BIOCATCH PRIVACY NOTICE
BioCatch Ltd. and its affiliates (collectively, the “BioCatch,” “we,” or “us”) wants you to be familiar with how we collect, use and disclose information. This Privacy Notice describes our practices in connection with information that we collect:
Collectively, we refer to the Websites and our Social Media Pages, as the “Services”.
Separate from the Services covered by this Notice, BioCatch offers a cloud-based solution (“Solution”) to Customers to help them keep their systems secure. The Solution enables real-time detection of various cyberthreats such as bots, malware and remote access threats (“RAT”) and the behavioral biometrics of authorized users accessing and using online accounts of Customers. For purposes of such fraud prevention services, BioCatch receives from the Customer a unique identifier for each authorized user of Customers’ services. The identifier is a one-way hash of the user ID deployed by the Customer, which user ID is known only to the Customer. BioCatch subsequently collects information about a number of behavioral attributes of the authorized users, such as how they use the mouse, or which keys on the key board are used to navigate around the screen which we refer to as behavioral biometric data. As the service provider, BioCatch receives only pseudo-anonymized data and cannot identify the individual authorized users. Please see the privacy notice from our Customers for information regarding their collection and use of information associated with the Solution.
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual, including:
- Postal address (including billing and shipping addresses)
- Telephone number
- Email address
- Social media account ID
Collection of Personal Information
We and our service providers collect Personal Information in a variety of ways, including:
- Through the Services
- We collect Personal Information through the Services, for example, when you sign up for a newsletter or register an account to access the Services.
- We collect Personal Information from you offline, e.g., when you attend one of our trade shows, or contact customer service.
- From Other Sources
- Publicly available databases;
- Joint marketing partners, when they share the information with us.
We need to collect Personal Information in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Notice.
Use of Personal Information
We and our service providers use Personal Information for legitimate business purposes including:
- Providing the functionality of the Services and fulfilling your requests.
- To provide the Services’ functionality to you, such as arranging access to your registered account, and providing you with related customer service.
- To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, compliments or complaints, or when you request a quote for or other information about our Services.
- To provide you with related customer service.
- To send administrative information to you, such as changes to our terms, conditions and policies.
We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.
- Providing you with our newsletter and/or other marketing materials and facilitating social sharing
- To send you marketing related emails, with information about our services, new products and other news about our company.
We will engage in this activity with your consent or where we have a legitimate interest.
- Analysis of Personal Information for business reporting and providing personalized services.
- To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services.
- To better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
- To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.
We will provide personalized services either with your consent or because we have a legitimate interest.
- Aggregating and/or anonymizing Personal Information.
- We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
- Accomplishing our business purposes.
- For data analysis, for example, to improve the efficiency of our Services;
- For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements;
- For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
- For developing new products and services;
- For enhancing, improving, or modifying our current products and services;
- For identifying usage trends, for example, understanding which parts of our Services are of most interest to users;
- For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
- For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests;
We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.
Disclosure of Personal Information
We disclose Personal Information:
- To our affiliates, including Biocatch Inc., including for the purposes described in this Privacy Notice.
- To our third party service providers, including HubSpot and SalesForce, to facilitate services they provide to us.
- These can include providers of services such as website hosting, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
- By using the Services, you may elect to disclose Personal Information.
- On message boards, chat, profile pages, blogs and other services to which you are able to post information and content (including, without limitation, our Social Media Pages). Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
Other Uses and Disclosures
We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:
- To comply with applicable law and regulations.
- This can include laws outside your country of residence.
- To cooperate with public and government authorities.
- To respond to a request or to provide information we believe is important.
- These can include authorities outside your country of residence.
- To cooperate with law enforcement.
- For example, when we respond to law enforcement requests and orders or provide information we believe is important.
- For other legal reasons.
- To enforce our terms and conditions; and
- To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
- In connection with a sale or business transaction.
- We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). Such third parties may include, for example, an acquiring entity and its advisors.
“Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual
- Browser and device information
- Information collected through cookies, pixel tags and other technologies
- Demographic information and other information provided by you that does not reveal your specific identity
- Information that has been aggregated in a manner such that it no longer reveals your specific identity
If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Notice.
Collection of Other Information
We and our service providers may collect Other Information in a variety of ways, including:
- Through your browser or device
- Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services you are using. We use this information to ensure that the Services function properly.
- IP Address
- Your IP address is automatically assigned to your computer by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the Services. We may also derive your approximate location from your IP address.
