Last Updated: February 07, 2022
Effective Date: February 07, 2022
We reserve the right to change this Policy at any time. In the event this Policy changes in a material manner, we will attempt to notify you through in-app notifications (if your settings permit notifications) or by notifying you the next time you launch the App. Any changes to the Policy will become effective on the date identified above. If you do not agree to such changes, you may close your account and request that your information be deleted.
Privacy Practices Summary
- Your personal information stays on your mobile device and is only shared with a third-party upon your express consent to do so.
- Requests for your personal information by a named third-party always include a clear purpose statement.
- Requests for your personal information always include a start and end date for its retention by the named third-party.
- We do not sell your information.
- You can review both your active and expired sharing history within our App.
- You will always have the ability to revoke a third-party’s access to your personal information, unless we are required by law to limit your ability to do so.
1. WHAT TYPES OF INFORMATION DO WE COLLECT FROM YOU?
1.1. Personal Information (“PI”)
In order for you to take advantage of our services, we may collect PI such as your name, residential address, telephone number, e-mail address, passport and driver’s license information, sex, date and place of birth, biometrics (including “selfies” and portrait images from passports and driver’s licenses you enroll into the App), and credit card information, utility billing and/or consumer credit transaction information. We may also collect protected health information from you, depending on the types of services to which you request access.
Your PI remains stored, encrypted, and managed on your mobile device unless and until you explicitly consent to share that information with named third-parties, for specific purposes and durations. Your PI is never processed, stored, or distributed without your explicit consent.
We retain machine readable information from the document(s) you enroll into the Airside service only for duration and purposes of verifying your identity.
The only permanently retained artifacts of information related to you are audit logs associated with the identity verification we performed in connection with the documents you enrolled. We retain a perpetual record of the type(s) of verification methods performed for purposes of demonstrating a prior verification in the event the same document is presented to us for verification. These audit logs do not contain any PI, nor can it be associated back to you.
You will always have the ability to delete your PI at any time. You will also always have ability to revoke prior consent for Airside or third-party access to your PI at any time (unless we are required by law to prohibit revocation).
1.2. Non-Personally Identifiable Information (“Non-PI”)
2. HOW DO WE USE INFORMATION COLLECTED FROM YOU?
We do not sell or share your PI with third-parties for marketing purposes. Your PI remains on your device unless and until you agree to share your PI with a third-party.
Only with your express consent, we will use your PI in the following ways:
- to provide our identity verification services.
- to fulfill your requests to allow you to order and receive items through third-parties and/or to provide you with specific information that you request.
- to send you important information regarding the App, including changes to our terms, conditions, policies, and/or other administrative information.
- to customize content within our App.
- to assist U.S federal, state, tribal, and territory public health agencies with their contact tracing efforts (only during the operation of Passenger Contact Information Submission for COVID-19 pandemic or similar government program).
Because Non-PI does not personally identify you, we may use such information for any purpose. In addition, we reserve the right to share such Non-PI with our affiliates and suppliers to improve our service offerings and to ensure the security and functionality of the App. In some instances, we may combine Non-PI with PI (such as combining your name with your geographical location). If we do combine any Non-PI with PI, we will treat the combined information as PI for as long as it is so combined.
IP Addresses and Mobile Device Identifiers
We do not collect or use mobile Identifiers assigned by device manufacturers or wireless service providers. Please note that we treat IP addresses, server log files and related information as Non-PI, except where we are required to do otherwise under applicable law.
3. HOW IS YOUR INFORMATION SHARED?
With your express consent only, we may share your PI:
- to our affiliates, service providers and other third-parties who utilize our services to verify your identity and/or information.
- to an affiliate or other third-party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including without limitation in connection with any bankruptcy or similar proceedings).
- to comply as we believe to be appropriate: (a) under applicable law including laws outside your country of residence; (b) to comply with legal process; (c) to respond to mandatory requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to permit us to pursue available remedies or limit the damages that we may sustain.
4. OTHER IMPORTANT NOTICES REGARDING OUR PRIVACY PRACTICES
Forums and Profiles
We may make available through our services to which you are able to post information and materials (for example, message boards, chat functionality, “profile pages” and blogs, among other services). Please note that any information you disclose through such services becomes public information and may be available to visitors to the site and to the general public. We urge you to exercise discretion and caution when deciding to disclose your PI, or any other information, on the site. WE ARE NOT RESPONSIBLE FOR THE USE OF ANY PI YOU VOLUNTARILY DISCLOSE TO THIRD-PARTIES THROUGH THE APP.
US Customs & Border Patrol (US CBP)
To fulfill a request for expedited service for US CBP processes, Airside will facilitate the transmission of relevant PI at your specific direction to US CBP via secure, encrypted processes that meet the US CBP requirements for transmission of PI. Airside will also facilitate the transmission of Passenger Contact Information for COVID-19, while the U.S. Government requires this information for entry into the US. Airside is NOT responsible for the use of such information by the US Government, including US CBP, and is NOT responsible for any actions the US Government, including US CBP, may or may not take based on that information.
Transportation Security Administration (US TSA)
To fulfill a request for expedited service for US TSA processes, Airside will facilitate the transmission of relevant PI at your specific direction to US TSA via secure, encrypted processes that meet the US TSA and US state DMV requirements for transmission of PI. Airside is NOT responsible for the use of such information by the US Government, including US TSA, and is NOT responsible for any actions the US Government, including US TSA, may or may not take based on that information.
We use reasonable organizational, technical and administrative measures to protect PI under our control. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. Please do not send us sensitive information through email.
Changing or Suppressing PI
If you would like to review, correct, update, suppress or otherwise limit our use of your PI that has been previously provided to us, you may do so by adjusting your preferences in the ‘Settings’ functions for the App or by contacting us at [email protected]. We may need to retain certain anonymized information for record-keeping and audit and compliance.
Note Regarding the Use of the App and Site by Children
The App is not to be used directly by individuals under the age of thirteen (13), and we request that such individuals not submit PI into our services. However, parents and legal guardians may enroll travel documents on behalf of their children on their own mobile devices, with some restrictions as may be indicated from within the App.
5. Specific Compliance Statements
Airside Mobile complies with the European Union General Data Protection Regulation (GDPR) guidelines enacted by the EU to protect data.
All inquiries concerning GDPR should be sent to our DPO via email at [email protected] . The DPO or a member of their team will respond within 48 hours.
Airside Mobile offers several products. Please consult the appropriate section for more detail
We collect only the PI that you authorize and/or enter into our App, and that information is securely stored in our systems for only as long as needed to perform our identity verification services. PI such as name, address, and billing information (including payment information, such as credit card) is collected to establish your account. This information is retained within the App, and released to our systems in an encrypted form that we can decrypt and access to provide our services to you. This use is always accompanied by your consent to the information release, and includes clear purpose and duration for our retention of your PI.
All PI stored by you in their locker is encrypted and we cannot (by our own design) decrypt this information without your key. We do not store the key, and without it, we are unable to respond to requests from anyone, including you, for this information to be transmitted in a decrypted form.
You may always request deletion or exporting of your PI when closing your account. For data export, your billing information will be obfuscated and encrypted information will be delivered as a binary object.
As noted above, we collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household. As a California resident, you have the right to know whether we have collected such information about you during the past 12 months, the sources from whom we have collected such information, the purposes for collecting such information, and the categories of such information that we have shared with third-parties. You have the right to request deletion of such information. We do not sell your information. You have the right to be free from discrimination related to your exercise of your rights as a California resident.
Under certain circumstances, our customers and affiliates are required by law or regulation to retain your information for specific periods of time. In those instances, you will be informed ahead of time.
If you have questions about how to exercise your rights under CCPA, you may request additional information by sending an email to our DPO at [email protected].
6. Contact Information
Privacy Office: [email protected]
GDPR Representative: [email protected]
Airside Mobile DPO: [email protected]
Information Security: [email protected]
US office PSTN: +1 703 345-5832