EFFECTIVE DATE: 2/28/2019
We collect information about you directly from you as well as automatically through your use of our Platform or Services.
Information We Collect Directly From You. Most content on the Platform is accessible without an account. However in order to use the Services on the Platform, you must create an account and become a Registered User. Different Services require that you provide somewhat different forms or types of information, but in general the minimum mandatory information that you (or, with respect to certain information, a Registered User creating a Transaction on your behalf) must provide is:
All of this information is collectively referred to as “User Data.” Where you do not provide this information, we are unable to provide the Services to you.
The registration process provides Registered Users with a user name and password to enable access to the Services on the password-protected portions of the Platform.
In order to provide certain of the Services, including Notarization and Identity Verification Services, we provide on the Platform a live video link between you and a Notary or Identity Verification Designated Agent, so that the Notary or Agent can interact with you and, as applicable, make determinations about your identity and witness the signing of relevant document(s) (the “Session Video”). This means that we will capture audio and video of Registered Users who make use of the Services and whatever content is displayed during the Session Video. By requesting and participating in the Services, you confirm that all persons depicted in the Session Video are authorized and permitted to participate and have consented to do so.
Information We Collect Automatically.
We automatically collect the following information about Visitors or Registered Users through cookies and other web tracking technologies: your IP address (the Internet address of your computer), your computer's name, the type and version of your web browser, referrer addresses and other generally-accepted log information. We may also record page views (hit counts) and other general statistical and tracking information, which will be aggregated with that of other users in order to understand how our Platform is being used, and for security and monitoring purposes. We may combine this information with other information that we have collected about you, including, where applicable, your name, location and other personal information such as your browsing patterns. Please see the section “Cookies and Other Tracking Mechanisms” below for more information.
Information we collect from Public Sources.
For Registered Users, as applicable in the specific context of use of the Platform and delivery of Services, in order to verify identification information as part of our legal and contractual obligations, we will collect and review personal information and identity credentials provided by you through use of identity database services and tools provided by third party service providers.
Information Collected by Third Parties.
Our Platform and Services contain a link to a third-party payment provider to enable you to make payment for any Services (in the event your payment obligations to us are not managed through invoicing and other methods of payment). This company acts as separate entity and Controller (as that term is defined by applicable law) in relation to any billing or credit card information, and its processing is not governed by this Policy. We do not hold your billing data, other than records of actual charges and related information, and we are not responsible for the information practices of such third party.
We use your personal information for the following purposes, subject to any limitations in applicable law or our contracts with Registered Users and third parties:
We have put in place security systems designed to prevent unauthorized access to or disclosure of the personal information you provide to us, and we take all reasonable steps to secure and safeguard this personal information. Our Platform's password-protected section requires users to give us unique identifiers such as their user name and password. Notarize employees are required to acknowledge that they understand and will abide by our policies with respect to confidential and private information. Additionally, we evaluate our third party service providers based upon the type of information they receive and process for our customers and then, based upon our security guidelines, require key vendors to confirm with us their confidentiality obligations and use of security processes. Moreover, permissioned access to our databases containing personal information is governed by our internal security policy.
Our security systems are structured to deter hackers and others from accessing information you provide to us. However, due to the nature of Internet communications and evolving technologies, we cannot provide assurance that the information you provide us will remain free from loss, misuse, or alteration by third parties who, despite our efforts, obtain unauthorized access. Accordingly, you should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords, or for any activity on your account via unauthorized password activity, or for any improper uses of your account or password which you permit others to make.
User Generated Content: If you post content to our Platform, all of the information that you post will be available to all visitors to our Platform. We cannot prevent such information from being used in a manner that violates this Policy, the law, or your personal privacy.
Registered Users are able to modify personal information submitted by logging into your account and updating your profile information. You can also email us at the email address below in order to change your personal information.
Where you have agreed to receive newsletters or similar materials from us, we will send periodic promotional or informational emails to you. You can opt-out of such communications by following the opt-out instructions contained in the e-mail. If you opt-out of receiving emails about recommendations or other information we think may interest you, we will still send you service messages about your account or any Services you have requested or received from us or other notices as required by law.
Our Services are not designed for children under 18 years of age (18). If we discover that a child under 18 has provided us with personal information, we will delete such information from our systems.
Certain rights may be held by those who access the Platform or our Services and who are residents of the European Union (“EU”). The following information is provided for the benefit of such users and in the event it may affect their rights:
The Data Controller of the information collected through the Services is Notarize, Inc. which is headquartered in the United States at 745 Boylston Street, Unit 600, Boston, MA 02116. To exercise any rights that you have with regard to your personal information, you can contact us using the following details: firstname.lastname@example.org
The legal bases for using your personal Information. We collect your information as a Data Controller when we have a legal basis to do so. The following legal bases pertain to our collection of data:
If you would like to find out more about the legal bases on which we process personal information, please contact us.
Legal Rights Which May Apply to Users from the EU. Subject to certain exemptions; subject to applicable US federal and state law (including without limitation notarial law and e-signature law) and the obligations imposed upon us thereunder regarding use of data, recordkeeping, notifications and other compliance requirements; and dependent upon the processing activity we are undertaking; European Union individuals may have certain rights in relation to personal information. These may include:
Right to access, correct, and delete your personal information: If applicable, you have the right to request access to the personal information that we hold about you and: (a) the source of your personal information; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal information is transferred. You also have the right to request that we correct any inaccuracies or (subject to other controlling law) delete your information. We are not required to comply with your request to erase personal information if the processing of your personal information is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims.
Right to restrict the processing of your personal information: If applicable, you have the right to restrict the use of your personal information when (i) you contest the accuracy of the data; (ii) the use is unlawful but you do not want us to erase the data; (iii) we no longer need the personal information for the relevant purposes, but we require it for the establishment, exercise, or defense of legal claims; or (iv) you have objected to our personal information use which we have justified based on our legitimate interests verification as to whether we have a compelling interest to continue to use your data. In addition to other rights we have under law, we can continue to use your personal information following a request for restriction, where: (a) we have your consent; or (b) to establish, exercise or defend legal claims; or (c) to protect the rights of another natural or legal person.
Right to data portability: To the extent that we process your information (i) based on your consent or under a contract; and (ii) through automated means, you have the right to receive such personal information in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller.
Right to object to the processing of your personal information: If applicable, you can object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms
Right to lodge a complaint with your local supervisory authority: You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
How to Exercise Your Rights: If the above rights apply to you and you would like to exercise them, please send us a request to email@example.com. In your message, please indicate the right you would like to exercise and the information to which it relates. We will ask you for additional information to confirm your identity and for security purposes before disclosing to you any requested personal information. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. We will not always be able to fully address your request, for example if it would affect the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Cross-border Transfer of Information. We maintain servers and systems in the United States hosted by third party service providers. As a result, where the personal information that we collect through or in connection with the Services is processed in the United States, we will take steps to ensure that the information receives the same level of protection as if it remained within the European Union/EEA. You have a right to receive details of any safeguards that we have where your data is transferred outside the European Union (e.g. to request a copy where the safeguard is documented, which may be redacted to ensure confidentiality).
Retention. We will keep your information in a secure manner, as set forth above. We will retain your data for the period necessary to fulfill the different purposes outlined in section 2, including without exception to meet legal, regulatory and contractual requirements. We will endeavor to maintain an accurate record of your dealings with us in the event of any complaints or challenges, and if we reasonably believe there is a possibility of legal action relating to your data or dealings.
California residents have the right to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclose to third parties for their own direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to firstname.lastname@example.org.
If you have questions about the privacy aspects of our Services or would like to make a complaint, please contact us at email@example.com.
This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Platform at https://notarize.com/privacy. If we make any changes to this Policy that materially affect our data privacy practices with regard to the personal information we have collected from you, we will provide you with notice in advance of such change.