ThKeeper privacy notice
No personally identifiable information (PII) about the customer, the operator of the software, or those whose documents are authenticated by the software is stored or transmitted to ThKeeper under any circumstances. The collected data does not include any images or partial images of the documents that are processed. The only information collected that relates to the document being processed is the type of the document (for example, USA ePassport Series 2006). This information is required in order to correlate performance issues with the document type so that improvements can be made to the Jasoon Document Library to specifically improve the performance, recognition, and authentication reliability of documents encountered by ThKeeper’s customers.
No personal information is left or saved in the mobile.
ThKeeper Ltd believes that individuals should be in control of their Personal Data and recognizes that the need for strong, customer friendly identity proofing solutions has never been greater. As Personal Data is continuously at risk, we strive to create trusted solutions that put individuals at ease and give them control of their data, while simultaneously allowing businesses to address the appropriate level of risk and offer the appropriate security. ThKeeper, as a data processor under the GDPR is compliant with the rigorous demands of the legislation and we want to work and cooperate with our current and future partners and be prepared to meet the requirements of the GDPR together.
The General Data Protection Regulation (“GDPR”) is a legal framework that sets guidelines for the collection and processing of Personal Data of individuals within the European Union (EU). Any company that holds personal data of EU residents or processes data of EU residents is accountable under the GDPR, regardless of the company’s physical location.
ThKeeper’s Security Measurements
ThKeeper has implemented technical and organizational measures to ensure the security of the Personal Data while the data is in ThKeeper’s possession or control. The security measures that ThKeeper has implemented include, but are not limited to:
• Encryption of the Personal Data during transmission;
• Prevention of accidental or unauthorized access, reading, copying, modification, removal or destruction of the Personal Data;
• Access is restricted to ThKeeper’s employees who have a “need to know” in order to carry out the purpose of the processing and all of those employees are under an obligation of confidentiality with ThKeeper;
• Training of ThKeeper’s employees regarding the proper handling of Personal Data;
• The data center where the Personal Data is processed and/or stored has restricted access;
• Use of technological means (e.g. firewalls) to prevent unauthorized access to the Personal Data while it is in ThKeeper’s possession or control;
• A disaster recovery plan which allows the restoration of all Personal Data in the event of a catastrophic event;
• Logging of all processing activity of the Personal Data which records when the Personal Data was processed, what processes the Personal Data underwent, anyone that accessed the Personal Data, where and when the Personal Data was transmitted and when the Personal Data was erased from ThKeeper’s SAAS service; and
• Annual review and evaluation of the adequacy of ThKeeper’s security measures.
Data Subject’s Access to the Personal Data
• ThKeeper’s Data Protection Officer (“DPO”) may be contacted at privacy@ThKeeper.com
• Data Subjects may contact the DPO about all issues related to processing of their Personal Data and exercise all of their rights under the GDPR. A Data Subject is entitled to request and the DPO shall respond without undue delay to the following:
To know the content of the Personal Data being processed and/or stored by ThKeeper
Correction, amendment, or deletion of their Personal Data if inaccurate
To whom the Personal Data has been disclosed
The information given to you by ThKeeper concerning technical, legal, or professional aspects of ThKeeper’s compliance with the GDPR is for informational purposes only and does not constitute legal or professional advice nor create any legal obligation or liability on the part of ThKeeper, Inc.
Information about Data Security and Privacy Principles for IBM Cloud Services
This policy also does not apply to information about you collected by third party services, applications, or websites or advertisements associated with, linked to or otherwise accessible from the Sites. In this regard, note that to the extent any credit card payment information (including the number, security code and expiration date) is submitted by you in connection with your use of the Sites or the Services, such information is not collected by the Company but rather is sent directly to a third party payment processor. The information collected or received by such third parties (such as the third party payment processor), is subject to their own privacy policies and under no circumstances is the Company responsible or liable for the third party’s compliance therewith.
HOW DO WE COLLECT INFORMATION FROM YOU?
We collect personally identifiable information (i) when you register to become a user of the Services through the Sites, (ii) when you “opt in” for certain services or features of the Sites, such as electing to receive emails, (iii) when you voluntarily provide us with information through emails or providing comments on our social media sites, (iv) when you click on Facebook, Twitter, Linkedin or other social media “plug-ins” on the Sites and (v) automatically as further described below.
We also receive the automatic and passive data (both personally identifiable and otherwise) from the computer, mobile phone or other device you use to access the Sites and the Services, and when you interact with the Sites. In this regard, the Sites use common automated information gathering tools such as logs files that record page activity, including a particular user’s visits to a page and how many “hits” a particular item is receiving, as well as other user activity. We may also collect information through other technologies, in particular the following:
WHAT INFORMATION DOES THE COMPANY COLLECT FROM YOU?
Via the Sites, the Company collects from you: (i) certain non-personal technical and other information and (ii) certain personally identifiable information.
Non-Registered Users of the Sites – In general, if you use the Sites without registering with the Company, you will be using the Sites anonymously; no personally identifiable information is collected. However, if you click on social “plug-ins” on the Sites (such as for Facebook or Twitter), those actions will be associated with, and we will have access to, your basic information on those social media sites. So, for example, if you click on the Facebook icon, we will have access to your name, email, gender, birthday, current city and profile picture, notwithstanding that you have not registered on the Site. If you “Like” our Sites or any item on the Sites on Facebook, our Sites will appear in the “Likes ” section of your profile, and we will have the ability to publish updates to you. In addition, we will collect certain the non-personally identifiable information from non-registered users, as noted in “All Users” paragraph below.
Registered Users – At the time you become a registered user of the Sites, you will providing us with the following registration-related information: full name, address, office, home and mobile phone numbers, fax numbers, e-mail address and contact preferences.
Depending on how you use the Sites, we may collect the following additional personally identifiable additional information and data:
information about your use of Site features, how frequently you use them and your responses to any offerings and advertisements presented on the Sites;
customer service information about you as a Site user;
information that you publicly post on our blogs made available by the Sites;
information on the persons or practices that referred you to ThKeeper.
All Users – Regardless of whether you are a registered or non-registered user, when you use the Sites various types of information are collected automatically and passively through log files, cookies and the other tools noted above under the caption ”How We Collect Information From You,” including your IP address (a number assigned to your computer when you use the Internet), the name of the web page from which you entered the Sites, type of browser or operating system you are using, the name of your Internet service provider, broad demographic data, your activity while using the Sites (including access times, duration of visit on each page, new and repeat visit information, exit page information and general usage activity), and data relating to malfunctions or problems occurring when you use your computer with the Sites.
Discretionary Contact With Us – The Sites provide information on how to contact us electronically through the Sites and through email. Whenever you make such contact, you will be providing us with your name and contact information, such as email address and phone number, and any information you choose to include in the text of your message.
If you make any comments on a blog or forum associated with our Sites, you should be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these blogs and forums.
ADDITIONAL DISCLOSURE FOR MOBILE APP USERS
ADDITIONAL DISCLOSURE FOR MOBILE APP USERS
Our Use of Information. We collect, retain, and use the information we collect via the Sites for legitimate business purposes only: primarily to provide the Services which facilitate communications to and from your practice, patients and any hospitals who utilize the Services. It will allows us to provide the Services as they exist today, but it also as we add innovative features in the future that use the information we receive about you in new ways. In addition, we may use the information we receive about you:
to help keep the Sites safe and secure, and protect users’ rights or property;
to measure or understand the effectiveness of our Sites and, if applicable the ads you and others see; and
to correspond with you regarding the Sites or matters relating to your use or potential use of the Services, or to inform you of developments in our Company or with our Services that we believe may be of interest to you.
PROTECTING YOUR PERSONALLY IDENTIFIABLE INFORMATION
Because security is important to both the Company and you, we maintain data handling and storage practices and procedures that are designed to maintain the integrity and confidentiality of the personally identifiable information submitted to us, both during transmission and once we receive it. Industry standard internet security methods and technologies are used in an effort to prevent unauthorized access, maintain data accuracy, and ensure correct use of information. For example, where appropriate, when you enter sensitive information, we encrypt that information using secure socket layer technology (SSL). No method of transmission over the Internet or method of electronic storage is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security (for example, as a result of unauthorized acts by third parties that violate applicable law or the policies of the Sites and its service providers).
Data transmitted via the Site (other than credit card payment information) is stored on servers which are owned or controlled by us and such data is store for as long as it is necessary to provide Services to you and others. Typically, information associated with your account will be kept until your account is deleted. For certain categories of data, we may also tell you from time to time about specific data retention practices. If you suspect unauthorized access to your information, it is your responsibility to contact the Company immediately. Please be aware that data transmission is not always secure and we cannot warrant that information you transmit through the Sites is secure.
THIRD PARTY SERVICES, ADVERTISERS AND APPLICATIONS
COMMUNICATION YOU MAY RECEIVE FROM US
The Company uses voluntarily provided information to send you announcements of new Services, updates, promotional information and newsletters, as well as to provide the Services that you request and give you better customer service. You may opt out of receiving materials or other communications from us by checking the appropriate box when you register. You may unsubscribe or “opt out” from these emails at any time by following the opt-out link provided in any email received or by contacting us via email at support@ThKeeper.com. Please note that even if you unsubscribe from promotional email messages, we may still need to contact you with important transactional information related to your account and your use of the Services. For example, even if you have unsubscribed from our email messages, we will still send you emails confirming your preferences needed to deliver our Services.
INTERNATIONAL USERS – APPLICABLE LAW
MODIFICATIONS AND DELETIONS TO PERSONAL INFORMATION
We strive to maintain the accuracy of any personally identifiable information that may be collected from you, and will use our commercially reasonable efforts to respond promptly to update our database when you tell us the information in our database is not accurate. It is your responsibility to ensure that such information is accurate, complete and up-to-date. You may obtain from us, by e-mail the registration information in our records and/or files. Information will be updated as soon as reasonably practicable. Removed information may persist in backup copies for a reasonable period of time but will not be generally available.
Once you are no longer ThKeeper user, your account is permanently deleted from the Sites. It typically takes about one month to delete an account, but some information may remain in backup copies and logs for up to 90 days.