AWARE, INC.2018-09-21T09:28:53+00:00

AWARE, INC.

DATA SECURITY & PRIVACY POLICY

I. Privacy Policy

Your privacy is important to Aware, Inc. (“Aware”), a provider of biometric software and services (the “Service”). This Privacy Policy describes the information practices for Aware websites and applications, including what type of information is gathered and tracked, how the information is used, and with whom the information is shared in accordance with applicable data privacy laws, including but not limited to the General Data Protection Regulation (“GDPR”). As described below, this policy also applies to your offline interactions with Aware, such as when you license software subject to an End-User License Agreement or enter into Terms of Service for an Aware offering, or provide information to Aware at a trade show or other event.

Should you have any questions about this Privacy Policy you can contact us at privacy@aware.com.

We may supplement this Privacy Policy.  Those supplemental notices should be read together with this Privacy Policy.

II. Personal Data

“Personal Data” means any information that may be used, either alone or in combination with other information, to personally identify an individual (“data subject”), including, but not limited to, a first and last name, a personal profile, an email address or other contact information or to one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity.  Personal Data does not include data from which you can no longer be identified, such as anonymized aggregate data.

III. What Information Do We Collect About You, How Do We Collect It and What Do We Use It For?

This Privacy Policy discloses what Personal Data we gather, how we use it, and how you can correct or change it. It is our intention to give you as much control over your Personal Data as possible to preserve your privacy, while still allowing us to utilize that Personal Data in the course of our business to provide you a valuable service. You do not need to provide us Personal Data to simply browse our site.

Personal Data We Collect

The kinds of Personal Data we may collect include your contact details (such as your address, email address and telephone number) and information such as your job title which we will request from you.  In addition, we collect the Personal Data you choose to provide to us, e.g.  if you contact us by letter, telephone, email or any other means of electronic or personal communication. We will process your Personal Data if and to the extent applicable law provides a lawful basis for us to do so.  We will therefore process your Personal Data only:

  1. if you have consented to us doing so;
  2. if we need it to perform the contract we have entered into with you;
  3. if we need it to comply with a legal obligation; or
  4. if we (or a third party) have a legitimate interest which is not overridden by your interests or fundamental rights and freedoms.

How We Collect Personal Data

Aware collects Personal Data when:

  • you make purchases of products or services;
  • you provide biometric information when using the Service;
  • you request support for a Aware product or service;
  • you request free software downloads;
  • you create a user account (login user name and password) on a Aware Site;
  • you register for webcasts, seminars and roundtables;
  • you request information or materials (e.g., whitepapers or newsletters);
  • you participate in surveys and evaluations;
  • you participate in promotions, contests or giveaways;
  • you apply for a job, or submit your resume to Aware;
  • you submit questions or comments to us.

Aware may also collect Personal Data from individuals (with their consent) at conventions, trade shows and expositions. The types of Personal Data collected may include (but are not limited to):

  • your first and last name;
  • your title and your company’s name;
  • your home, billing, or other physical address (including street name, name of a city or town, state/province, postal code);
  • your e-mail address;
  • your telephone number;
  • (for job applicants submitting electronic information) your educational background, employment experience, and job interest;
  • any other identifier that permits Aware to make physical or online contact with you;
  • any information that Aware collects online from you and maintains in association with your account, such as: (a) your Aware username, (b) your Aware password, and/or (c) your credit card account information.

What Do We Use Personal Data For?

We will use your Personal Data to operate and improve our sites and deliver the Service or carry out the transactions you have requested. These uses may include providing you with more effective customer service; making the sites or services easier to use by eliminating the need for you to repeatedly enter the same information; performing research and analysis aimed at improving our products, services and technologies; and displaying content and advertising that are customized to your interests and preferences.

We also use your Personal Data to communicate with you. We may send certain mandatory service communications such as welcome letters, billing reminders, information on technical service issues, and security announcements. We may also contact you to inform you of other products or services available from Aware and its affiliates.

Personal Data collected on Aware Sites and services may be stored and processed in the United States or any other country in which Aware or its affiliates, subsidiaries or agents maintain facilities, and by using a Aware Site or Service, you consent to any such transfer of information outside of your country. We may transfer your Personal Data to our affiliated companies for the purpose of storing or processing such information on our behalf. Such information may be transferred to other countries around the world. We require that these parties agree to process such information in compliance with our Privacy Policy. In particular, if you provide Personal Data to us it may be transferred to and processed on computers in the U.S. and other countries. Do not provide your Personal Data to us through this website if you do not want this information to be transferred outside of your country, or if the laws in your country restrict these types of transfers. Your provision of Personal Data to us will be handled in accordance with this Privacy Policy. From time to time, your Personal Data may be transferred to a country different from where you are located. Your legal rights may be different in these countries, but we will hold your Personal Data in accordance with this Privacy Policy.

We may transfer your Personal Data to our third party service providers (such as a server hosting provider), but only to provide our services to you. Such information may be transferred to other countries around the world. We use commercially reasonable efforts to only engage or interact with third party service providers that post a privacy policy governing their processing of Personal Data. We may disclose your Personal Data or any information you submitted via the Service if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce any applicable terms of service, including investigations of potential violations thereof; (iii) detect, prevent, or otherwise address fraud or security issues; or (iv) protect against harm to the rights, property or safety of Aware, our users, yourself or the public. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

IV. What We May Need From You

We may need to request specific information from you to help us confirm your identity and ensure your right to access Personal Data (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.

V. Accuracy of Information

To the extent that you do provide us with Personal Data, we wish to maintain accurate Personal Data. Please let us know if your Personal Data changes during your relationship with us.

Aware acknowledges that EU individuals have the right to access the Personal Data/data that we maintain about them. An EU individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to info@aware.com. If requested to remove data, we will respond within a reasonable timeframe. Your email should include adequate details of your request.

VI. What If You Do Not Provide the Personal Data We Request?

It is in your sole discretion to provide Personal Data to us. If you do not provide us with all or some of the Personal Data we request, we may not be able to enter into a contract with you or to send you the requested information and may be unable to access certain programs and services that involve our interaction with you.

VII. Change of Purpose, Anonymization

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason which is compatible with the original purpose.  We may disclose your Personal Data or any information you submitted if we have a good faith belief that disclosure of such information is reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce any applicable terms of service, including investigations of potential violations thereof; (iii) detect, prevent, or otherwise address fraud or security issues; or (iv) protect against harm to the rights, property or safety of Aware, our users, yourself or the public. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.  If we need to use or disclosure your Personal Data for an unrelated purpose, we will notify, unless such notice is prohibited.

In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.

VIII. With Whom Will We Share Your Information?

Aware will not sell, rent or lease your Personal Data to others. Aware shares Personal Data with companies working on our behalf and Aware-owned business entities. Except as described in this statement, we will not disclose your Personal Data to third parties for their own marketing purposes unless you have provided consent.

Some Aware services may be co-branded and offered in conjunction with another company. If you register for or use such services, both Aware and the other company may receive information collected as part of the co-branded services.

In some cases Aware uses contractors to collect, use, analyze and otherwise process information on its behalf. It is Aware’s practice to require such suppliers to handle information in a manner consistent with Aware’s policies. Aware may also allow carefully selected Aware partners to participate in limited marketing campaigns solely to promote Aware’s products and services to you.

If you request something from an Aware Site (for example, a product or service, a callback, or specific marketing materials), we will use the information you provide to fulfill your request. To help us do this, we may share information with others, such as Aware’s business partners, financial institutions, shipping companies, and postal or government authorities (e.g., Customs authorities) involved in fulfillment. As part of a transaction, we may also contact you as part of our customer satisfaction surveys or for market research purposes.

We may hire other companies to provide limited services on our behalf, such as handling the processing and delivery of mailings, providing customer support, hosting websites, processing transactions, or performing statistical analysis of our services. Those companies will be permitted to obtain only the Personal Data they need to deliver the service. They are required to maintain the confidentiality of the information and are prohibited from using it for any other purpose.

For the purposes described above we may have to transfer your Personal Data from the European Economic Area (EEA) to a third party outside of the EEA and in a jurisdiction not being subject to an adequacy decision of the European Commission. We will always ensure that there is a legal basis and a relevant safeguard method for such data transfer so that your Personal Data is treated in a manner that is consistent with, and respects the EU laws and other applicable laws and regulations on data protection. If you require further information about this you can request it from privacy@aware.com.

IX. Your Rights in Relation to Your Information

You have rights as an individual which you can exercise under certain circumstances in relation to your Personal Data that we hold. These rights are to:

  • request access to your Personal Data (commonly known as a “data subject access request”) and request certain information in relation to its processing;
  • request rectification of your Personal Data;
  • request the erasure of your Personal Data;
  • request the restriction of processing of your Personal Data;
  • object to the processing of your Personal Data.

If you want to exercise one of these rights please contact us at privacy@aware.com.

You also have the right to make a complaint at any time to the supervisory authority for data protection issues in France, or, as the case may be, any other competent supervisory authority of an EU member state.

X. Right to Withdraw Consent

In case you have provided your consent to the collection, processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent. To withdraw your consent, please contact privacy@aware.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. In case we processed your Personal Data for direct marketing purposes, you have the right to object at any time, in which case we will no longer process your Personal Data for such marketing purposes.

XI. How Long Will We Retain Your Information?

We will only retain your Personal Data for as long as necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.

Upon expiry of the applicable retention period we will securely destroy your Personal Data in accordance with applicable laws and regulations.

XII. Fees

You will in general not have to pay a fee to exercise any of your individual rights mentioned in this Privacy Policy. However, we may charge a reasonable fee if your request to exercise your individual rights is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

XIII. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time, and we will make an updated copy of such Privacy Policy available on our website.

XIV. General Information

Collection of Information by Third-Party Sites. We may use a reputable third party to present or serve advertisements that you may see on the Service. These third party ad servers may use cookies, web beacons, clear gifs or similar technologies to help present such advertisements, and to help measure and research the advertisements’ effectiveness. The use of these technologies by these third party ad servers is subject to their own privacy policies and is not covered by our Privacy Policy.

Links to Other Sites. The Service may contain links to third party websites that are not owned or controlled by us. We are not responsible for the privacy practices or the content of such other third party websites, and you visit them at your own risk.

Service Visitors from Outside the United States. We and our servers are located in the United States and are subject to the applicable local and national laws. Those who choose to access the Service do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules and regulations. We may limit the Service’s availability, in whole or in part, to any person, geographic area or jurisdiction we choose, at any time and in our sole discretion. We do not represent or warrant that the Service, or any part thereof, is appropriate or available for use in any other jurisdiction. If users choose to access or use the Service, they consent to the use and disclosure of information in accordance with this privacy policy and subject to such laws.

Children’s Privacy. The Service is neither directed to nor structured to attract children under the age of 13 years. Accordingly, we do not intend to collect Personal Data from anyone we know to be under 13 years of age. We will direct potential users under 13 years of age not to use the Service. If we learn that Personal Data of persons less than 13 years of age has been collected without verifiable parental consent, then we will take the appropriate steps to delete this information. To make such a request, or if there are any questions or concerns about the Privacy Policy for the Service or its implementation, please contact us at privacy@aware.com.

Security. The security of your Personal Data is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the Personal Data submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Personal Data, we cannot guarantee its absolute security or confidentiality. If you have any questions about security, you can contact us at info@aware.com.

Please be aware that certain Personal Data and other information provided by you in connection with your use of the Service may be stored on your device (even if we do not collect that information). You are solely responsible for maintaining the security of your device from unauthorized access.

Merger, Sale or Bankruptcy. If we are acquired by or merged with a third party entity, or if we are subject to a bankruptcy or any comparable event, we reserve the right to transfer or assign Personal Data in connection therewith.

California Online Privacy Protection Act Notice

On September 27, 2013, California enacted A.B. 370, amending the California Online Privacy Protection Act to require website operators like us to disclose how we respond to “Do Not Track Signals”; and whether third parties collect personally identifiable information about users when they visit us.

(1) We do not track users, who do not interact with its sharing functionality across the web, and therefore do not use “do not track” signals.

(2) We do not authorize the collection of personally identifiable information from our users for third party use through advertising technologies without separate member consent.

California Civil Code Section 1798.83 also permits our customers who are California residents to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please send an email to info@aware.com. Please note that we are only required to respond to one request per customer each year.

Commitment. We are committed to protecting your privacy. If you have any comments or questions regarding our Privacy Policy, or Personal Data that we may be storing and using, please contact us at info@aware.com

Dispute Resolution

Aware commits to resolve complaints about your privacy and our collection or use of your Personal Data. Individuals with inquiries or complaints regarding this privacy policy should first contact Aware at:

privacy@aware.com or (781) 276-4000

Aware is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

XV. Further Information

If you have any concerns or require any further information, please do not hesitate to contact privacy@aware.com

Last updated: May 21, 2018