© 2014-2020 Bridge ID, LLC or its affiliates. All rights reserved.

Bridge ID, the shield logos and the “NOW YOU KNOW” tag line are trademarks of Bridge ID, LLC or used under license.

Privacy Policy    Terms of Use    Impressum

“NOW YOU KNOW”

Click the logo to visit our company profile on LinkedIn. This is a link to an external website! Click the logo to visit our company profile on Xing. This is a link to an external website! Click the logo to visit our company profile on Facebook. This is a link to an external website! Click the logo to visit our company profile on Twitter. This is a link to an external website!
Click the logo to go to the home screen.
HOME COMPANY COVID-19 CONTACT OMS APP SUPPORT
COVID-19

CORONAVIRUS UPDATE: Click here to visit our COVID-19 page for details about our humanitarian initiative during this crisis.

PRIVACY POLICY ••••• ••• •• • •

BID-W3-PP, rev.0 dated 2020-03-17
 

Bridge ID, LLC (hereinafter referred to as “Bridge ID,” “we,” “us,” or “our”) is the publisher of a collection of webpages at the Internet domain bridgeid.com (the “Website”) and is pleased to offer certain web-based services via the Website (the “Cloud Services”). Collectively, the public Website content and the non-public Cloud Services are referred to as the “Services”.

Our practices regarding your personal data are established in this policy (the “Privacy Policy”), which is incorporated into and forms part of your applicable agreement with Bridge ID with respect to your use of the Cloud Services (the "Agreement").

1. Purpose

(a) We are committed to protecting your privacy. We have prepared this Privacy Policy to describe to you our practices regarding the Personal Data, as defined hereinbelow, that we collect from visitors of our Website and from users of our Cloud Services. In addition, this Privacy Policy tells you about your privacy rights and how the law protects you.

(b) It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

(c) The Cloud Services are not intended for persons under the age of thirteen (13), or as otherwise prohibited by law, and we neither knowingly collect nor authorize you to collect data relating to such children.

2. User Acknowledgment

By submitting Personal Data through the Website, you acknowledge that you have read and understand this Privacy Policy and agree to the terms of this Privacy Policy.

3. Controller and Contact Details

We are the controller of Personal Data submitted in accordance with this Privacy Policy and are responsible for that Personal Data. We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below:

Full name of legal entity:  Bridge ID, LLC
Title of DPO:  Legal Director
E-mail address:  legal@optimum-holdings.com
Postal address:  P.O. Box 381, Gates Mills, Ohio 44040-0381, United States of America

4. Types of Data We Collect

We collect Personal Data and Anonymous Data from you when you visit the Website, when you send us information or communications, and when you register for and use the Cloud Services.

(a) “Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.

(b) “Anonymous Data” means data that is not associated with or linked to your Personal Data and thus does not permit the identification of individual persons. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).

4.1 Personal Data Collected via Technology

To make the Website and the Cloud Services more useful to you, our servers (which may be hosted by a third-party service provider) collect Personal Data from you, including browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or date/time stamp and duration of your visits and user sessions.

4.2. Personal Data Collected via Cookies

“Cookies” are small pieces of harmless information that a website sends to your computer’s storage drive while you are viewing a website. We use Cookies and navigational data like uniform resource locators (URLs) to gather information regarding the date and time of your visits, the information for which you searched and which you viewed. Like most technology companies, we automatically gather this Personal Data and store it in log files each time you visit our website or access your account on our network.

We may use both session Cookies, which expire once you close your web browser, and persistent Cookies, which stay on your computer until you delete them, to provide you with a more personal and interactive experience on the Website. Persistent Cookies can be removed by following the directions in the help section of your Internet browser.

You may choose to refuse or disable Cookies via the settings on your browser; however, by doing so, some Services may not work properly as intended.

4.3. Personal Data You Provide to Us

We collect Personal Data from you. If you create an account for and invite additional users within your organization (the “Additional Users”) to participate in the Cloud Services, we will also collect Personal Data about them from you and possibly also from them. This Personal Data may include information such as name, e-mail address, mailing address, telephone numbers, professional title, organization name, and password when you register and create an account to access the Cloud Services, or sign-up for any newsletter or other marketing material. When you use the Cloud Services, we will also collect all information necessary to complete any financial transactions, including your name, credit or debit card information, and billing information. We also retain information on your behalf, such as files and messages that you store using your account. If you provide us feedback or contact us via e-mail or telephone, or submit a response to an employment opportunity posted on the Website, we will collect your name, e-mail address, telephone number and mailing address, as well as any other content included in your message, in order to send you a reply, and any additional information that you submit to us, such as a resume. When you participate in one of our surveys, we may collect additional profile information. When you post messages on any message boards of the Website, the information contained in your posting will be stored on our servers and other users will be able to see it. We also collect other types of Personal Data that you provide to us voluntarily, such as operating system and version, and other requested information if you contact us via telephone or e-mail regarding support for the Cloud Services. We may also collect Personal Data, such as demographic information, from you via the Cloud Services or at other points on the Website that state that Personal Data is being collected.

You and any Additional Users may contact us at legal@optimum-holdings.com to request the removal of personal information from our database. We will comply with such requests to the extent permitted by law, and to the extent that you or the Additional Users have not waived the right to request such removal as part of your (or their) employment arrangement with your organization. Please note that removal of personal information of users of the Cloud Services may preclude us from fulfilling our obligations to you to maintain accurate and complete records under the "Agreement."

4.4. Personal Data We Collect from You about Others

If you create an account for and invite a third party to participate in the Cloud Services, we will collect the third party's name, e-mail address and telephone number (in order to send e-mails and text messages and to follow up with the third party) plus other details of the third party including, but not limited to, governmental identification document details, date of birth, and financial details necessary for us to process any payments from them that may come due.

Since a major objective of the Cloud Services is the verification of the identity and location of third parties, such third parties specifically agree to waive their rights to request removal of their Personal Data during the registration process for the Cloud Services. Since removal of personal information of such third parties would preclude us from fulfilling our obligations to you to maintain accurate and complete records under the "Agreement," the Personal Data of third parties cannot be removed and requests for removal thereof cannot be satisfied unless (i) the third party’s account was created in error, (ii) the third party is found to be a person under the age of thirteen (13) or as otherwise prohibited by law, or (iii) the continued retention of the Personal Data for a specific third person is deemed or ruled to be unlawful.

5. Use of Your Data

5.1. General Use

In general, Personal Data that you submit to us is used either to respond to requests that you make, or to aid us in serving you better. We use your Personal Data in the ways set out in the table below where we also detail the legal bases on which we rely to do so.


PURPOSE OR ACTIVITY: To register you as a new customer and provide administration of the Website and the Cloud Services

TYPE OF DATA: ❶ Identity, ❷ Contact

BASIS FOR PROCESSING: ① Performance of a contract with you, ③ Necessary for our legitimate interests  


PURPOSE OR ACTIVITY: To manage our relationship with you which will include: (a) notifying you about changes to our terms of use or privacy policy; and (b) asking you to leave a review or take a survey  

TYPE OF DATA: ❶ Identity, ❷ Contact, ❸ Profile, ❻ Marketing and Communications  

BASIS FOR PROCESSING: ① Performance of a contract with you, ② Necessary to comply with a legal obligation, ③ Necessary for our legitimate interests  


PURPOSE OR ACTIVITY: To enable you to complete a survey or partake in a prize draw or competition

TYPE OF DATA: ❶ Identity, ❷ Contact, ❸ Profile, ❺ Usage, ❻ Marketing and Communications  

BASIS FOR PROCESSING: ① Performance of a contract with you, ③ Necessary for our legitimate interests  


PURPOSE OR ACTIVITY: To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

TYPE OF DATA: ❶ Identity, ❷ Contact, ❹ Technical

BASIS FOR PROCESSING: ② Necessary to comply with a legal obligation, ③ Necessary for our legitimate interests


PURPOSE OR ACTIVITY: To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

TYPE OF DATA: ❶ Identity, ❷ Contact, ❸ Profile, ❹ Technical, ❺ Usage, ❻ Marketing and Communications

BASIS FOR PROCESSING: ③ Necessary for our legitimate interests


PURPOSE OR ACTIVITY: To use data analytics to improve the Website, Cloud Services, marketing, customer relationships and experiences

TYPE OF DATA: ❶ Identity, ❸ Profile, ❹ Technical, ❺ Usage

BASIS FOR PROCESSING: ③ Necessary for our legitimate interests


PURPOSE OR ACTIVITY: To make suggestions and recommendations to you about goods or services that may be of interest to you

TYPE OF DATA: ❶ Identity, ❷ Contact, ❸ Profile, ❹ Technical, ❺ Usage

BASIS FOR PROCESSING: ③ Necessary for our legitimate interests. In some contexts, we will ask for explicit consent  

5.2. Creation of Anonymous Data

We may create Anonymous Data records from Personal Data by excluding information (such as name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of the Cloud Services and improve site navigation, and for marketing and analytics. We reserve the right to use and disclose Anonymous Data to Third Party Companies in our discretion.

5.3. Feedback

If you provide feedback on any of our Cloud Services or on the Website, we may use such feedback for any purpose, provided we will not associate such feedback publicly with your Personal Data. We will collect any information contained in such communication and will treat the Personal Data in such communication in accordance with this Privacy Policy.

6. General Use

6.1. General Use

We may share some or all of your Personal Data with other companies under our common control ("Affiliates"), in which case we will require our Affiliates to honor this Privacy Policy. If another company acquires us or our assets, that company will possess the Personal Data collected by it and us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy. We may also disclose your Personal Data to third parties in the event that we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets.

6.2. Other Disclosures

Regardless of any choices you make regarding your Personal Data (as described below), we may disclose Personal Data if we believe in good faith that such disclosure is necessary to (a) comply with relevant laws or to respond to subpoenas or warrants served on us; (b) protect or defend our rights or property or the rights or property of users of the Cloud Services; or (c) protect against fraud and reduce credit risk.

7. Third Parties

7.1. Personal and/or Anonymous Data Collected by Third Parties

(a) We may receive Personal and/or Anonymous Data about you from other sources like telephone facsimile or e-mail, or from companies that provide our Products by way of a co-branded or private-labeled website or companies that offer their products and/or services on our website ("Third-Party Companies"). Our Third-Party Companies may supply us with Personal Data, such as your calendars and address book information, in order to help us establish the account. We may add this information to the information we have already collected from you via our Website in order to improve the Products we provide.

(b) Our provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents. When you click on such a link, you will leave our Website under the bridgeid.com domain and go to another website. During this process, another entity may collect Personal Data or Anonymous Data from you.

(c) We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of data after you click on links to such outside websites. You may determine whether we are responsible for the content of a website by reviewing its URL and confirming the ownership of the applicable domain by means of a free service such as https://tools.dnsstuff.com/.

7.2. Disclosure to Third Party Service Providers

Except as otherwise stated in this policy, we do not generally sell, trade, share, or rent the Personal Data collected from our services to other entities. However, we may share your Personal Data with third party service providers to provide you with the Cloud Services that we offer you through our website; to process payments; to conduct quality assurance testing; to facilitate creation of accounts; to collect and analyze data; to provide technical support; or to provide specific services, such as synchronization with other software applications. These third-party service providers are required not to use your Personal Data other than to provide the services requested by us. You expressly consent to the sharing of your Personal Data with our contractors and other service providers for the purposes listed in this section.

7.3. Disclosure to Third Party Companies

We may enter into agreements with Third-Party Companies. A Third-Party Company may want access to Personal Data that we collect from our customers. As a result, we may disclose your Personal Data to a Third Party Company; however, we will not disclose your Personal Data to Third-Party Companies for the Third-Party Companies' own direct marketing purposes, unless you have "opted-in" by following the instructions we provide to allow such disclosure. If you have opted-in to receive e-mail communications from a Third-Party Company and later wish to discontinue receipt of these e-mails, please contact the Third-Party Company directly to update your preferences. The privacy policies of our Third-Party Companies may apply to the use and disclosure of your Personal Data that we collect and disclose to such Third-Party Companies. Because we do not control the privacy practices of our Third-Party Companies, you should read and understand their privacy policies.

8. Your Choices Regarding Your Personal Data

We offer you choices regarding the collection, use, and sharing of your Personal Data. We may periodically send you free newsletters and transactional e-mails that directly promote the use of the Cloud Services.

When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to "opt-out" by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information above).

You are not able to indicate a preference to stop receiving transactional e-mails from us that relate to the use of the Cloud Services and will thus not have the opportunity to "opt-out". The only way to stop receiving transactional e-mails is to deactivate your user profile in the Cloud Services.

Despite your indicated e-mail preferences, we may still send you notices of any updates to our Privacy Policy.

9. Your Legal Rights regarding your Personal Data

Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. These rights may include:

(a) Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

(b) Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

(c) Request erasure of your personal data. This enables you to ask us to delete or remove personal data. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply in full with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

(d) Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

(e) Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

(f) Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

(g) Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to exercise any of the above rights please contact legal@optimum-holdings.com. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. Security of Your Personal Data

Unfortunately, the transmission of information via the Internet is not completely secure. Although we are committed to protecting your Personal Data, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk. Once we have received your information, we use a variety of industry-standard security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. We also require you to enter a password to access your account information. Please do not disclose your account password to unauthorized people. We have put in place procedures to deal with any suspected personal data breach and will notify you of a breach as well as any applicable regulator where required to do so.

11. Data Retention

We will only retain your Personal Data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

12. Dispute Resolution

If you believe that we have not adhered to this Privacy Policy, please contact us by e-mail at legal@optimum-holdings.com. We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation. If we are unable to reach a resolution to the dispute, we will settle the dispute exclusively under the rules of the American Arbitration Association.

13. Changes to This Privacy Policy

This Privacy Policy is subject to occasional revision, and if we make any substantial changes in the way we use your Personal Data, we will notify you by sending you an e-mail to the last e-mail address you provided to us or by prominently posting notice of the changes on our website. Any material changes to this Privacy Policy will be effective upon the earlier of thirty (30) calendar days following our dispatch of an e-mail notice to you or thirty (30) calendar days following our posting of notice of the changes on our site. These changes will be effective immediately for new users of our website and Cloud Services. At all times, you are responsible for updating your Personal Data to provide us with your most current e-mail address. In the event that the last e-mail address that you provided us is not valid, or for any reason is not capable of delivering to you the notice described above, our dispatch of the e-mail containing such notice will nonetheless constitute effective notice of the changes described in the notice. In any event, changes to this Privacy Policy may affect our use of Personal Data that you provided us prior to our notification to you of the changes. If you do not wish to permit changes in our use of your Personal Data, you must notify us prior to the effective date of the changes that you wish to deactivate your account with us. Continued use of our website or Cloud Services, following notice of such changes shall indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes.

14. Transfers of Personal Data outside the EEA

Your Personal Data may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of Personal Data may be less stringent than the laws in your country. We comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (collectively, "Privacy Shield") as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred to the United States from the European Union, Switzerland, and the United Kingdom in reliance on Privacy Shield. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles with respect to such information. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit the following website: https://www.privacyshield.gov/

You may direct any inquiries or complaints concerning our Privacy Shield compliance to legal@optimum-holdings.com. We will respond within 45 days from receipt of your message. If we fail to respond within that time, or if our response does not address your concern, you may contact the International Centre for Dispute Resolution, the international division of the American Arbitration Association (ICDR/AAA), which provides an independent third-party dispute resolution body based in the United States. ICDR/AAA has committed to respond to complaints and to provide appropriate recourse at no cost to you. To learn more about ICDR/AAA, please visit the following website: www.icdr.org/privacyshield/. If neither we nor ICDR/AAA resolves your complaint, you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

As noted above, we use a limited number of third-party service providers to assist us in providing our services to customers. These third parties may access, process, or store personal data in the course of providing their services. We maintain contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our Privacy Shield obligations, and we may be liable if they fail to meet those obligations and we are responsible for the event giving rise to the damage.

Our commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission. We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

• • •• ••• ••••• END ••••• ••• •• • •