Doc Ref: IDme.S.00.030
Version: 5.1.0
Last updated: 2017-03-08
This Privacy Policy discloses the privacy practices for the ID.me credentialing services (namely, ID.me’s services to eligible users who create an account with an electronic identification resource (or “ID.me Account”) and verify certain user criteria (such as legal name, address or membership in certain affinity group(s)) to access certain exclusive benefits). The Privacy Policy also covers the ID.me website located at www.ID.me, ID.me’s affiliated websites, the ID.me mobile application, and elements of ID.me’s technology platform (e.g., group affiliation widgets) present on ID.me client websites (collectively referred to hereafter as the “Website”). This Privacy Policy explains how ID.me collects, uses and discloses information you submit to or is collected via the Website and ID.me credentialing services.
ID.me, Inc., the provider of the ID.me’s credentialing services and Website (referred to as “us” or “we”), is committed to protecting the privacy of individuals who navigate to, or otherwise use the Service and/or Website (hereafter, “Users” or “you”). The ID.me’s credentialing services and Website are designed to offer eligible Users with ID.me Accounts to access certain exclusive benefits, including without limitation, deals, discounts, cash back rebates and employment and educational opportunities, offered by participating retailers, service providers, employers or benefits administrators (collectively, the “ID.me Service”). Users who create an ID.me Account are required to submit certain information to ID.me as part of the verification process so that we may ascertain the User’s identity, group affiliation, and determine other eligibility standards for the User tied to the ID.me Service. However, Users may choose what specific information (personally identifiable information and other forms of information as described in greater detail below) is tied to their ID.me Account and control how much of that information is shared with other websites in relation to the ID.me Service. In certain cases, the more information Users share the more rewards and benefits, such as deals, discounts, cash back rebates and employment and educational opportunities, the User may be eligible to receive, as further described in our Terms of Service. However, certain participating websites may require that Users provide certain, minimum levels of information and a User’s refusal to provide such may impact his or her eligibility for the subject good, service, or benefit offered.
To avoid any confusion, Users should understand that, while we own and operate the Service and Website and certain other websites, we do not own or operate websites owned and operated by third parties who may avail themselves of the ID.me Service (collectively referred to hereafter as the “Third Party Websites.”) This Privacy Policy is intended to inform Users about our collection, use, storage, and disclosure, destruction and disposal of information that we collect or record in the course of providing the Website and the ID.me Service. Please note, we are not responsible for the privacy practices of Third Party Websites and they are under no obligation to comply with this Privacy Policy. Before visiting Third Party Websites, and before providing the User’s ID.me or any other information to any party that operates or advertises on Third Party Websites, Users should review the privacy policy and practices of that website to determine how information collected from Users will be handled. Please further note, depending on a User’s particular interaction with us (e.g., Users who solely navigate the Website versus Users who create an account and use the ID.me Service at Third Party Websites), different portions of this policy may apply to Users at different times.
Please read this Privacy Policy carefully. By accessing or using the Website or the ID.me Service in any form, you acknowledge that you have read, understood, and agreed to be bound to all the terms of this Privacy Policy and the Website’s Terms of Service. If you do not agree to these terms, exit this page and do not access or use the Service or Website.
If we decide to change this Privacy Policy, we will post those changes to this page so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We reserve the right to modify this Privacy Policy at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of notice on our home page.
We collect three types of information from and about Users: Personally Identifiable Information, Sensitive Information, and Non-Personally Identifiable Information.