- Physical Location
- We may collect the physical location of your device by, for example, using satellite, cell phone tower or WiFi signals. We may use your device’s physical location to provide you with personalized location-based services and content. We may also share your device’s physical location, combined with information about what advertisements you viewed and other information we collect, with our marketing partners to enable them to provide you with more personalized content and to study the effectiveness of advertising campaigns. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location, but if you do, we and/or our marketing partners may not be able to provide you with the applicable personalized services and content.
Cookies and similar technologies
- Types of cookies and similar technologies. The different types of cookies and similar technologies that are used on the Website are included in our cookie consent manager.Please contact us at firstname.lastname@example.org for more information on the types of cookies we use.
Managing cookies and similar technologies.
You can change your settings for cookies and similar technologies, or withdraw your consent at any time, through our Cookiebot. Please note that this will not fully remove the cookies that have already been set on your device. You can delete cookies that have already been placed on your device by following these instructions:
Deleting cookies in Internet Explorer
Deleting cookies in Firefox
Deleting cookies in Chrome
Deleting cookies in Opera
Deleting cookies in Safari
To find information relating to other browsers, visit the browser developer's website. Please be aware that if cookies are disabled, not all features of the Website may operate as intended. Please contact us at email@example.com if you have any questions or concerns.
If you want to clear all cookies left behind by the websites you have visited, here are links where you can download three programs that clean out tracking cookies:
Uses and Disclosures of Other Information
We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.
We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.
CHOICES AND ACCESS
Your choices regarding our use and disclosure of your Personal Information
We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt-out from:
- Receiving electronic communications from us If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out by following the instructions in each such email or sending an email to firstname.lastname@example.org with Unsubscribe in the subject line.
- Our sharing of your Personal Information with affiliates for their direct marketing purposes Our sharing of your Personal Information with affiliates for their direct marketing purposes If you would prefer that we discontinue sharing your Personal Information on a going-forward basis with our affiliates for their direct marketing purposes, you may opt-out of this sharing by following the instructions in each such email or sending an email to email@example.com with Unsubscribe in the subject line.
If you would like to request to review, correct, update, suppress, restrict or delete Personal Information, object to the processing of Personal Information, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us by sending an email to firstname.lastname@example.org. We will respond to your request consistent with applicable law.
In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes.
We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.
The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
THIRD PARTY SERVICES
This Privacy Notice does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with our Social Media Pages.
THIRD PARTY ADVERTISING
We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites or online services.
- You may receive advertisements based on information relating to your access to and use of the Services and other websites or online services on any of your devices, as well as on information received from third parties. These companies place or recognize a unique cookie on your browser (including through the use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. If you would like more information about this practice, and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this Privacy Notice, please visit http://optout.aboutads.info/#/ and http://optout.networkadvertising.org/#/
USE OF SERVICES BY MINORS
The Services are not directed to individuals under the age of thirteen (13), and we do not knowingly collect Personal Information from individuals under the age of eighteen (18).
JURISDICTION AND CROSS-BORDER TRANSFER
Your Personal Information may be stored and processed in any country where we have facilities or personnel or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States and Israel. Such countries may have data protection rules that are different from those in your country. BioCatch is headquartered in Israel, a jurisdiction which is considered by the European Commission as offering an adequate level of protection for the personal data of EU Member State residents.
While privacy laws may vary between jurisdictions, we are each committed to protect Personal Information in accordance with this Privacy Notice and customary industry standards, including appropriate transfer mechanisms as applicable. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.
UPDATES TO THIS PRIVACY NOTICE
The “Last Updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when we post the revised Privacy Notice on the Services. Your use of the Services following these changes means that you accept the revised Privacy Notice
BioCatch Ltd., located at 136 Derech Menachim Begin, Tel Aviv, Israel is the company responsible for collection, use and disclosure of your Personal Information under this Privacy Notice.
If you have any questions about this Privacy Notice, please contact us at email@example.com, or:
136 Derech Menachem
Begin Tel Aviv-Yafo
You may also:
- Contact our Data Protection Officer (DPO) at firstname.lastname@example.org if you have any comments or questions regarding this Privacy Notice, or if you have any concerns regarding your Personal Information held with us, or if you wish to make a complaint about how your Personal Data is being processed by us.
- Contact our EU or UK Representatives. BioCatch has designated representatives in the European Union and in the United Kingdom for data protection matters. Inquiries regarding our EU or UK privacy practices may be sent by e-mail to email@example.com or via mail as follows: EU inquiries may be sent to: Maetzler Rechtsanwalts GmbH & Co KG, Schellinggasse 3/10, 1010 Vienna, Austria. UK inquiries may be sent to: 4th Floor, St. James House St. James Square, Cheltenham, GL50 3PR, England.
- Lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs.