Privacy Policy

INTRODUCTION

CrowdPass, along with our subsidiaries and affiliates, (collectively “CrowdPass”,” we”, “our”, or “us”) respects your privacy and are committed to protecting it through our compliance with this Privacy Policy (“Policy”).

This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing your information collected or obtained through your use of or participation on https://crowdpass.co/ (our “Website”), our mobile-web application and any related software and platforms, (collectively, the “Service” or “Services”). “You”, “User”, or “your” refers to anyone who accesses or uses the Service, including our business and organizational customers (“Event Organizers”) and event participants (“Event Participants”), to which this Policy applies.

A core element of our mission is our commitment to protecting your personal information and being transparent about the data we collect about you, how it is used, and with whom it is shared.

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, do not access or use the Services.

BY ACCESSING OR USING THE SERVICES, YOU AGREE TO THIS PRIVACY POLICY.

This Policy may change from time to time (see Changes to Our Privacy Policy). Your continued access of our Website or use of our Services after we make changes is deemed to be acceptance of those changes, so please check the Last Modified Date at the top of this Policy, to ensure that you aware of the most current version of this Policy.

CHILDREN’S PRIVACY

The Service is for a general audience and intended for users 18 and older. We do not knowingly collect Personal Information from anyone younger than age 18. If you are under 18, you are not permitted to provide any information to or on the Services (including any information about yourself, such as your name, address, telephone number, email address or any screen name or username you may use). If we learn we have collected or received personal information from a child under 18, we may delete that information.

INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We may collect several types of information from you such as your name, email address, symptom and contact history, COVID-19 test results, and vaccinations status when you access and use our Service. Other types of information we collect may be related to how you use our platform. The primary purposes of our data collection are to provide our Services to you, improve our Services, and on behalf of Event Organizers, to determine your eligibility to attend an event.

Information You Provide to Us or Received by Us on Your Behalf

When you use our Services, you may be asked or required to provide certain information, or we may receive information on your behalf, some of which may be personally identifiable (“Personal Information”), some of which may be non-identifying, and some of which may be identifying only when viewed in conjunction with other information. The following are the categories of Personal Information that CrowdPass collects:

  • Registration, account, or other identifying information, such as your name, user name, account password, date of birth, mailing address, email address, and telephone number.
  • Personal Information that contains health-related information about you. Examples of information we collect for this purpose include your symptoms and symptom history, contact and travel history, COVID-19 test results and vaccination records. We will always ask for your express consent before collecting any health-related information from you. Such collection is for the primary purpose of determining your eligibility to attend an event on behalf of an Event Organizer.
  • Information conveyed or relevant to your communications with us, such as messages, communications, chats, data, images, and other information exchanged as a result of your communications with us; information exchanged with our staff; and information exchanged by email
  • Information pertaining to your status as an Event Participant, including information related to the Event, your attendance, dates of attendance, and any data associated with your status and the event.
  • For event organizers (“Event Organizer”) who register on our Service, we collect contact information of the organization and/or individual representative(s) of the Event Organizer and event information, as applicable.
  • We also may collect non-identifying or non-personal information, such as zip codes, demographic data, time zone, publicly available data, and general information regarding your use of the Service (“Non-Identifying Information”).

When you provide us with information in connection with a particular activity or otherwise sign up for or order our products and Services or provide your contact information to us, including your email address or telephone number in connection with that activity, product or service, you agree that such action constitutes a purchase or inquiry establishing a business relationship with us. You expressly consent to receiving communications from CrowdPass through the information you provided to us.

For more information on how to access and control your communication preferences, please see YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION, below.

We rely on you providing accurate and up-to-date information through our Services. If any information you have provided to us changes, please notify us in writing at support@crowdpass.co or you can update it yourself through your online Account settings.

Information Collected Automatically

Whenever you access, use or interact with the Service, we and our operational partners, affiliates, third-party service providers, including analytics and third-party content providers, may through the use of automatic data collection technologies collect information about your devices, browsing actions and patterns, including details of your use of the Services (such as traffic data, location data, which links you clicked on, content response times, logs and other communication data) and information about your devices and internet connection (including your IP address, internet connection, device type, operating system and other software and browser type).