Personally Identifiable Information & Sensitive Information
We do not automatically collect any Personally Identifiable Information or Sensitive Information without your consent. When you create an account to obtain an ID.me Account and use the ID.me Service, you will be asked to provide certain Personally Identifiable Information and Sensitive Information so that we can verify your identity and attributes of your identity including, but not limited to, group affiliations (e.g., Military, First Responder, Student, Veteran, etc.), memberships, social media accounts, educational degrees, and professional certifications. Personally Identifiable Information is information that identifies a specific individual, including, without limitation, first and last name, mailing address, e-mail address (including, without limitation, .mil e-mail address), telephone number, social security number, and date of birth. In addition, you will be asked to provide certain additional information or documentation that we will use to verify your eligibility to receive discounts and benefits from organizations and registration authorities such as government agencies, telecommunications networks, credit card bureaus, financial institutions, or authoritative agents with access to your group affiliation credentials, military records (which may also contain Personally Identifiable Information), your spouse’s or immediate family member’s social security number, military affiliation(s), dates of active and reserve duty service, and information related to your accounts with financial institutions (“Sensitive Information”). The decision to share specific items of your Personally Identifiable Information and/or Sensitive Information with the ID.me Service (and, where applicable, with Third Party Websites in connection with your participation in the ID.me Cash Back Program and with certain aspects of the ID.me Service (including certain deals, cash back rewards, offers or opportunities offered by Third Party Websites which are conditioned upon certain eligibility requirements) is yours and yours alone. You can elect to provide all or only some of the information requested by the Website during the registration process. and at any time you may decide to remove some of the information that you previously provided However, if you decline to provide any of the above information, you may not be able to register for an ID.me Account or to access certain benefits of the ID.me Service (including certain deals, cash back rewards, offers or opportunities offered by Third Party Websites which are conditioned upon certain eligibility requirements). In addition to using your Personally Identifiable Information and Sensitive Information to provide the ID.me Service, we may also use this information to troubleshoot, resolve disputes, accomplish administrative tasks, contact you, enforce our agreements with you, including the Website’s Terms of Service and this Privacy Policy, comply with applicable law, and cooperate with law enforcement activities. In addition, we reserve the right to audit your eligibility (e.g., group affiliations such as active duty military or student status); to audit user accounts for fraud by, for example, verifying that purchases are delivered to registered user addresses; and to prevent duplicate ID.me Account’s from being created with the same information.
In order to better serve members of America’s Armed Forces and other personnel covered by the Service Members Civil Relief Act (SCRA) (50 U.S.C. App. 501 et. seq.)*, ID.me provides services to financial services companies and Third Party Websites in order to facilitate their compliance with the provisions of SCRA. By joining ID.me, you agree that ID.me may use your Personally Identifiable Information in order to assist Financial Services companies and Third Party Websites to determine your eligibility or your family member’s eligibility for SCRA benefits and protections. ID.me may periodically use your Personally Identifiable Information to confirm your SCRA eligibility or your family member’s eligibility at a later point in time to inform third parties of any changes to your SCRA eligibility status. Additional sources of information may include, but are not limited to, publically available websites, physical documentation, financial information, ID.me’s network or third parties that have a relationship with ID.me.
*The scope of ID.me’s SCRA services includes all individuals protected by the SCRA (i.e. personnel serving in the United States Armed Forces, commissioned officers of the Public Health Service and the National Oceanic and Atmospheric Administration, U.S. citizens serving with the armed forces of nations allied with the United States, and, where applicable according to federal or state laws and regulations, dependents and family members of an individual protected under the SCRA.
Registering with ID.me via the Department of Veterans Affairs (VA) website at www.Vets.gov
When you register with ID.me via the Department of Veterans Affairs (VA) website at www.Vets.gov you will be asked to provide Personally Identifiable Information for purposes of identity verification. The requested information includes, without limitation, your first and last name, mailing address, e-mail address, home and/or mobile telephone number, social security number, gender, and date of birth. ID.me may also request a digital copy of an approved State or Federal ID.
Registering with ID.me via Outside Account
ID.me may offer you the option of registering an account with the ID.me Service by logging in with an account you have established with certain third party sites (including, Facebook, LinkedIn, Google, and PayPal) (hereafter, the “Outside Account”). By logging in via the Outside Account, you are granting ID.me the right to access, utilize and store (if applicable) information (including Personally Identifiably Information) tied to your Outside Account in connection with the Website and Service. Depending on the Outside Accounts you choose (and your privacy settings on that Outside Account) and your ID.me Account settings, the information you make accessible via your Outside Accounts will be available to ID.me and on and through your ID.me account.
Non-Personally Identifiable Information
Non-Personally Identifiable Information is information that does not identify a specific User. This type of information may include things like the Uniform Resource Locator (“URL”) of the website you visited before coming to the Website, the URL of the website you visit after leaving the Website, the type of browser you are using, your Internet Protocol (“IP”) address, occupation, language, unique device identifier, approximately geographic location, and time zone. We, and/or our authorized third party service providers and advertisers, may automatically collect this information when you visit our Website through the use of electronic tools like Cookies and Web beacons or Pixel tags or location based capabilities on your mobile device, including those described in Items 4 and 8 of this Privacy Policy. We use Non-Personally Identifiable Information to troubleshoot, administer the Website, analyze trends, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. We may also share this information with our authorized third party service providers and advertisers to measure the overall effectiveness of our online advertising, content, and programming. In certain limited instances, we may combine certain Non-Personally Identifiable Information with other identifiers in order to confirm your identity as part of the ID.me verification process. For example, we may combine an approximate geographic location obtained from a User’s mobile device and match it with address information the User voluntarily submitted to the Website in order to confirm the User’s identity and prevent fraudulent conduct. Notwithstanding, this information would still be considered Non-Personally Identifiable Information when it is taken alone or combined only with other non-identifying information (for example, the type of web browser used by the User).
Collection of Mobile Identifiable Information
You authorize your wireless operator (AT&T, Sprint, T-Mobile, US Cellular, Verizon, or any other branded wireless operator) to use your mobile number, name, address, email, network status, customer type, customer role, billing type, mobile device identifiers (IMSI and IMEI) and other subscriber status details, if available, solely to allow verification of your identity and to compare information you have provided to ID.me with your wireless operator account profile information for the duration of the business relationship.
Google Maps API
To make it easier for you to enter your address, ID.me uses Google Maps APIs. By using the ID.me Service, you are agreeing that you are bound to the Google Terms of Service and Google Privacy Policy.
We will not share, sell, rent, or trade your Personally Identifiable Information or Sensitive Information with other parties, except to verify your identity and eligibility or upon receipt of your consent as provided below: We will share your Personally Identifiable Information and Sensitive Information with entities necessary to validate your ID.me Account and Provide the ID.me Service to you.
In order to verify your identity and eligibility to receive discounts, cash back rebates and other benefits from merchants and other service providers, we will provide your Personally Identifiable Information and Sensitive Information to third parties such as government agencies, telecommunications networks, financial institutions or other trusted and reliable sources of information. Our provision of your Personally Identifiable Information to the foregoing parties is solely to verify your identity and eligibility for the ID.me Service. We have established relationships with Registration Authorities similar to the entities described above whereby the Personally Identifiable Information and Sensitive Information you provide to us will be transmitted to them using industry standard encryption tools, designed to protect such information from unauthorized access.
By providing any personally identifiable information and sensitive information to us, you authorize ID.me to provide such information to the above Registration Authorities and other trusted entities in order to verify your identity and eligibility to receive discounts, cash back rebates and benefits.
We will share certain Personally Identifiable Information tied to your ID.me Account (including the ID.me Cash Back Program) with Third Party Websites where you grant us permission to do so by creating an account with the Website and utilizing your ID.me Account to access and use Third Party Websites (including, without limitations, use of your ID.me to create an account, register or subscribe with a Third Party Website).
