Last Modified: March 25, 2021
CrowdPass, LLC (“CrowdPass”,” we”, “our”, or “us”) respects your privacy and are committed
This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing your information through https://crowdpass.co/ (our “Website”), our mobile-web application and any related software and platforms, (collectively, the“Service”or“Services”). “You” or “User” refers to anyone who accesses or uses the Service, including our business and organizational customers (“Event Organizers”) and event participtants (“Event Participants”), to which this Policy applies.
A core element of our mission is our commitment to protect your personal information and to be
transparent about the data we collect about you, how it is used, and with whom it is shared.
The Service is general audience and intended for users 18 and older. We do not knowingly
collect Personal Information from anyone younger than age 18.
We collect several types of information from you and about users of our Services, such as your email address health history when you sign up for an account and register for an event. Other types of information we collect is information related to how you use our platform, which helps us improve our Services.
The categories of information we collect are:
· Personal Information: In thecourse of registering an account on Website and using our Services, we may require orotherwisecollect information that identifiesyou as aspecific individualand can beused to contact or identify you (“Personal Information”). Examples of Personal Information we collect for these purposes includeyour first and last name,
email addressand phonenumber.
· Health Information: To verify the ability to participate in an event and provide our Services, we may collect health-related information from Event Participants at the direction of the Event Organizer. Examples of Health Information we collect for this purpose includes your pre-existing symptoms and symptom history, contact history, and vaccination records.
· Event Organizer Information: For event organizers (“Event Organizer”) who register on our Service, we collect contact information of the organization and/or individual representative of the Event Organizer and event information, as applicable.
· Non-Identifying Information: We also may collect non-identifying or non-personal information, such as zip codes, demographic data, time zone, publicly available data,
and general information regarding youruseof the Service (“Non-Identifying Information”).
When you provide us with information in connection with a particular activity or otherwise sign up for or order our products and Services or provide your contact information to us, including your email address or telephone number in connection with that activity, product or service, you agree that such action constitutes a purchase or inquiry establishing a business relationship with us. You expressly consent to receiving communications from CrowdPass through the information you provided to us. For more information on how to access and control your communication preferences, please see YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION, below.
As you navigate through and interact with our Website, We and our third-party service providers, including analytics and third-party content providers, may automatically collect certain information from you whenever you access or interact with the Service.
· Usage Information. Details of your visits to our Website, including which links you clicked on, content response times, location data, logs, and other similar communication data and statistics about your interactions.
· Device Information. Information about your computer and internet connection, including your Internet Protocol address, operating system, and browser type.
We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, analytics, and site functionality.
● Web Beacons: We and ouroperational partners, affiliates, analytics, and service providers may also employ software technology known as “web beacons” and/or“tracking tags” to help us keep track of what content on our Service is effective and to serverelevant advertising to you. Web beacons are small graphics with auniqueidentifierthat may be invisible to you, and which are used to track theonlineactivity of Internet users. Web beacons are embedded in theweb pagesyou review or email messages you receive. Web beacons or similar technologies may be used foranumber of purposes, including, without limitation, to count visitors to our Service, to monitorhow CrowdPass Users navigate the Service, to count how many emails that were sent wereactually opened, orto count how many particular articles or links wereactually
● Embedded Scripts: We and our operational partners, affiliates, analytics, and service providers may also employ software technology known as an Embedded Script. An Embedded Script is programming code that is designed to collect information about your interactions with the Service, such as the links you click on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from the Service.
We also may receive information about you from third parties. For example, weand ourpartners, affiliates and service providersmay useavariety of othertechnologies(such as tags) that collect statistical data relating to your Website activity forsecurity and fraud detection purposes.
Under the Health Insurance Portability and Accountability Act of 1996 (“HIPPA”) covered entities (e.g. health plans, health care providers) and their business associates (a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of a covered entity) must implement additional safeguards and assurances when using and disclosing certain protected health information.
CrowdPass is neither a covered entity nor does CrowdPass process protected electronic health information on behalf of a covered entity. Therefore, CrowdPass is not subject to HIPAA. Nonetheless, CrowdPass values the safety and security of our users and their personal information.