The technologies we use for this automatic data collection may include:

  • Cookies. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use both persistent cookies that remain on your computer or similar device (such as to save your registration ID and login password for future logins to the Service and to track your compliance with the CrowdPass Terms of Use) and session ID cookies, which expire at the end of your browser session (for example, to enable certain features of the Service, to better understand how CrowdPass Users interact with the Service and to monitor aggregate usage by CrowdPass Users and web traffic routing on the Service). You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functionality of the Service.
  • Web Beacons: Software technology known as “web beacons” and/or “tracking tags” is used to help us keep track of what content on our Service is effective and to serve relevant advertising to you. Web beacons are small graphics with a unique identifier that may be invisible to you, and which are used to track the online activity of Internet users. Web beacons are embedded in the web pages you review or email messages you receive. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to our Service, to monitor how CrowdPass Users navigate the Service, to count how many emails that were sent were actually opened, or to count how many particular articles or links were actually viewed.
  • Embedded Scripts. An Embedded Script is programming code that is designed to collect information about your interactions with the Service, such as the links you click on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from the Service.
  • Log Information. We may automatically collect and store certain information in our server logs when you use the Services, including details about how you used the Services, IP address, and information specific to your device (such as system activity, hardware settings, browser type, and browser language).
  • Device Identifiers. We may collect information about your device, such as your operating system, hardware version, device settings, file and software names and types, mobile network information and device identifiers. This helps us measure how the Services are performing and improve the Services for you on your particular device.
  • Location-Based Data. We may collect and process information about your geographic location (for example, through GPS signals) when you use the Services. We will not track your device location without your permission. We do not share precise geolocation data with third parties, other than our service providers as necessary to provide the Services.

We may combine this automatically collected information with other information we collect about you. We do this to improve services we offer you and for analytics and site functionality.

Do Not Track Signal

“Do Not Track” is a privacy preference that users can set in some web browsers, allowing users to opt out of tracking by websites and online services. Please note that we do not alter our Website’s data collection and use practices in response to a “Do Not Track” signal from your browser (but you may control the use of cookies at the individual browser level, and if you choose to disable cookies, it may limit your use of certain features or functionality of the Service).

Information Received from Third Parties

We also may receive information about you from third parties. For example, we and our partners, affiliates and service providers may use a variety of other technologies (such as tags) that collect statistical data relating to your access and use of the Services for security and fraud detection purposes.

Although our Privacy Policy applies to information that we receive about you from third parties, please know that we cannot control and are not responsible for the actions or omissions of third parties in regards to information that you provide to or is collected by third parties as a part of your use of the Services. In such instances, you acknowledge that CrowdPass has no duty or responsibility for a third party’s maintenance, handling or safeguarding of any information that you provide to, or is collected by, any third party. You must review the privacy policies of the applicable third party to learn more about how information will be handled by such parties.

HIPAA

Under the Health Insurance Portability and Accountability Act of 1996 (“HIPPA”) - SPELLED INCORRECTLY - SHOULD BE "HIPAA" covered entities (e.g. health plans, health care providers) and their business associates (a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of a covered entity) must implement additional safeguards and assurances when using and disclosing certain protected health information.
CrowdPass is neither a covered entity nor does CrowdPass process protected electronic health information on behalf of a covered entity. Therefore, CrowdPass is not subject to HIPAA. Nonetheless, CrowdPass values the safety and security of our users and their personal information.