We do not share your Personally Identifiable Information or Sensitive Information with Third Party Websites absent your permission. However, by utilizing your ID.me Account at Third Party Websites, you are expressly authorizing us to share certain Personally Identifiable Information or Sensitive Information tied to your ID.me Account with such Third Party Websites. The ID.me Service is intended to allow you to create a membership or profile with a Third Party Website and/or engage in a transaction with a Third Party Website by automatically transferring Personally Identifiable Information or Sensitive Information. This transfer of Personally Identifiable Information and/or Sensitive Information tied to your ID.me Account is necessary to verify your eligibility to receive benefits or discounts from various organizations, and to communicate such eligibility to Third Party Websites. The information ID.me shares with Third Party Websites will be limited to the Personally Identifiable Information and/or Sensitive Information that ID.me, at its sole discretion, deems necessary to complete the transactions described herein. You will have the opportunity to review the information required to complete a transaction before your information is released to a Third Party Website. Absent your explicit permission, ID.me will never give Third Party Websites access to any or all of your information tied to your ID.me Account. In using the ID.me Service, Users have the ability to control which Third Party Websites are provided with their Personally Identifiable Information and Sensitive Information. We will not share a User’s Personally Identifiable Information and Sensitive Information with a Third Party Website unless the User authorizes such sharing by using his or her ID.me account to register with the Third Party Website or to authorize the Third Party Website’s access to his or her information.
We may share your information with Authorized Third Party Service Providers
We provide certain services and products of the Website through third party service providers. These “Third Party Service Providers” perform functions on our behalf, such as sending out and distributing our administrative and promotional emails. We may share your Personally Identifiable Information with such Third Party Service Providers to remove repetitive information on customer lists, analyze data, provide marketing assistance, provide search results and links, process credit card payments, operate the Website, troubleshoot, and provide customer service. We may also collect personal information from individuals and companies (“Affiliates”) with whom we have business relationships and may share your information with Third Party Service Providers to accomplish our administrative tasks. However, we do not grant these entities any rights to use, and contractually restrict them from using, any information for any purpose other than providing services to us and to you. ID.me shall never sell your information to any entity for any reason.
We may share your information in a business transfer
As with any other business, we could merge with, or be acquired by, another company, or we may file for protection under applicable bankruptcy laws in the future. In such event, Users information obtained and maintained by the Website, including Personally Identifiable Information, Sensitive Information and Non-Personally Identifiable Information, will transfer to a successor entity in connection with the corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change. User information submitted prior to any such transfer would remain subject to the terms of this Privacy Policy (as it existed on the date of the submission). However, User information submitted after a transfer to a successor entity may be subject to a new Privacy Policy adopted by the successor entity.
We may share your information for our protection and the protection of others
We reserve the right to disclose your Personally Identifiable Information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our Website; enforce or apply this Privacy Policy, our Website Terms of Service or other agreements; or investigate, prevent, or take action suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person or to prevent financial loss to any person or entity; or otherwise protect the rights, property or safety of the Website, its Users or others.
We may disclose or share Non-Personally Identifiable Information with Third Party Service Providers and Affiliates. For example, we may share aggregated demographic information (which does not include any Personally Identifiable Information or Sensitive Information) with “Third Party Advertisers” or “Third Party Advertising Companies” and other parties as provided below:
We may use Third Party Advertising Companies to serve ads when you visit our Website. These companies may use Non-Personally Identifiable Information about your visits to this and other websites in order to provide, through the use of network tags, advertisements about goods and services that may be of interest to you. Some of these Third Party Advertising Companies may be advertising networks that are members of the Network Advertising Initiative (“NAI”). If you would like more information about any NAI member company, or you would like to opt-out of targeted advertising from any NAI member company, click here: http://www.networkadvertising.org/consumer/opt_out.asp
We also use Third Party Service Providers to track and analyze Non-Personally Identifiable usage and volume statistical information from our Users to administer our Website and constantly improve its quality. We may also publish this information for promotional purposes or as a representative audience for Advertisers. Please note that this is not Personally Identifiable Information or Sensitive Information as defined above, only general summaries of the activities of our Users. Such data is collected on our behalf, and is owned and used by us.
We believe that you should have the ability to access and edit the Personally Identifiable Information and Sensitive Information you provide us. You may change any of your Personally Identifiable Information or Sensitive Information by logging into your account and accessing the "my account" section of the site. You may update your Personally Identifiable Information or Sensitive Information by sending us an email at help@ID.me or writing to us at 8281 Greensboro Drive, Suite 600, Tysons Corner, VA 22102. Please indicate your name, address and email address, and what information you would like to update when you contact us.
