Dated 12 January 2021
MobID PRIVACY POLICY
Your privacy is important to us. We are committed to protecting and respecting your personal data, ensuring that when you choose us to use our services, you know what data we collect about you and how
we use and protect that personal data. This Privacy Policy describes the ways we collect information from and about you, and what we do with the information, so that you may decide whether or not to provide
information to us. By accessing our website, or purchasing our products or services, you agree to this Privacy Statement in addition to any other agreements we might have with you. This Privacy Policy does
not govern the practices of entities that our Company does not own or control, or entities that do not own or control our company or people that our Company does not employ or manage.
1. WHO WE ARE
1.1. MobID is a trading name of Axiov B.V. company with number 66729491, incorporated in the Netherlands, whose registered office is Takwier 17, Leiden 2318 AB, Netherlands), referred to in
this Privacy Policy as “The Company”, “MobID”, “we” or “our” or “us”.
1.2. We are a global identity verification service which assists our clients with a first self-sovereign identity solution where the user and the service provider are in full charge of their identities in a
secure way. Our services operate through the following website: https://www.mob.id/ (our “Website”).
1.3. “customer”, “client”, “you” or “your” means an individual who is the subject of the personal data that we process as a data controller.
2. SCOPE OF THIS PRIVACY POLICY
2.1. This Privacy Policy (together with our Terms and Conditions and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us,
will be processed by us. This Privacy Policy also sets out how you can instruct us if you prefer to restrict the use of your personal data and the procedures that we have to keep your privacy safe.
2.2. For the purpose of this Privacy Policy, Data Protection Legislation means the General Data Protection Regulation 2016/679 (the “GDPR”) applicable in the European Union and data
protection legislation applicable in other countries. For the purpose of the Data Protection Legislation, the data controller is Axiov B.V.
2.3. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
2.4. By using our Website, registering with us or submitting information to us you signify that you have read and understood our collection, use and disclosure of your personal data in accordance with
this Privacy Policy. If you do not agree with this Privacy Policy, you must not use our Website, access our services or submit any information to us.
3. DATA WE COLLECT (OR MAY RECEIVE) ABOUT YOU
3.1. The personal data we collect (or receive) about you may include your:
3.1.1. name and address;
3.1.2. e-mail address;
3.1.3. username, password;
3.1.4. your IP address;
3.1.5. your phone numbers (which could be your home, work or mobile numbers);
3.1.6. the information contained on government-issued identity documents, biometric data provided by you;
3.1.7. product and service selections and other things that identify you.
3.2. The personal data we collect from you using our verification services will always stay in transit and will never be stored in our servers.
4. HOW WE COLLECT YOUR PERSONAL DATA
4.1. We may collect (or receive) and process your personal data when:
4.1.1. we correspond with you as a customer or prospective customer;
4.1.2. you visit our website;
4.1.3. a third party submits your information for processing;
4.1.4. you register as an end-user of our services and an account is created for you;
4.1.5. you contact us for help;
4.1.6. you attend our conferences or webinars; and
4.1.7. the site sends us error reports or application analytics data. Under no circumstances are these details disclosed to any third parties without your consent other than those who need to know this information in the context of the services we provide.
5. HOW WE MAY USE YOUR PERSONAL DATA
5.1. We may process your personal data for one or more lawful bases of processing depending on the specific purpose for which we are using your data (see below).
5.2. We may process your personal data for the purpose of:
5.2.1. deliver the products and services that you have requested;
5.2.2. manage your customer relationship and provide you with customer support;
5.2.3. perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others;
5.2.4. communicate with you by e-mail, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us or other third parties;
5.2.5. enforce our terms and conditions;
5.2.6. manage our business;
5.2.7. perform functions as otherwise described to you at the time of collection; and
5.2.8. transfer personal information to third parties for any legally permissible purpose in our sole discretion.