Please see the SECURITY section, below, for more information on we protect personal information.
We use information that we collect about you or that you provide to us, including any personal information:
· To provide you with and manage your Account.
· To deliver and provide our Service.
· To fulfill or perform a contract with you or an Event Organizer.
· To improve our Services.
· To contact you and address your customer service inquiries.
· To administer and develop our business relationship with you and, if applicable, the corporation or other legal entity you represent.
· To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
· To comply with legal requirements and assist law enforcement.
· To investigate fraud and to enforce our Terms of Service.
· To protect the property rights of CrowdPass or a third party.
· To protect the safety of the public or any person.
· To stop any activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or a legally actionable activity.
· To identify CrowdPass users.
· For the purposes disclosed at the time you provide your information, and
· As otherwise permitted with your consent.
· We only use Health Information for the express purpose of verifying your ability to participate in an event.
To process your information as described above, we rely on the following legal bases:
· Contractual Necessity: To provide you with the CrowdPass Service and perform the contract that you have with us.
· Legitimate Interests: It is in our legitimate interests to provide, improve and analyze our Services, prevent fraudulent transactions, maintain security of our Services, and provide functionality.
· Consent: In instances where we ask for consent, you may way withdraw your consent at any time by contacting us. Please see the Contact Us section or more information.
· Health Information
o Event Organizers
▪ We will disclose Personal Information of Event Participants only with the Event Organizer for the applicable event.
· Personal Information (Non-Health Information)
o With our service providers and network partners:
▪ We employ third party companies and individuals to provide Services on our behalf, to perform Service-related operations (e.g., without limitation, maintenance services, database management, web analytics, payment processing, fraud detection and improvement of CrowdPass’s features) or to assist us in analyzing how our Service is used. These third parties may have access to your Personal Information in order to perform these tasks on our behalf.
o With Affiliates
o For corporate transactions
▪ CrowdPass may share information, including Personal Information, with any current or future subsidiaries or affiliates, primarily for business and operational purposes. We may sell, transfer, or otherwise share some or all of our assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets (including, in each case, as part of the due-diligence process with any potential acquiring entity) or in the event of bankruptcy.
o When required by law
▪ CrowdPass will share information with government agencies as required by law in response to lawfulrequestsbypublic authorities, including to meet nationalsecurity orlaw enforcement requirementsand, including without limitation,in connection withreporting earnings. We cooperatewith government and law enforcement officialsand privateparties to enforceand comply withthelaw. We willdisclose information about you togovernment orlaw enforcement officials orprivate parties as we, in our sole discretion, believe necessary or appropriate to respond toclaims and legal process (including butnotlimited tosubpoenas), or, at therequestofgovernmental authorities or other third parties conducting an investigation where we determine in our sole discretion the disclosure is necessary to (a) protect
the property and rights of CrowdPass or a third party, (b) protect the safety of the public or any person, or (c) prevent or stop activity we may consider to be, or pose a risk of being, illegal, fraudulent, unethical or legally actionable activity. We may also use Device Identifiers to identify CrowdPass Users, and may do so in cooperation with third parties at our discretion.
o With your Consent
▪ You may submit personal information to us through a form on the Service and consent for us to disclose your personal information and receive communication from us or our business affiliates and non-affiliates based on the information in the form.
You have several ways to exercise control over your information:
· Account Settings: Registered CrowdPass users may update their choices regarding the types of communications you receive from us through your online Account settings.
· E-Mail: You also may opt-out of receiving marketing emails from us by following the opt- out instructions provided in those emails. Please note that we reserve the right to send you certain communications relating to your account or use of the Service (for example, administrative and service announcements) via email and other means and these transactional account messages may be unaffected if you opt-out from receiving marketing communications.