HOW WE USE YOUR INFORMATION

We use information that we collect about you, that you provide to us, or is received by us on your behalf, including any Personal Information:

  • To provide you with and manage your Account.
  • To deliver and provide our Service.
  • To fulfill or perform a contract with you or an Event Organizer.
  • To verify your ability or eligibility to participate in an event.
  • To improve our Services.
  • To contact you and address your customer service inquiries.
  • To help diagnose problems with our computer service and to administer the Website, mobile-web application, or other Services.
  • To administer and develop our business relationship with you and, if applicable, the corporation or other legal entity you represent.
  • To provide you with news, special offers and information about other goods, services and events which we offer or offer on behalf of others that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
  • To comply with legal requirements and assist law enforcement.
  • To investigate fraud and to enforce our Terms of Service, including for billing and collection purposes, if applicable.
  • To protect the property rights of CrowdPass or a third party.
  • To protect the safety of the public or any person.
  • To stop any activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or a legally actionable activity.
  • To identify CrowdPass users.
  • For the purposes disclosed at the time you provide your information, and
  • As otherwise permitted with your consent.

We may also anonymize your Personal Information (remove any information with which you may be personally identified) (“Anonymized Information”) to assess our Services and generate aggregated, de-aggregated, and statistical data that may enable us to better provide you the Services, be used for research and educational purposes, to sell, license or share with others, and to participate in the public health and safety community as a whole.

HOW WE SHARE AND DISCLOSE YOUR INFORMATION

Except as provided in this Privacy Policy, CrowdPass will not disclose or sell your Personal Information to any third party without your consent. As such, we disclose your Personal Information as follows:

  • We may disclose Personal Information of Event Participants to the Event Organizer, its operational partners, affiliates, third-party service providers, for the applicable event. Health-related information that you provide us will not be directly disclosed to the Event Organizer, its operational partners, affiliates, third-party service providers, but rather we may disclose our determination of whether you are deemed eligible to attend the event based on a review of your health-related information and other Personal Information.
  • We employ third party companies and individuals to provide Services on our behalf, to perform Service-related operations (e.g., without limitation, maintenance services, database management, web analytics, payment processing, fraud detection and improvement of CrowdPass’s features) or to assist us in analyzing how our Service is used. These third parties may have access to your Personal Information in order to perform these tasks on our behalf.
  • We may share Personal Information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
  • We may share information, including Personal Information, with any current or future subsidiaries or affiliates, primarily for business and operational purposes. We may sell, transfer, or otherwise share some or all of our assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets (including, in each case, as part of the due-diligence process with any potential acquiring entity) or in the event of bankruptcy.
  • We may share information with government agencies as required by law in response to lawful requests by public authorities, including to meet national security or law enforcement requirements and, including without limitation, in connection with reporting earnings. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), or, at the request of governmental authorities or other third parties conducting an investigation where we determine in our sole discretion the disclosure is necessary to (a) protect the property and rights of CrowdPass or a third party, (b) protect the safety of the public or any person, or (c) prevent or stop activity we may consider to be, or pose a risk of being, illegal, fraudulent, unethical or legally actionable activity.
  • We may disclose Personal Information in accordance with any explicit consent from you.
  • We may publicly or privately disclose Anonymized Information and Non-Identifying Information. Such information may be disclosed or used, for example, to demonstrate how the Services are used, evaluate industry data, to create strategic partnerships, for sale or license to third-parties, or to evaluate and study data relating to public health concerns, COVID-19, vaccination, and event participation and interest.

YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION

You have several ways to exercise control over your information:

  • Account Settings: Registered CrowdPass users may update their choices regarding the types of communications you receive from us through your online Account settings.
  • E-Mail: You also may opt-out of receiving marketing emails from us by following the opt-out instructions provided in those emails. Please note that we reserve the right to send you certain communications relating to your account or use of the Service (for example, administrative and service announcements) via email and other means and these transactional account messages may be unaffected if you opt-out from receiving marketing communications.

If you are an Event Participant and use our Service and would like to access, correct or delete your Personal Information that is in control or possession by the Event Organizer, or would no longer like to be contacted by the Event Organizer, please direct your request to the Event Organizer.