5.3. We may take steps to verify the data we collect to protect against impersonation.
5.4. We may check some of the information that you provide to us against third party databases to confirm that it is accurate.
5.5. If you are an existing customer, we may contact you with information, products or services that you request from us or with information, products or services which are similar to the services we
are providing to you (independently or jointly with others), unless you have opted out to be contacted for such purposes. We may contact you for this purpose by post, telephone and SMS as well as by email. If you change your mind about being contacted in the future, please let us know.
5.6. We do not sell, rent, or otherwise provide your personal data to third parties unless you consent to this or it is necessary to provide you with our services, conduct our associated business activities or as described in this Privacy Policy. We may share information with any member of our group of companies, which means our subsidiaries.
5.7. If you choose to post messages on any online forum or other message platforms that we may make available for this purpose on our Website, we may collect that information you provide to us. We may process this information as necessary to respond to any social media posts or other public comments you might make, whether they are directed to us or about us, our Website, or other activities, to resolve disputes, provide customer support and troubleshoot problems, as permitted by law.
5.8. We may place a cookie on your device when you access our Website. These cookies will let us know when you have accessed our Website. We will share this information with our advertising providers. The cookies will let our advertising providers know when to serve ads and to whom, ensuring that our ads are served only to people who have previously visited our Website.
5.9. If you stop using our Website or our services, or your permission to use our Website and our services is terminated, we may continue to use and disclose your personal data in accordance with this Privacy Policy (as amended from time to time) and as permitted by law. However, if you wish us to stop e-mailing you with information in connection with our Website or our services, please unsubscribe or send your request.
6. YOUR CONTACT INFORMATION
6.1. Where applicable, you can change your contact details at any time by updating your profile within your trading account. You can also update your communication preferences by changing your settings related to your choices of notification.
7. DATA SECURITY
7.1. The Internet is not a secure source. Please be aware that communications over the Internet, such as e-mails/webmails, are not secure unless they have been encrypted. Your communications may
route through a number of parties before being delivered.
7.2. We can not accept responsibility for any unauthorized access or loss of personal data that is beyond our control. However, the protection of your personal data is extremely important to us and we have put in place a range of security procedures to protect it, as set out in this Privacy Policy.
7.3. Where you have been allocated a trading account, this area is protected by your user name and password, which you should never disclose to anyone else.
7.4. We will use reasonable intention to implement appropriate policies, rules and technical measures to protect the personal data that we have under our control.
7.5. We will ensure that your information will not be disclosed to government institutions or authorities except if required by law (e.g. when requested by regulatory bodies or law enforcement organizations in accordance with applicable legislation).
8. TO WHOM WILL YOUR PERSONAL DATA BE DISCLOSED?
8.1. Your personal data may, for the purposes set out in this Privacy Policy, be disclosed for processing to:
8.1.1. we may provide your information to our agents, vendors or service providers who perform functions on our behalf;
8.1.2. third party contractors may have access to our databases;
8.1.3. to our customers who have provided your information to us in connection with our products and services;
8.1.4. we may share your data with any parent company, subsidiaries, joint ventures, other entities under common control or third-party acquirers. We expect these other entities will honour this Privacy Policy;
8.1.5. we may allow a potential acquirer or merger partner to review our databases, although we would restrict their use and disclosure of this data during the diligence phase;
8.1.6. as required by law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to our Company; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our agreements or Company policies; and
8.1.7. other third parties with your consent or direction to do so.
8.2. In all circumstances where personal data may become known to our contractors, agents and outsourced service providers, there are confidentiality arrangements in place. Please note that these third parties may be in other countries where the laws on processing personal information may be less stringent than in your country.