We encourage you to promptly update your Personally Identifiable Information and Sensitive Information if they change. You may ask to have the information on your account deleted or removed; however, we may keep track of certain information if required by law. In addition, in may be impossible for us to completely delete all of your information because we periodically back-up information.
As discussed above, you can always choose not to provide information, although it may be required to use all or parts of the ID.me Service, including the ID.me Marketplace.
Except as otherwise provided herein, if you register for an account with, or log into, the ID.me Service, including the ID.me Marketplace, you are expressly consenting to receive e-mails (namely, Administrative Emails and Promotional Emails, as defined below) from us at the email address supplied by you. However, we will not send you Promotional Emails if you have signed up through a Third Party Website, unless you expressly consent to receive such emails or you separately register or log in as a user of the ID.me Service, including the ID.me Marketplace.
“Administrative Emails” relate to a User’s activity with the ID.me Service, and include emails regarding the User’s account, requests or inquiries by the User, earned cash back rebates, and purchases of products and services. We may also send you Promotional Emails. “Promotional Emails” advertise our products and services, including sales and other offers by Third Party Websites, such as cash back rebate promotions, employment and educational opportunities, and/or the products and services of our Third Party Websites, Third Party Service Providers and Affiliates.
You cannot opt-out of Administrative Emails. However, you have the ability to opt-out from receiving Promotional Emails.
If you want to opt out of receiving Promotional Emails from us, you must e-mail us at help@ID.me, write to us at the address contained herein, or click the “unsubscribe” button at the bottom of any of our e-mails and complete any additional steps required in response thereto. When contacting us, please indicate your name, address, email address, and indicate whether you no longer wish to receive all or certain Promotional Emails.
We are committed to ensuring that user information is secure. In order to prevent unauthorized access or disclosure, we have put in place applicable physical, managerial and technical procedures designed to safeguard and secure the information we retain. In addition, all sensitive information you supply is encrypted at rest and in transit. We use federally approved data encryption technology designed to further protect against loss, misuse or alteration of your sensitive information.
Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we employ commercially reasonable security measures to protect data and seek to partner with service providers that do the same, we cannot guarantee the security of any information transmitted to or from the Website, and are not responsible for the actions of any third parties that may receive any such information.
Cookies
To facilitate and customize your experience with the Website, we store cookies on your computer. A cookie is a small text file that is stored on a User’s computer for record-keeping purposes which contains information about that User. We use cookies to save you time while using the Website, remind us who you are, administer cash back rebates, and track and target user interests in order to provide a customized experience. Cookies also allow us to collect Non-Personally Identifiable Information from you, like which pages you visited and what links you clicked on. Use of this information helps us to create a more user-friendly experience for all visitors. In addition, we may use Third Party Advertising Companies to display advertisements on our Website. As part of their service, they may place separate cookies on your computer. We have no access to or control over these cookies. This Privacy Policy covers the use of cookies by the Website only and does not cover the use of cookies by any Third Party Website, Third Party Service Provider or Affiliate. Most browsers automatically accept cookies, but you may be able to modify your browser settings to decline cookies. Please note that if you decline or delete these cookies, some parts of the Website, including our Cash Back Program, may not work properly.
Other Tracking Devices
We may use other industry standard technologies like pixel tags and web beacons to track your use of our Website pages and promotions, or we may allow our Third Party Service Providers to use these devices on our behalf. Pixel tags and web beacons are tiny graphic images placed on certain pages on our Website, or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, pixel tags and web beacons generate a Non-Personally Identifiable notice of that action. Pixel tags allow us to measure and improve our understanding of visitor traffic and behavior on our Website, as well as give us a way to measure our promotions and performance. We may also utilize pixel tags and web beacons provided by our Affiliates and/or Marketing Partners for the same purposes.
For California Users: The Website is not presently configured to respond to DNT or “do not track” signals from web browsers.This Privacy Policy only addresses the use and disclosure of information we collect from you on www.ID.me. Other websites, including Third Party Websites, may be accessible through this Website have their own privacy policies and data collection, use and disclosure practices. If you link to any such website, we urge you review such website’s Privacy Policy. We are not responsible for the policies or practices of third parties.