We will use commercially reasonable efforts to honor requests for deletion; however, certain residual information may actively persist on the Service even if an account is deleted. Personal Information may remain in our archives and information you update or delete, or information within a closed account, may persist internally for our administrative purposes, to the extent permitted by law. It is not always possible to completely remove or delete information from our databases. In addition, we typically will not remove information you posted publicly through or on the Service. Bear in mind that neither you nor CrowdPass can delete all copies of information that has been previously shared with others on the Service. If your information is deleted, then your account may become deactivated. If your account is deactivated or you ask to close your account, you will no longer be able to use some or all of the Services.

California Residents – Your California Privacy Rights

The California Consumer Privacy Act (CCPA) requires specific disclosures for California residents. This Privacy Policy is designed to help you understand how CrowdPass handles your information:

  • We explain the categories of information CrowdPass collects and the sources of that information in the section titled INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT.
  • We explain how CrowdPass uses information in the section titled HOW WE USE YOUR INFORMATION.
  • We explain when CrowdPass may share information in the section titled HOW WE SHARE AND DISCLOSE YOUR INFORMATION. CrowdPass does not sell your personal information without your consent. If we begin to do so, we will update this notice and provide a mechanism to opt out of any such sale.

The CCPA also provides the right to request information about how CrowdPass collects, uses and discloses your Personal Information. And it gives you the right to access your Personal Information and request that CrowdPass delete that information. Finally, the CCPA provides the right to not be discriminated against for exercising your privacy rights.

We describe the choices you have to manage your privacy and data across CrowdPass’s services through applicable settings in your Account. You can exercise your rights by using these controls, which allow you to access, review, update and delete your information, as well as export and

download a copy of it. When you use them, we’ll validate your request by verifying that you’re signed in to your CrowdPass account. If you have questions or requests related to your rights under the CCPA, you (or your authorized agent) can also contact CrowdPass at support@crowdpass.co.

Please note that we may require you to verify your credentials, by matching your e-mail address, or other account information to the information in our systems, before you can submit a request to exercise any of these rights. If you authorize another person to act as your agent to submit requests on your behalf, we will ask the agent to provide us the written and signed authorization that you provided to the agent, such as a power of attorney, and we will confirm with you that you did provide the authorization, and we will verify your identity.

INTERNATIONAL JURISDICTIONS

Our Services are hosted and offered in the United States of America (US), and are subject to US federal, state, and local law. If you are accessing the Services from another country, please be advised that you may be transferring your Personal Information to us in the US, and you consent to that transfer, processing and storage of your Personal Information in accordance with this Privacy.

You also agree to abide by the applicable laws of applicable US federal, state, and local laws concerning your use of the Services and your agreements with us. Any persons accessing our Services from any jurisdiction with laws or regulations governing the use of the Internet, including the collection, use, or disclosure of personal information, different from those of the jurisdictions mentioned above may only use the Services in a manner lawful in their jurisdiction. If your use of the Services would be unlawful in your jurisdiction, you may not use our Services.

SECURITY

We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions. Although we take precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.

You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address, phone number or other contact information on record within your account.

DATA RETENTION

We will only retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected and processed, or until you request deletion as described in this Privacy Policy.

We will retain Personal Information we collect from Event Organizers or Event Attendees, and process on behalf of an Event Organizer, for as long as necessary to provide our Services to the Event Organizer, and will maintain any such information controlled by an Event Organizer in accordance with the Event Organizer’s instructions, including any applicable Client Agreement terms, and as required by applicable law.

We may retain Personal Information if there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we may delete them).

LINKS TO OTHER SITES

Our Services may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from our Services. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Policy does not apply to any information that you provide to or is collected from these other websites and services.

CHANGES TO THIS POLICY

CrowdPass may update this Privacy Policy at any time and unless otherwise explicitly stated, any changes will be effective upon posting. We will notify you about material changes by either sending an email message to the email you most recently provided us or by prominently posting a notice on our Service. We encourage you to periodically check back and review this Policy so that you always will know what information we collect, how we use it, and with whom we share. The date the Policy was last modified is identified at the top of the page.

HOW TO CONTACT CROWDPASS

If you have any questions about this Privacy Policy, please contact us at support@crowdpass.co.