Last Updated August 18th, 2023 (v1.0)
Information We Collect and Maintain
We collect information from you directly when you provide it to us via the Services. We may also collect information about you from third party service providers. We automatically collect certain information about you and your smartphone when you use, access, or interact with the Services.
Personal Data, meaning information that relates to an identified or identifiable individual, collected through the Services include: (1) Name and contact information, including name, email address, address, and phone number; (2) Demographic data, including birthdate and age; (3) Government documents and identifiers, such as passports and government-issued IDs; and, Video and Photos of you.
Our Services may also collect the following from you, our Client, or third parties: (1) Current and previous name and contact information, including name, email address, address, and phone number; (2) Demographic data, including birthdate and age, gender, marital status, and similar demographic details; (3) Device information, including IP address, device type, your device’s operating system, browser, cookie and device identifiers, and other software including type, version, language, settings, and configuration; (4) Account information, such as details about your account with our Client or other third parties; and, (5) Biometric Data, including a scan of your facial geometry based on the photos you provide. For more information about Biometric Data, see the Facial Scan and Biometrics Information section below.
Based on the Personal Data we collect from you and other sources, we infer information about you for identity verification and fraud prevention purposes. You provide Personal Data to us at the direction of our Clients so that our Client may verify your identity and/or prevent fraud. In the course of performing the Service, we may also obtain Personal Data from other sources such as third party databases, government records, and other publicly available sources. The Personal Data we collect varies based on what you provide, what the Client has directed us to analyze, and what Personal Data is available from third parties.
We use Personal Data to provide our Clients with the Service so they can verify the identity of individuals and prevent fraud. This processing is necessary to perform our contract with our Clients. As part of performing the Service, we use Personal Data to improve and troubleshoot our Services.
How We Disclose Your Personal Data
We may engage third parties to assist us in providing the Services, in which case we may disclose Personal Data to them. We may also disclose Personal Data to service providers, including hosting, cloud services and other information technology services providers; email communication and SMS software providers; and identity verification services, background check providers, public and private records database providers, consumer reporting services, and fraud and identity management providers. For example, we may disclose your name and address to a third party database provider in order to request information they may have about you. Pursuant to our instructions, these parties will access, process or store Personal Data while performing their duties to us. We may also disclose Personal Data when required to do so by law.
Information on Facial Geometry and Biometrics Scans
Chipper Compliance, acting as a service provider to our Clients: (1) compares the data from a scan of facial geometry extracted from the government identification document that you upload to the data from a scan of facial geometry extracted from the photos of your face that you upload, in order to help verify your identity (“Verification”); and, (2) may also use your information, including data from scans of facial geometry extracted from the government identification document and photos of your face that you upload, to detect and prevent fraud (“Fraud Prevention”).
The images obtained from government identification document and photos of your face that you upload, and data from scans of facial geometry extracted from the government identification document and photos of your face that you upload, are collected, used and stored directly by Chipper Compliance on behalf of Client as Client’s service provider through Client’s website or app that you accessed. Depending on our relationship with the Client, the Client may upload your government identification document and photos of your face directly to us.
We securely store all photos of identity documents that you upload, photos of your face that you upload, and data from scans of facial geometry extracted from the photos of your face that you upload in an encrypted format. We use the reasonable standards of care within its industry to store, transmit, and protect from disclosure data from scans of facial geometry extracted from the photos of your face that you upload in a manner that is the same as or more protective than the manner in which it stores, transmits, and protects other confidential and sensitive information. We will not sell, lease, trade, or, other than to provide the Verification and Fraud Prevention services to Clients described in this Policy, otherwise benefit from data from scans of facial geometry extracted from the photos of your face that you upload. Other than as set forth herein, we will not disclose, redisclose, or otherwise disseminate data from scans of facial geometry extracted from the photos of your face that you upload unless doing so: (1) we complete a Client transaction requested and authorized by you or your legally authorized representative; (2) we’re required by state or federal law, or municipal ordinance; (3) we’re required pursuant to a warrant or subpoena issued by a court of competent jurisdiction; or, (4) we’re expressly consented to by you.
Choices Regarding Personal Data
Chipper Compliance is the data processor for the processing of Personal Data on behalf of its Clients. If you are an individual whose identity has been verified through Chipper ID, please contact the appropriate Client to exercise any rights that you may have under applicable law. If you have further concerns or questions regarding the processing of your Personal Data, please email [email protected].
Class Action Waiver
YOU AND CHIPPER COMPLIANCE, INC., INCLUDING ITS PARENTS, SUBSIDIARIES, AFFILIATES, SUCCESSORS, AND ASSIGNS (“COMPANY”) AGREE THAT ANY PROCEEDINGS TO RESOLVE OR LITIGATE ANY DISPUTE WILL BE CONDUCTED SOLELY ON AN INDIVIDUAL BASIS, AND THAT NEITHER YOU NOR COMPANY WILL SEEK TO HAVE ANY DISPUTE HEARD AS A CLASS ACTION, A REPRESENTATIVE ACTION, A COLLECTIVE ACTION, A PRIVATE ATTORNEY-GENERAL ACTION, OR IN ANY PROCEEDING IN WHICH YOU OR COMPANY ACTS OR PROPOSES TO ACT IN A REPRESENTATIVE CAPACITY. YOU AND COMPANY FURTHER AGREE THAT NO PROCEEDING WILL BE JOINED, CONSOLIDATED, OR COMBINED WITH ANOTHER PROCEEDING WITHOUT THE PRIOR WRITTEN CONSENT OF YOU, COMPANY, AND ALL PARTIES TO ANY SUCH PROCEEDING. THIS CLASS ACTION WAIVER COVERS ALL DISPUTES BETWEEN YOU AND COMPANY AND ALSO INCLUDES ANY DISPUTE BETWEEN YOU AND ANY OFFICER, DIRECTOR, BOARD MEMBER, AGENT, EMPLOYEE, VENDOR, AFFILIATE, OR CLIENT OF COMPANY, IF COMPANY COULD BE LIABLE, DIRECTLY OR INDIRECTLY, FOR SUCH DISPUTE.
Location of Personal Data
The Personal Data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers process data. Currently, we only use data centers in the United States.
If you have a complaint, concern, or question for Chipper Compliance, please contact us at [email protected]. Our postal address is 180 Montgomery Street, Suite 1860, San Francisco, CA 94104 USA.