, sign up for a waiting list, register, or contact us directly.
Your Device: We may collect certain Personal Data automatically from your devices. For example, we collect Device/Network Data automatically using cookies and similar technologies when you use our Services, access our Sites, or when you open our marketing communications.
Service Providers: We receive Personal Data from third parties with whom we have a relationship in connection with a relevant transaction, or who collect information on our behalf.
Data we create or Infer: We (or third parties operating on our behalf) create and infer Personal Data (such as Inference Data) based on our observations or analysis of other Personal Data we process, and we may correlate this data with other data we process about you.
PROCESSING OF PERSONAL DATA
USER ACCOUNT REGISTRATION
Users may register and create an account on our Services. When you register, we process certain Personal Data such as Identity Data and Contact Data. We may also process certain Financial Data if you choose, for example, to purchase products and services through our Service. We use Identity Data and Contact Data as necessary to create, maintain, and provide you with important information about your account. Financial Data provided at registration will be used only as necessary to process transactions at your request or to store payment information for future purchases.
USER COMMENTS, MESSAGING AND CUSTOM CONTENT
We process Identity Data, Contact Data, and if provided, Custom Content when you use our Services to fill out forms, message the User, or if you otherwise submit any Custom Content (e.g. on a comment board or other free form content submission form).
We use Identity Data and Contact Data as necessary to carry out the processes and transactions you request. Subject to your rights and choices, we may also use Identity Data to improve our Services. We do not screen messages, comments or other postings for personal or inappropriate content.
COOKIES AND SIMILAR TECHNOLOGIES
We, and certain third parties, may process Device/Network Data when you interact with cookies and similar technologies. We may receive this data from third parties to the extent allowed by the applicable partner. Please note that the privacy policies of third parties may apply to these technologies and information collected.
In connection with our legitimate interests in providing and improving the user experience and efficiency of our Services, and understanding information about the devices and demographics of visitors to our Services, we use this information (i) for “essential” or “functional” purposes, such as to enable various features of the Services such as your browser remembering your username or password, maintaining a session, or staying logged in after a session has ended; (ii) for analytics and site performance purposes, such as tracking how the Services are used or perform, how users engage with and navigate through the Services, what sites users visit before visiting our Services, how often they visit our Services, and other similar information; and (iii) for the purpose of displaying advertisements via retargeting to those users who visited our Site or who may be interested in our Service.
Some of these technologies can be used by third parties to identify you across platforms, devices, sites, and services.
There are various ways in which you can manage and control your cookie settings. Please remember that, by deleting or blocking cookies, some of the features of the Services may not work properly or as effectively.
BUSINESS PURPOSES OF PROCESSING
In addition to the processing described above, we generally process Personal Data for several common purposes in connection with our business. For example:
Operate our Services and Fulfill Obligations: We process any Personal Data as is necessary to provide the Services, and as otherwise necessary to fulfill our obligations to you, e.g. to provide you with the information, features, and services you request.
Personalization/Customization: We process Personal Data (excluding Special Category Data) as necessary in connection with our legitimate business interest in personalizing our Services. For example, aspects of the Services may be customized to you so that it displays your username, to reflect appearance or display preferences, display recent or commonly used features or data, or other similar functionality.
Internal Processes and Service Improvement: We process Personal Data (excluding Special Category Data) as necessary in connection with our improvement of the design of our Services, understanding how our Services are used or function, for customer service purposes, in connection with the creation and analysis of logs and metadata relating to service use, and for ensuring the security and stability of the Services. Additionally, we may use Personal Data to understand what parts of our Service are most relevant to users, how users interact with various aspects of our Services, how our Services perform or fail to perform, etc., or we may analyze use of the Services to determine if there are specific activities that might indicate an information security risk to the Services or our Users.
MARKETING COMMUNICATIONS
Data: We may process Identity Data and Contact Data in connection with email marketing communications, including (i) when you register for an account, and choose to enroll, or are enrolled to receive marketing communications; (ii) when you open or interact with our marketing communications; (iii) when you contact us directly, or express an interest in our products and services; and (iv) when you open or interact with affiliated marketing communications.
Uses: We use Identity Data and Contact Data as necessary to provide marketing communications, and consistent with our legitimate business interests, we may send you marketing and promotional communications if you sign up for such communications or purchase services from us. See Your Rights and Choices for information about how you can limit or opt out of this processing.
AGGREGATE ANALYTICS
We process Personal Data (excluding Facial Recognition Data or Special Category Data) as necessary in connection with our creation of aggregate analytics relating to how our Services are used, company and investment trends, to understand how our service performs, and to create other reports regarding the use of our Services, demographics of our Users, and other similar information and metrics.
The resulting aggregate data will not contain information from which an individual may be readily identified. This processing is subject to users' rights and choices.
COMPLIANCE, HEALTH, SAFETY & PUBLIC INTEREST
Note that we may, without your consent or further notice to you, and to the extent required or permitted by law, process any Personal Data subject to this Policy for purposes determined to be in the public interest or otherwise required by law. For example, we may process information as necessary to fulfill our legal obligations, to protect the vital interests of any individuals, or otherwise in the public interest or as required by a public authority. Please see the data sharing section for more information about how we disclose Personal Data in extraordinary circumstances.
OTHER PROCESSING OF PERSONAL DATA
If we process Personal Data in connection with our Services in a way not described in this Policy, this Policy will still apply generally (e.g. with respect to Users' rights and choices) unless otherwise stated when you provide it.
DATA SHARING
Information we collect may be shared with a variety of parties, depending upon the purpose for and context in which that information was provided. We generally transfer Personal Data to the following categories of recipients:
Service Providers: In connection with our legitimate business interests or other business purposes, we may share your Personal Data with service providers or subprocessors who provide certain services or process data on our behalf. For example, we may use cloud-based hosting providers to host our Sites or disclose information as part of our own internal operations, such as security operations, internal research, etc.) We disclose Special Category Data to service providers only with your consent where required by law.
Affiliates: In order to streamline certain business operations, develop products and services that better meet the interests and needs of our customers, and inform our customers about relevant products and services, we may share your Personal Data with any of our current or future affiliated entities, subsidiaries, and parent companies.
Corporate Events: Your Personal Data may be processed in the event that we go through a business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, Personal Data may be part of the assets transferred, or may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction.
Legal Disclosures: In limited circumstances, we may, without notice or your consent, access and disclose your Personal Data, any communications sent or received by you, and any other information that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Use, or in the vital interests of us or any person. Note, these disclosures may be made to governments that do not ensure the same degree of protection of your Personal Data as your home jurisdiction. We may, in our sole discretion (but without any obligation), object to the disclosure of your Personal Data to such parties
YOUR RIGHTS AND CHOICES
YOUR RIGHTS
Applicable law may grant you rights in your Personal Data. These rights vary based on your location, state or country of residence, and may be limited by or subject to our rights in your Personal Data. In cases where we process Personal Data on our own behalf, you may exercise rights you have by contacting us. All rights requests we receive directly must be verified to ensure that the individual making the request is authorized to make that request, to reduce fraud, and to ensure the security of your Personal Data. We may require that you log in to your account or verify that you have access to your account or the email on file in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf. For information regarding your rights in the EU/EEA/Swiss, or your California Privacy Rights, please see below.
YOUR CHOICES
You may have the following choices regarding the Personal Data we process, to the extent required under applicable law:
Consent: If you consent to processing, you may withdraw your consent at any time, to the extent required by law.
Direct Marketing: You have the choice to opt-out of or withdraw your consent to processing related to direct marketing communications. You may have a legal right not to receive such messages in certain circumstances, in which case, you will only receive direct marketing communications if you consent. You may exercise your choice via the links in our communications or by contacting us re: direct marketing.
Location Data: You may control or limit Location Data that we collect by changing your preferences in your device’s location services preferences menu, or through your choices regarding the use of Bluetooth, WiFi, and other network interfaces you may use.
Online Advertising: You may opt out or withdraw your consent to behavioral advertising. You must opt out of third-party services directly via the third party. For example, to opt out of Google’s use of cookies, visit Google’s Ads Settings, here. If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp.
Other Processing: You may have the right under applicable law to object to our processing of your Personal Data for certain purposes. You may do so by contacting us re: data rights requests. Note that we may not be required to cease processing based solely on an objection.
SECURITY
We follow and implement reasonable security measures to safeguard the Personal Data we process. While we may require our service providers to follow certain security practices, we do not have control over and will not be liable for third parties’ security processes. We do not warrant perfect security and we do not provide any guarantee that your Personal Data or any other information you provide us will remain secure.
DATA RETENTION
We retain Personal Data for the periods stated above, or if none, for so long as it remains relevant to its purpose or for so long as is required by law (if longer). We will review retention periods periodically, and if appropriate, we may pseudonymize or anonymize data held for longer periods.
MINORS
Our Services are intended for use by Users and are neither directed at nor intended for direct use by individuals under the age of 16. Further, we do not knowingly collect Personal Data directly from such individuals. If we learn that we have inadvertently done so, we will promptly delete it. Do not access or use the Services if you are not of the age of majority in your jurisdiction unless you have the consent of your parent or guardian.
INTERNATIONAL TRANSFERS
We operate and use service providers located in the United States. If you are located outside the U.S., your Personal Data may be transferred to the U.S. The U.S. does not provide the same legal protections guaranteed to Personal Data in the European Union. Accordingly, your Personal Data may be transferred to the U.S. pursuant to the EU-U.S. Privacy Shield Framework, the Standard Contractual Clauses, or other adequacy mechanisms, or pursuant to exemptions provided under EU law.
EU-U.S. PRIVACY SHIELD
We comply with the EU-U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce with respect to the processing of Personal Data from European Union member countries as described in this Privacy Policy. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. Furthermore, we require third party recipients of EU residents’ Personal Data to agree to respect these principles, and we accept liability for third parties’ processing of EU residents’ data to the extent required by law.
If there is any conflict between this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov. You may view the list of Privacy Shield companies here.
We encourage users to contact us if you have any concerns about our compliance with this Privacy Policy and the Privacy Shield Framework. In compliance with the EU-U.S. Privacy Shield Principles, we commit to resolving complaints about your privacy and our collection or use of your Personal Data. EU residents with inquiries or complaints regarding this Privacy Policy should first contact us at the address below. We will respond to complaints from EU residents within 45 days.
In compliance with the Privacy Shield Principles, Indicia Labs commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Indicia Labs at: connect@indicia.io
Indicia Labs has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com for more information or to file a complaint. The services of JAMS are provided at no cost to you. Under certain circumstances, these dispute resolution processes may result in your ability to invoke binding arbitration. As a U.S. company, we are also subject to the investigatory and enforcement power of the FTC regarding our compliance with the Privacy Shield Framework and this Privacy Policy, and users may direct complaints to the FTC in the event the dispute resolution processes described above is unsatisfactory.
YOUR EU/EEA PRIVACY RIGHTS
Users of our Services in the EU/EEA/Switzerland (and certain other countries) may have the following rights:
Access: You may have a right to know what information we collect, use, disclose, or sell, and you may have the right to receive a list of that Personal Data and a list of the third parties (or categories of third parties) with whom we have received or shared Personal Data, to the extent required and permitted by law.
Rectification: You may correct any Personal Data that we hold about you to the extent required and permitted by law.
Delete: To the extent required by applicable law, you may request that we delete your Personal Data from our systems. We may delete your data entirely, or we may anonymize or aggregate your information such that it no longer reasonably identifies you. Contact us as part of your request to determine how your Personal Data will be erased in connection with your request.
Data Export: To the extent required by applicable law, we will send you a copy of your Personal Data in a common portable format of our choice.
Right to Object: Where we process Personal Data on the basis of our legitimate interests, you can object to that processing to extent allowed by law. Note that we must only limit processing where our interests in processing do not override an individual’s interests, rights, and freedoms, or the processing is not for the establishment exercise, or defense of a legal claim
Right to Restrict: You may have the right to restrict processing of your Personal Data where the accuracy of the Personal Data is contested, the processing is unlawful but you object to deleting the Personal Data, or we no longer require the Personal Data, but it is still required for the establishment, exercise, or defense of a legal claim, or while we assess an objection to processing.
Automated Processing: To the extent we process Personal Data using automated means (if any), or where otherwise required by law, you may opt-out of, or revoke your consent, to this processing or elect to have an individual review any of the results of processing.
Regulator Contact: You may have the right to file a complaint with regulators about our processing of Personal Data. To do so, please contact your local data protection or consumer protection authority.
YOUR CALIFORNIA PRIVACY RIGHTS
Under the California Consumer Privacy Act (“CCPA”) and other California laws, California residents may have the following rights, subject to your submission of an appropriately verified request (see below for verification requirements):
PRIVACY RIGHTS
Right to Know: You may have the right to request any of following, for the 12 month period preceding your request: (1) the categories of Personal Data we have collected about you, or that we have sold, or disclosed for a commercial purpose; (2) the categories of sources from which your Personal Data was collected; (3) the business or commercial purpose for which we collected or sold your Personal Data; (4) the categories of third parties to whom we have sold your Personal Data, or disclosed it for a business purpose; and (5) the specific pieces of Personal Data we have collected about you.
Right to Delete: You may have the right to delete certain Personal Data that we hold about you, subject to exceptions under applicable law.
Right to Non-Discrimination: You may have the right to not to receive discriminatory treatment as a result of your exercise of any rights conferred by the CCPA.
Direct Marketing: You may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes (if any) during the preceding calendar year.
Opt-Out of Sale: If we engage in sales of Personal Data (as defined by applicable law), you may direct us to stop selling or disclosing Personal Data to third parties for commercial purposes. At this time, we do not sell Personal Data.
SUBMISSION OF RIGHTS REQUESTS
You may submit requests by contacting us (see below for summary of required verification information).
VERIFICATION OF RIGHTS REQUESTS
All rights requests must be verified to ensure that the individual making the request is authorized to make that request, to reduce fraud, and to ensure the security of your Personal Data. We may require that you provide the email address we have on file for you (and verify that you can access that email account) as well as an address, phone number, or other information we have on file, in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.
CHANGES TO OUR PRIVACY POLICY
We may change this Privacy Policy from time to time. Changes will be posted on this page with the effective date. Please visit this page regularly so that you are aware of our latest updates. Your acknowledgment of these changes or use of the Services following notice of any changes (as applicable) indicates your acceptance of any changes.
CONTACT US
Feel free to contact us with questions or concerns using the appropriate address below.
General inquiries: connect@indicia.io