If you have questions or complaints regarding our privacy policy or practices, please contact us at help@ID.me.
Children
Persons under the age of 13 may not use the Website or ID.me Service. We do not knowingly collect personal information from anyone under the age of 13, and no part of the Website or ID.me Service is designed to attract anyone under the age of 13. Because we do not intentionally collect any information from children under the age of 13, we also do not knowingly distribute such information to third parties. If you have reason to believe that a child under 13 years of age has provided us with information, please contact us at help@ID.me and we will immediately delete such information, subject to and in compliance with applicable law.
As set forth in the Website Terms of Service, users between the ages of 13 and 18 must have a parent or legal guardian set up the user account and must agree to the Terms of Service (including this Privacy Policy). Certain features offered by the Website and/or the ID.me Service (including, without limitation, the Cash Back Loyalty Program or those features linking financial or payment accounts and/or requiring submission of social security numbers ) are only available to users who are 18 years of age or older.
Third-Party Service Provider Authentication
ID.me may permit you to register for ID.me Service through certain Third Party Service Provider sites. By registering for the ID.me Service, you agree that ID.me may receive account information (such as name, email and unique ID) from the Third Party Service Provider. ID.me may use this information for authentication purposes via a credential brokering process, and may store your user access token.
Collection of Mobile Identifiable Information
You authorize your wireless operator (AT&T, Sprint, T-Mobile, US Cellular, Verizon, or any other branded wireless operator) to use your mobile number, name, address, email, network status, customer type, customer role, billing type, mobile device identifiers (IMSI and IMEI) and other subscriber status details, if available, solely to allow verification of your identity and to compare information you have provided to ID.me with your wireless operator account profile information for the duration of the business relationship.
Please Further Note
If a User uses Facebook Connect, depending on the privacy settings that the User has set on his or her Facebook account, the User will be granting us access to the information accessible via that Facebook Account and we will access, make available and store (if applicable and as permitted by Facebook and authorized by the User via his or her Facebook account setting) that information so that it is available on and through the User’s Account on the Website. If there is information about the User’s "friends" or people with whom the User is associated via the Facebook account, the information we obtain about those "friends" or people with whom the User is associated, may also depend on the privacy settings such people have with Facebook.
Notice of Privacy Rights to California Residents
California law requires that we provide you with a summary of your privacy rights under the California Online Privacy Protection Act (the “Act”) and the California Business and Professions Code. As required by the Act, we will provide you with the categories of Personally Identifiable Information that we collect through the Website and the categories of third party persons or entities with whom such Personally Identifiable Information may be shared for direct marketing purposes at your request. California law requires us to inform you, at your request, (1) the categories of Personally Identifiable Information we collect and what third parties we share that information with; (2) the names and addresses of those third parties; and (3) examples of the products marketed by those companies. The Act further requires us to allow you to control who you do not want us to share that information with. To obtain this information, please send a request by email or standard mail to the address found below. When contacting us, please indicate your name, address, email address, and what Personally Identifiable Information you do not want us to share with Affiliated Businesses or Marketing Partners. The request should be sent to the attention of our legal department, and labeled “California Customer Choice Notice.” Please allow 30 days for a response. Also, please note that there is no charge for controlling the sharing of your Personally Identifiable Information or requesting this notice.
International Users
This Website is hosted in the United States. If you are a User accessing the Website from the European Union, Australia, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure, that differ from United States’ laws, you are transferring your personal data to the United States which does not have the same data protection laws as such other regions. By providing your information to the Website, you are consenting to the transfer of your information to the United States for processing and maintenance in accordance with this Privacy Policy and our Terms of Service. You are also consenting to the application of Delaware law and controlling U.S. Federal law in all matters concerning the Website and ID.me Service.
If you have any questions concerning this Privacy Policy or our privacy practices, please contact us per below: