Privacy Policy

Last Modified: March 25, 2021

INTRODUCTION

 

CrowdPass, LLC (“CrowdPass”,” we”, “our”, or “us”) respects your privacy and are committed

to protecting it through our compliance with this Privacy Policy (“Policy”).

 

This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing your information through https://crowdpass.co/ (our “Website”), our mobile-web application and any related software and platforms, (collectively, the“Service”or“Services”). “You” or “User” refers to anyone who accesses or uses the Service, including our business and organizational customers (“Event Organizers”) and event participtants (“Event Participants”), to which this Policy applies.

 

A core element of our mission is our commitment to protect your personal information and to be

transparent about the data we collect about you, how it is used, and with whom it is shared.

 

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our terms, your choice is not to use our Services. By accessing or using this Website, you agree to this Privacy Policy. This Policy may change from time to time (see Changes to Our Privacy Policy). Your continued access of our Website or use of our Services after we make changes is deemed to be acceptance of those changes, so please check the Last Modified Date at the top of this Policy, to ensure that you are viewing the most current version of this Policy.

 

CHILDREN’S PRIVACY

The Service is general audience and intended for users 18 and older. We do not knowingly

collect Personal Information from anyone younger than age 18.

 

INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We collect several types of information from you and about users of our Services, such as your email address health history when you sign up for an account and register for an event. Other types of information we collect is information related to how you use our platform, which helps us improve our Services.

 

Information You Provide to Us or Received by Us on Your Behalf

The categories of information we collect are:

 

· Personal Information: In thecourse of registering an account on Website and using our Services, we may require orotherwisecollect information that identifiesyou as aspecific individualand can beused to contact or identify you (“Personal Information”). Examples of Personal Information we collect for these purposes includeyour first and last name,


email addressand phonenumber.

· Health Information: To verify the ability to participate in an event and provide our Services, we may collect health-related information from Event Participants at the direction of the Event Organizer. Examples of Health Information we collect for this purpose includes your pre-existing symptoms and symptom history, contact history, and vaccination records.

o Under applicable privacy laws, such as the General Data Protection Regulation (“GDPR”), Health Information may be considered a “special” or “sensitive” category of data. We only collect, use, and process such sensitive data if you voluntarily provide it to us and only for the purposes of verifying your ability to participate in an applicable event, and otherwise as instructed by the Event Organizer. By providing Health Information on the Service, you explicitly consent to our collection, use and disclosure of your Health Information in accordance with this Privacy Policy.

· Event Organizer Information: For event organizers (“Event Organizer”) who register on our Service, we collect contact information of the organization and/or individual representative of the Event Organizer and event information, as applicable.

· Non-Identifying Information: We also may collect non-identifying or non-personal information, such as zip codes, demographic data, time zone, publicly available data,

and general information regarding youruseof the Service (“Non-Identifying Information”).

 

When you provide us with information in connection with a particular activity or otherwise sign up for or order our products and Services or provide your contact information to us, including your email address or telephone number in connection with that activity, product or service, you agree that such action constitutes a purchase or inquiry establishing a business relationship with us. You expressly consent to receiving communications from CrowdPass through the information you provided to us. For more information on how to access and control your communication preferences, please see YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION, below.

 

Information Collected Automatically

As you navigate through and interact with our Website, We and our third-party service providers, including analytics and third-party content providers, may automatically collect certain information from you whenever you access or interact with the Service.

· Usage Information. Details of your visits to our Website, including which links you clicked on, content response times, location data, logs, and other similar communication data and statistics about your interactions.

· Device Information. Information about your computer and internet connection, including your Internet Protocol address, operating system, and browser type.

We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, analytics, and site functionality.

Cookies and Other Automatic Data Collection Technologies

CrowdPass and its partners use cookies or similar technologies, which store certain information on your computer and allows us to, among other things, analyze trends, administer the Website, and to gather demographic information about our user base as a whole. The technology used to collect information automatically from CrowdPass Users may include the following:


● Cookies: Like many websites, we and our operational partners, affiliates, analytics, and service providers use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use both persistent cookies that remain on your computer or similar device (such as to save your registration ID and login password for future logins to the Service and to track your compliance with the CrowdPass Terms of Use) and session ID cookies, which expire at the end of your browser session (for example,  to enable certain features of the Service, to better understand how CrowdPass Users interact with the Service and to monitor aggregate usage by CrowdPass Users and web traffic routing on the Service). You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functionality of the Service.

 

● Web Beacons: We and ouroperational partners, affiliates, analytics, and service providers may also employ software technology known as “web beacons” and/or“tracking tags” to help us keep track of what content on our Service is effective and to serverelevant advertising to you. Web beacons are small graphics with auniqueidentifierthat may be invisible to you, and which are used to track theonlineactivity of Internet users. Web beacons are embedded in theweb pagesyou review or email messages you receive. Web beacons or similar technologies may be used foranumber of purposes, including, without limitation, to count visitors to our Service, to monitorhow CrowdPass Users navigate the Service, to count how many emails that were sent wereactually opened, orto count how many particular articles or links wereactually

viewed.

 

● Embedded Scripts: We and our operational partners, affiliates, analytics, and service providers may also employ software technology known as an Embedded Script. An Embedded Script is programming code that is designed to collect information about your interactions with the Service, such as the links you click  on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from the Service.

 

Information Received from Third Parties

We also may receive information about you from third parties. For example, weand ourpartners, affiliates and service providersmay useavariety of othertechnologies(such as tags) that collect statistical data relating to your Website activity forsecurity and fraud detection purposes.

 

Do Not Track Signal

Do Not Track (DNT) is a privacy preference that users can set in some web browsers, allowing users to opt out of tracking by websites and online services. We do not honor browser requests not to be tracked online (known as “Do Not Track”), but our cookie policy below describes how you can opt out of receiving cookies.

 

HIPAA

Under the Health Insurance Portability and Accountability Act of 1996 (“HIPPA”) covered entities (e.g. health plans, health care providers) and their business associates (a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of a covered entity) must implement additional safeguards and assurances when using and disclosing certain protected health information.

 

CrowdPass is neither a covered entity nor does CrowdPass process protected electronic health information on behalf of a covered entity. Therefore, CrowdPass is not subject to HIPAA. Nonetheless, CrowdPass values the safety and security of our users and their personal information.


Please see the SECURITY section, below, for more information on we protect personal information.

 

HOW WE USE YOUR INFORMATION

We use information that we collect about you or that you provide to us, including any personal information:

· To provide you with and manage your Account.

· To deliver and provide our Service.

· To fulfill or perform a contract with you or an Event Organizer.

· To improve our Services.

· To contact you and address your customer service inquiries.

· To administer and develop our business relationship with you and, if applicable, the corporation or other legal entity you represent.

· To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

· To comply with legal requirements and assist law enforcement.

· To investigate fraud and to enforce our Terms of Service.

· To protect the property rights of CrowdPass or a third party.

· To protect the safety of the public or any person.

· To stop any activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or a legally actionable activity.

· To identify CrowdPass users.

· For the purposes disclosed at the time you provide your information, and

· As otherwise permitted with your consent.

 

Health Information

· We only use Health Information for the express purpose of verifying your ability to participate in an event.

Legal Bases

To process your information as described above, we rely on the following legal bases:

· Contractual Necessity: To provide you with the CrowdPass Service and perform the contract that you have with us.

· Legitimate Interests: It is in our legitimate interests to provide, improve and analyze our Services, prevent fraudulent transactions, maintain security of our Services, and provide functionality.

· Consent: In instances where we ask for consent, you may way withdraw your consent at any time by contacting us. Please see the Contact Us section or more information.


 

HOW WE DISCLOSE AND SHARE YOUR INFORMATION

Except as provided in this Privacy Policy, CrowdPass will not disclose or sell your Personal Information to any third party without your consent. As such, we disclose your personal information as follows:

· Health Information

o Event Organizers

▪ We will disclose Personal Information of Event Participants only with the Event Organizer for the applicable event.

· Personal Information (Non-Health Information)

o With our service providers and network partners:

▪ We employ third party companies and individuals to provide Services  on our behalf, to perform Service-related operations (e.g., without limitation, maintenance services, database management, web analytics, payment processing, fraud detection and improvement of CrowdPass’s features) or to assist us in analyzing how our Service is used. These third parties may have access to your Personal Information in order to perform these tasks on our behalf.

o With Affiliates

▪ We may share Personal Information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that we control or that are under common control with us.

o For corporate transactions

▪ CrowdPass may share information, including Personal Information, with any current or future subsidiaries or affiliates, primarily for business and operational purposes. We may sell, transfer, or otherwise share some or all of our assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets (including, in each case, as part of the due-diligence process with any potential acquiring entity) or in the event of bankruptcy.

o When required by law

▪ CrowdPass will share information with government agencies as required by law in response to lawfulrequestsbypublic authorities, including to meet nationalsecurity orlaw enforcement requirementsand, including without limitation,in connection withreporting earnings. We cooperatewith government and law enforcement officialsand privateparties to enforceand comply withthelaw. We willdisclose information about you togovernment orlaw enforcement officials orprivate parties as we, in our sole discretion, believe necessary or appropriate to respond toclaims and legal process (including butnotlimited tosubpoenas), or, at therequestofgovernmental authorities or other third parties conducting an investigation where we determine in our sole discretion the disclosure is necessary to (a) protect


the property and rights of CrowdPass or a third party, (b) protect the safety of the public or any person, or (c) prevent or stop activity we may consider to be, or pose a risk of being, illegal, fraudulent, unethical or legally actionable activity. We may also use Device Identifiers to identify CrowdPass Users, and may do so in cooperation with third parties at our discretion.

o With your Consent

▪ You may submit personal information to us through a form on the Service and consent for us to disclose your personal information and receive communication from us or our business affiliates and non-affiliates based on the information in the form.

 

YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION

You have several ways to exercise control over your information:

· Account Settings: Registered CrowdPass users may update their choices regarding the types of communications you receive from us through your online Account settings.

· E-Mail: You also may opt-out of receiving marketing emails from us by following the opt- out instructions provided in those emails. Please note that we reserve the right to send you certain communications relating to your account or use of the Service (for example, administrative and service announcements) via email and other means and these transactional account  messages  may be unaffected if you opt-out from receiving marketing communications.

· Rights over your Information

o Residents residing in the EU

▪ Under the GDPR (General Data Protection Regulation), CrowdPass acts as a data processor where we are processing your information on behalf of an Event Organizer (the data controller). European residents may contact CrowdPass at support@crowdpass.co to access, correct, update or delete your personal information; object to our processing  of this information, ask us to restrict our processing of your personal information, or request portability of your personal information. European residents who do not provide Personal Information may not be able to access the full functionality of features found on CrowdPass.

▪ Please note that CrowdPass usually has no direct relationship with Event Participants whose Personal Information CrowdPass processes on or through the Services on behalf of an Event Organizer. If you are an Event Participant and use our Service and would like to access, correct or delete your Personal Information, or would no longer like to be contacted by the Event Organizer controlling the information, please direct your request to the Event Organizer. If the Event Organizer requests that CrowdPass remove the Personal Information, we will respond to their request in a timely manner.

▪ We will use commercially reasonable efforts to honor requests for deletion; however, certain residual information may actively persist on the Service even if an account is deleted. Personal Information may remain in our archives and information you update or delete, or information within a closed account, may persist internally for our administrative purposes, to the extent permitted by law. It is not always possible to completely remove or


delete information from our databases. In addition, we typically will not remove information you posted publicly through or on the Service. Bear in mind that neither you nor CrowdPass can delete all copies of information that has been previously shared with others on the Service. If your information is deleted, then your account may become deactivated. If your account is deactivated or you ask to close your account, you will no longer be able to use the Services.

 

California Residents – Your California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional privacy rights with respect to our collection, use and disclosure of your Personal Information, including:

 

● The right to know what Personal information we have collected and how we have used and disclosed that Personal Information in the 12-month period preceding your request;

o Please see the above section within this Policy titled INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT, to see the categories of Personal Information we have collected about you.

o Please see the above sections within this Policy titled HOW WE USE YOUR INFORMATION and HOW WE DISCLOSE AND SHARE YOUR INFORMATION, to see applicable use and disclosures of your Personal Information.

● The right to request deletion of your Personal Information, and;

o Registered CrowdPass users may delete their Personal Information through applicable settings within their Account or by e-mailing CrowdPass at support@crowdpass.co

● The right to be free from discrimination related to the exercise of any of your privacy rights.

● The right to opt out of the sale of your personal information, and to request information about whether we have sold your personal information in the past 12 months.

o CrowdPass does not sell personal information, and we have not done so in the last year. If we begin to do so, we will update this notice and provide a mechanism to opt out of any such sale.

 

For more information on how to exercise your rights, please contact us at support@crowdpass.co. Please note that we may require you to verify your credentials, by matching your e-mail  address, or other account information to the information in our systems, before you can submit a request to exercise any of these rights. If you authorize another person to act as your agent to submit requests on your behalf, then unless you provide the agent with power of attorney under the California Probate Code, we will ask the agent to provide us the written and signed authorization that you provided to the agent, we will confirm with you that you did provide the authorization, and we will verify your identity.

 

INTERNATIONAL JURISDICTIONS

Our Services are hosted and offered in the United States of America (US), and are subject to US federal, state, and local law. If you are accessing the Services from another country, please be advised that you may be transferring your personal information to us in the US, and you consent to that transfer, processing and storage of your personal information in accordance with this Privacy


Notice. You also agree to abide by the applicable laws of applicable US federal, state, and local laws concerning your use of the Services and your agreements with us. Any persons accessing our Services from any jurisdiction with laws or regulations governing the use of the Internet, including the collection, use, or disclosure of personal information, different from those of the jurisdictions mentioned above may only use the Services in a manner lawful in their jurisdiction. If your use of the Services would be unlawful in your jurisdiction, you may not use our Services.

 

SECURITY

We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions.

 

Although we take precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.

 

You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address on record on your account.

 

DATA RETENTION

We will only retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected and processed, or until you request deletion as described in this Privacy Policy.

 

We will retain Personal Information we collect from Event Organizers or Event Attendees, and process on behalf of a Event Organizer, for as long as necessary to provide our Services to the Event Organizer, and will maintain any such information controlled by a Event Organizer in accordance with the Event Organizer’s instructions, including any applicable Client Agreement terms, and as required by applicable law.

 

We may retain Personal Information if there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).

 

LINKS TO OTHER SITES

Our Website may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from our Services. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Policy does not apply to any personal information that you provide to these other websites and services.

 

CHANGES TO THIS POLICY

CrowdPass may update this Privacy Policy at any time and any changes will be effective upon


posting. In the event that there are material changes to the way we treat your Personal Information, we will update the Last Modified date at the top of this Policy upon becoming effective. We may also notify you by email, in our discretion.

 

HOW TO CONTACT CROWDPASS

If you have any questions about this Privacy Policy, please contact us at support@crowdpass.co.