9. YOUR RIGHTS
9.1. Please note that these rights do not apply in all circumstances. You are entitled to:
9.1.1. request access to your personal data (commonly known as a “data subject access request”);
9.1.2. request correction of the personal data that we hold about you;
9.1.3. request erasure of your personal data;
9.1.4. object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your
rights and freedoms;
9.1.5. request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
9.1.6. request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information (i.e. not to hard copies) which you initially provided consent for us to use or where we used the information to perform a contract with you; and
9.1.7. withdraw consent at any time where we are relying on consent to process your personal data. If you withdraw your consent, we may not be able to provide certain products or services to you.
9.2. We try to respond to all legitimate requests within one (1) month. Occasionally, it may take us longer than one (1) month if your request is particularly complex or you have made a number of requests. In this case, we will notify you within one (1) month of the receipt of your request and keep you updated.
9.3. We may charge you a reasonable fee to you when a request is manifestly unfounded, excessive or repetitive, or we receive a request to provide further copies of the same data. Alternatively, we may refuse to comply with your request in these circumstances.
10. COOKIES
10.1. Many of our web pages use “cookies.” Cookies are text files we place in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other personally identifiable information unless you choose to provide this information to us by, for example, registering at one of our sites. However, once you choose to furnish the site with personal information, this information may be linked to the data stored in the cookie. We use cookies to understand site usage and to improve the content and offerings on our sites. We also may use cookies to offer you products, programs, or services. You have many choices with regards to the management of cookies on your computer. All major browsers allow you to block or
delete cookies from your system. To learn more about your ability to manage cookies, please consult the privacy features in your browser.
10.2. Our Company and third parties may also use small pieces of code called “web beacons” or “clear gifs” to collect anonymous and aggregate advertising metrics, such as counting page views, promotion views, or advertising responses. These “web beacons” may be used to deliver cookies that conform to our Company’s cookie requirements.
10.3. We may create links to other websites. We will make a reasonable effort to link only to sites that meet similar standards for maintaining each individual’s right to privacy. However, many other sites that are not associated with or authorized by our Company may have links leading to our site. Our Company cannot control these links and we are not responsible for any content appearing on these sites. Since this website does not control the privacy policies of third parties, you are subject to the privacy practices of that third party. We encourage you to ask questions before you disclose any personal information to others.
10.4. Our Company websites may use third parties to present or serve the advertisements that you may see at its web pages and to conduct research about the advertisements and web usage. This Privacy Statement does not cover any use of information that such third parties may have collected from you or the methods used by the third parties to collect that information.
11. WHERE WE STORE AND PROCESS YOUR PERSONAL DATA
11.1. The data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or Affiliate companies. Such staff may be engaged in, among other things, the fulfilment of your request, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.
12. YOUR CONSENT AND CHANGES TO THIS PRIVACY POLICY
12.1. We reserve the right to amend or modify this Privacy Policy and if we do so we will post the changes on our Website. It is your responsibility to check the Privacy Policy every time you submit your personal data to us.
13. USE OF YOUR PERSONAL DATA SUBMITTED TO OTHER WEBSITES
13.1. Except as otherwise expressly included in this Privacy Policy, this document addresses only the use and disclosure of personal data that we receive about you or collect from you.
13.2. If you disclose your personal data to others (e.g. websites we link to), different rules may apply to their use or disclosure of the data that you disclose to them. We are not responsible for the privacy policies and practices of other websites even if you accessed the third party website using links from our website.
13.3. We recommend that you check the policy of each website you visit and contact the owner or operator of such website if you have concerns or questions.
14. DATA RETENTION
14.1. We will only retain your personal data for as long as you have consented to it or when is necessary to us to provide you with our services or fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting or regulatory requirements.
14.2. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
14.3. In some circumstances, you can ask us to delete your data.
14.4. In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
15. FURTHER INFORMATION
15.1. If you would like to let us know about something we have done, or failed to do in relation to your personal data, whether positive or negative, please let us know. Your comments enable us as an organization to learn and continuously improve our services.
16. INFORMING US OF CHANGES
16.1. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
16.2. If your personal details change, please help us to keep your information up to date by notifying us at privacy@mob.id
Updated: January 12, 2021