· Rights over your Information
o Residents residing in the EU
▪ Under the GDPR (General Data Protection Regulation), CrowdPass acts as a data processor where we are processing your information on behalf of an Event Organizer (the data controller). European residents may contact CrowdPass at firstname.lastname@example.org to access, correct, update or delete your personal information; object to our processing of this information, ask us to restrict our processing of your personal information, or request portability of your personal information. European residents who do not provide Personal Information may not be able to access the full functionality of features found on CrowdPass.
▪ Please note that CrowdPass usually has no direct relationship with Event Participants whose Personal Information CrowdPass processes on or through the Services on behalf of an Event Organizer. If you are an Event Participant and use our Service and would like to access, correct or delete your Personal Information, or would no longer like to be contacted by the Event Organizer controlling the information, please direct your request to the Event Organizer. If the Event Organizer requests that CrowdPass remove the Personal Information, we will respond to their request in a timely manner.
▪ We will use commercially reasonable efforts to honor requests for deletion; however, certain residual information may actively persist on the Service even if an account is deleted. Personal Information may remain in our archives and information you update or delete, or information within a closed account, may persist internally for our administrative purposes, to the extent permitted by law. It is not always possible to completely remove or
delete information from our databases. In addition, we typically will not remove information you posted publicly through or on the Service. Bear in mind that neither you nor CrowdPass can delete all copies of information that has been previously shared with others on the Service. If your information is deleted, then your account may become deactivated. If your account is deactivated or you ask to close your account, you will no longer be able to use the Services.
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional privacy rights with respect to our collection, use and disclosure of your Personal Information, including:
● The right to know what Personal information we have collected and how we have used and disclosed that Personal Information in the 12-month period preceding your request;
o Please see the above section within this Policy titled INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT, to see the categories of Personal Information we have collected about you.
o Please see the above sections within this Policy titled HOW WE USE YOUR INFORMATION and HOW WE DISCLOSE AND SHARE YOUR INFORMATION, to see applicable use and disclosures of your Personal Information.
● The right to request deletion of your Personal Information, and;
o Registered CrowdPass users may delete their Personal Information through applicable settings within their Account or by e-mailing CrowdPass at email@example.com
● The right to be free from discrimination related to the exercise of any of your privacy rights.
● The right to opt out of the sale of your personal information, and to request information about whether we have sold your personal information in the past 12 months.
o CrowdPass does not sell personal information, and we have not done so in the last year. If we begin to do so, we will update this notice and provide a mechanism to opt out of any such sale.
For more information on how to exercise your rights, please contact us at firstname.lastname@example.org. Please note that we may require you to verify your credentials, by matching your e-mail address, or other account information to the information in our systems, before you can submit a request to exercise any of these rights. If you authorize another person to act as your agent to submit requests on your behalf, then unless you provide the agent with power of attorney under the California Probate Code, we will ask the agent to provide us the written and signed authorization that you provided to the agent, we will confirm with you that you did provide the authorization, and we will verify your identity.
Our Services are hosted and offered in the United States of America (US), and are subject to US federal, state, and local law. If you are accessing the Services from another country, please be advised that you may be transferring your personal information to us in the US, and you consent to that transfer, processing and storage of your personal information in accordance with this Privacy
Notice. You also agree to abide by the applicable laws of applicable US federal, state, and local laws concerning your use of the Services and your agreements with us. Any persons accessing our Services from any jurisdiction with laws or regulations governing the use of the Internet, including the collection, use, or disclosure of personal information, different from those of the jurisdictions mentioned above may only use the Services in a manner lawful in their jurisdiction. If your use of the Services would be unlawful in your jurisdiction, you may not use our Services.
We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions.
Although we take precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.
You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address on record on your account.
We will retain Personal Information we collect from Event Organizers or Event Attendees, and process on behalf of a Event Organizer, for as long as necessary to provide our Services to the Event Organizer, and will maintain any such information controlled by a Event Organizer in accordance with the Event Organizer’s instructions, including any applicable Client Agreement terms, and as required by applicable law.
We may retain Personal Information if there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).
posting. In the event that there are material changes to the way we treat your Personal Information, we will update the Last Modified date at the top of this Policy upon becoming effective. We may also notify you by email, in our discretion.