This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing your information collected or obtained through your use of or participation on https://crowdpass.co/ (our “Website”), our mobile-web application and any related software and platforms, (collectively, the “Service” or “Services”). “You”, “User”, or “your” refers to anyone who accesses or uses the Service, including our business and organizational customers (“Event Organizers”) and event participants (“Event Participants”), to which this Policy applies.
A core element of our mission is our commitment to protecting your personal information and being transparent about the data we collect about you, how it is used, and with whom it is shared.
The Service is for a general audience and intended for users 18 and older. We do not knowingly collect Personal Information from anyone younger than age 18. If you are under 18, you are not permitted to provide any information to or on the Services (including any information about yourself, such as your name, address, telephone number, email address or any screen name or username you may use). If we learn we have collected or received personal information from a child under 18, we may delete that information.
We may collect several types of information from you such as your name, email address, symptom and contact history, COVID-19 test results, and vaccinations status when you access and use our Service. Other types of information we collect may be related to how you use our platform. The primary purposes of our data collection are to provide our Services to you, improve our Services, and on behalf of Event Organizers, to determine your eligibility to attend an event.
When you use our Services, you may be asked or required to provide certain information, or we may receive information on your behalf, some of which may be personally identifiable (“Personal Information”), some of which may be non-identifying, and some of which may be identifying only when viewed in conjunction with other information. The following are the categories of Personal Information that CrowdPass collects:
When you provide us with information in connection with a particular activity or otherwise sign up for or order our products and Services or provide your contact information to us, including your email address or telephone number in connection with that activity, product or service, you agree that such action constitutes a purchase or inquiry establishing a business relationship with us. You expressly consent to receiving communications from CrowdPass through the information you provided to us.
For more information on how to access and control your communication preferences, please see YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION, below.
We rely on you providing accurate and up-to-date information through our Services. If any information you have provided to us changes, please notify us in writing at firstname.lastname@example.org or you can update it yourself through your online Account settings.
Whenever you access, use or interact with the Service, we and our operational partners, affiliates, third-party service providers, including analytics and third-party content providers, may through the use of automatic data collection technologies collect information about your devices, browsing actions and patterns, including details of your use of the Services (such as traffic data, location data, which links you clicked on, content response times, logs and other communication data) and information about your devices and internet connection (including your IP address, internet connection, device type, operating system and other software and browser type).
The technologies we use for this automatic data collection may include:
We may combine this automatically collected information with other information we collect about you. We do this to improve services we offer you and for analytics and site functionality.
We also may receive information about you from third parties. For example, we and our partners, affiliates and service providers may use a variety of other technologies (such as tags) that collect statistical data relating to your access and use of the Services for security and fraud detection purposes.
Under the Health Insurance Portability and Accountability Act of 1996 (“HIPPA”) - SPELLED INCORRECTLY - SHOULD BE "HIPAA" covered entities (e.g. health plans, health care providers) and their business associates (a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of a covered entity) must implement additional safeguards and assurances when using and disclosing certain protected health information.
CrowdPass is neither a covered entity nor does CrowdPass process protected electronic health information on behalf of a covered entity. Therefore, CrowdPass is not subject to HIPAA. Nonetheless, CrowdPass values the safety and security of our users and their personal information.
We use information that we collect about you, that you provide to us, or is received by us on your behalf, including any Personal Information:
We may also anonymize your Personal Information (remove any information with which you may be personally identified) (“Anonymized Information”) to assess our Services and generate aggregated, de-aggregated, and statistical data that may enable us to better provide you the Services, be used for research and educational purposes, to sell, license or share with others, and to participate in the public health and safety community as a whole.
You have several ways to exercise control over your information:
If you are an Event Participant and use our Service and would like to access, correct or delete your Personal Information that is in control or possession by the Event Organizer, or would no longer like to be contacted by the Event Organizer, please direct your request to the Event Organizer.
We will use commercially reasonable efforts to honor requests for deletion; however, certain residual information may actively persist on the Service even if an account is deleted. Personal Information may remain in our archives and information you update or delete, or information within a closed account, may persist internally for our administrative purposes, to the extent permitted by law. It is not always possible to completely remove or delete information from our databases. In addition, we typically will not remove information you posted publicly through or on the Service. Bear in mind that neither you nor CrowdPass can delete all copies of information that has been previously shared with others on the Service. If your information is deleted, then your account may become deactivated. If your account is deactivated or you ask to close your account, you will no longer be able to use some or all of the Services.
The CCPA also provides the right to request information about how CrowdPass collects, uses and discloses your Personal Information. And it gives you the right to access your Personal Information and request that CrowdPass delete that information. Finally, the CCPA provides the right to not be discriminated against for exercising your privacy rights.
We describe the choices you have to manage your privacy and data across CrowdPass’s services through applicable settings in your Account. You can exercise your rights by using these controls, which allow you to access, review, update and delete your information, as well as export and
download a copy of it. When you use them, we’ll validate your request by verifying that you’re signed in to your CrowdPass account. If you have questions or requests related to your rights under the CCPA, you (or your authorized agent) can also contact CrowdPass at email@example.com.
Please note that we may require you to verify your credentials, by matching your e-mail address, or other account information to the information in our systems, before you can submit a request to exercise any of these rights. If you authorize another person to act as your agent to submit requests on your behalf, we will ask the agent to provide us the written and signed authorization that you provided to the agent, such as a power of attorney, and we will confirm with you that you did provide the authorization, and we will verify your identity.
Our Services are hosted and offered in the United States of America (US), and are subject to US federal, state, and local law. If you are accessing the Services from another country, please be advised that you may be transferring your Personal Information to us in the US, and you consent to that transfer, processing and storage of your Personal Information in accordance with this Privacy.
You also agree to abide by the applicable laws of applicable US federal, state, and local laws concerning your use of the Services and your agreements with us. Any persons accessing our Services from any jurisdiction with laws or regulations governing the use of the Internet, including the collection, use, or disclosure of personal information, different from those of the jurisdictions mentioned above may only use the Services in a manner lawful in their jurisdiction. If your use of the Services would be unlawful in your jurisdiction, you may not use our Services.
We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions. Although we take precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.
You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address, phone number or other contact information on record within your account.
We will retain Personal Information we collect from Event Organizers or Event Attendees, and process on behalf of an Event Organizer, for as long as necessary to provide our Services to the Event Organizer, and will maintain any such information controlled by an Event Organizer in accordance with the Event Organizer’s instructions, including any applicable Client Agreement terms, and as required by applicable law.
We may retain Personal Information if there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we may delete them).