Privacy Policy

Last modified: August 27, 2020

SafeFun, LLC (collectively, “SafeFun”) operate the SafeFun mobile application (“App”), the www.safefun.com, verifier.safefun.com and consumer.safefun.com websites (collectively, the “Site”), and the Covid-19 test result verification services offered through our platform (together with the App and the Site, the “Services”).

SafeFun respects and protects the privacy of the users that use our Services. We maintain strict policies to ensure the privacy of those who use our Services (“End Users”) or those who may just be visiting our Site (“Visitors”). This policy (“Privacy Policy”) describes the types of information we may collect from you and our practices for how we collect, use, maintain, protect, and disclose such information. The way that we collect and use your information depends on the way you access the Services (whether by Site or by App). This Privacy Policy also includes a description of certain rights that you may have over information that we may collect from you.

By using the Services, you agree to this Privacy Policy. If you do not agree with our policies and practices, your choice is to not use our Services.

Summary
This chart is a summary of data collected and data disclosed. The rest of this Privacy Policy provides additional information on our privacy practices.

Categories of Personal Information

Collection

Disclosure

Sale

Do we collect?

Collected in past 12 months

For a business purpose

For a business purpose in past 12 months

Do we sell?

Sold in past 12 months

Identifiers:

IP addresses; cookies, beacons, pixel tags, mobile ad identifiers, customer numbers, unique pseudonyms, user aliases, and telephone numbers.

YES

YES

YES

YES

NO

NO

Categories of PI described in Section 1798.80(e) of the CCPA (including name, email, phone number, mailing address, birthday, SSN, driver’s license number, and bank account number) 

YES

YES

YES

YES

NO

NO

Commercial information

YES

YES

YES

YES

NO

NO

Geolocation data

YES

YES

NO

NO

NO

NO

Internet or other electronic network activity information

YES

YES

YES

YES

NO

NO

Inferences drawn from other personal information to create a profile about a consumer.

NO

NO

NO

NO

NO

NO

Characteristics of protected classifications under California or federal law

YES

YES

YES

YES

NO

NO

Biometric information

NO

NO

NO

NO

NO

NO

Audio, visual or similar information

NO

NO

NO

NO

NO

NO

Professional or employment related information

NO

NO

NO

NO

NO

NO

Non-public education information (per the Family Educational Rights and Privacy Act)

NO

NO

NO

NO

NO

NO


Information that SafeFun Collects

Types of Information Collected

Personal Data

“Personal Data” is information by which you may be personally identified.  SafeFun may collect the following Personal Data from you:

  • Name;
  • Email;
  • Phone number;
  • Zip code;
  • Birthdate;
  • Driver’s License Number or State-Issued ID Card Number;
  • Covid-19 negative test results;
  • Credit card number (for business End Users only and solely through 3rd party service provider).

Non-Personal Data

Non-personal data includes any data that cannot be used on its own to identify, trace, or identify a person. We may collect your IP Address, device information, or location information.

When non-Personal Data you give to us is combined with Personal Data we collect about you, it will be treated as Personal Data and we will only use it in accordance with this Privacy Policy.

How we collect information.

We collect information about you in three ways:

(1) when you provide it do us directly through an interaction with us, for example:

  • When you register for the Service,
  • When you participate in surveys, chats, or other forums, and
  • When you contact us for service requests.

(2) through automated collection methods like cookies or log files; and

(3) when we obtain the information through a third party, for example:

  • When authenticating your identity with third-party service providers (diagnostic laboratories and their online systems).

Why we collect and how we use your information. (Legal Basis)

We collect and use your Personal Data when we have a legitimate purpose to do so, including the following reasons:

  • to verify your eligibility to use the Services (age verification, negative test result, etc.);
  • to confirm identity to use the Services;
  • to authenticate your identity with third-party service providers (diagnostic laboratories and their online systems);
  • when it is necessary for the general functioning of the Services, including to contact you (or to facilitate payments for business End Users);
  • when it is necessary in connection with any contract you have entered into with us (including our Terms of Use or when you make a purchase through the site) or to take steps prior to entering into a contract with us;
  • when we have obtained your prior consent to the use, including to communicate with you about our features and about upcoming events offered by us and our affiliated companies (this legal basis is only used in relation to uses that are entirely voluntary – it is not used for information processing that is necessary or obligatory in any way);
  • when we have a legitimate interest in processing your information for the purpose of providing or improving our Services;
  • when have a legitimate interest in using the information for the purpose of contacting you, subject to compliance with applicable law; or
  • when we have a legitimate interest in using the information for the purpose of detecting, and protecting against, breaches of our policies and applicable laws.

We may use aggregated (anonymized) information about our End Users, and information that does not identify any individual, without restriction.

Information Collected from Third Parties

Information from our service providers: We may receive information about you from third-party service providers that we engage for verification or identification purposes and fraud prevention.

Information from social media sites and other publicly available sources: When you interact or engage with us on social media sites through posts, comments, questions and other interactions, we may collect such publicly accessible information, including profile information, to allow us to connect with you, improve our products, or better understand user reactions and issues. We must tell you that once collected, this information may remain with us even if you delete it from the social media sites. We may also add and update information about you, from other publicly available sources.

Accessing and Controlling Your Information

If you would like to prevent us from collecting your information completely, you should cease use of our Services. You can also control certain data via these other methods:

Opt out of non-essential electronic communications: You may opt out of receiving newsletters and other non-essential messages by using the ‘unsubscribe’ function included in all such messages. However, you will continue to receive notices and essential transactional emails.

Optional information: You can always choose not to fill in non-mandatory fields when you submit any form linked to our services.

Your Rights to Your Data

You have the following rights with respect to information that we hold about you. We attempt to provide you the same rights no matter where you choose to live. 

Right to access: You have the right to access (and obtain a copy of, if required) the categories of personal information that we hold about you, including the information’s source, purpose and period of processing, and the persons to whom the information is shared. 

Right to rectification: You have the right to update the information we hold about you or to rectify any inaccuracies. 

Right to erasure: You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected. 

Right to restriction of processing: You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. 

Right to data portability: You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means.

Right to object: You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing.

Exercise Your Data Rights

We acknowledge your right to request access, amendment, or deletion of your data. We also recognize that you have the right to prohibit sale of your data, but we do not sell data.

You can exercise the rights described above, by sending an email or mail to the addresses listed in the Contact section below. Only you, or an agent authorized to make a request on your behalf, may make a request related to your personal information.

We cannot respond to your request if, (i) we cannot verify your identity; or (ii) your request lacks sufficient details to help us handle the request. We will make our best efforts to respond to your request withing 45 days of its receipt. If we cannot respond in 45 days, we will inform you, in writing, the reason for the delay and will respond to your request within 90 days. Any information we provide will only cover the 12-month period preceding the request’s receipt.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. We are not obligated to provide responses to your data requests more than twice in a 12-month period.

How Long do we Store Personal Data?

We will only retain your Personal Data for as long as is necessary to fulfill the purposes for which it is collected. This length of time may vary according to the nature of your relationship with us. Personal Data will be purged after four years of nonuse of an account.

Automated Data Collection Methods

Cookies

A cookie is a small file placed on the hard drive of your computer. Cookies are used to help us manage and report on your interaction with the Site. Through cookies, we are able to collect information that we use to improve the Services, keep count of return visits to our website, authenticate your login credentials, manage multiple instances of the Site in a single browser, and tailor your experience on the Services. Cookies may also collect other data such as the date and time you visited the Site, and your current IP address. If you turn off cookies, your experience on the Services may be impaired.

Log Files

We use means through the Services to collect IP addresses, browser types, access times, and physical location. We use this information to ensure compliance with various state laws. Occasionally, we use the information to improve our Services.

Users under the age of 18

Our Services are not intended for anyone under 18. If you are under 18, do not use or register on the Services, make any purchases, or provide any information about yourself to us. If we learn we have collected or received Personal Data from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at the email address listed below.

Do Not Track Settings

We do not track our Users over time and across third party websites to provide targeted advertising and do not specifically respond to Do Not Track (“DNT”) signals.


Who We Share Data With

We may use aggregated (anonymized) information about our End Users and Visitors, and information that does not identify any individual, without restriction.

We do not sell or otherwise disclose Personal Data specific personal or transactional information to anyone except as described below:

Affiliates.

We may, for our legitimate interests, share your information with entities under common ownership or control with us who will process your information in a manner consistent with this Privacy Policy and subject to appropriate safeguards.

Successors in Interest.

We may, for our legitimate interests, share your information with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, in which Personal Data about our End Users is among the assets transferred. You will be notified of any such change by a prominent notice displayed on our Services or by e-mail. Any successor in interest to this Privacy Policy will be bound to the Privacy Policy at the time of transfer.

Law enforcement and other governmental agencies.

We may share your information when we believe in good faith that such sharing is reasonably necessary to investigate, prevent, or take action regarding possible illegal activities or to comply with legal process, or for regulatory compliance or public health contact tracing purposes. This may involve the sharing of your information with law enforcement, government agencies, courts, and/or other organizations.

Service Providers.

We may, for our legitimate interests, share your information with contractors, service providers, third party authenticators, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. A list of some of our service providers is provided below.

Service Provider

Why we Share

Privacy Practices

Azure

All information you provide to us is stored on our secure servers provided by Microsoft Azure.

https://privacy.microsoft.com/en-us/PrivacyStatement

Cloudmersive

We use Cloudmersive virus scan software to scan files and content for viruses and identify security issues with content.

https://cloudmersive.com/privacy-policy

Google

We use Google Analytics for Site analytics. Google will use information on our behalf to evaluate the use of our online products and services, to compile reports on the activities within these online products and services and to provide us with further services associated with the use of these online products and services.

https://policies.google.com/privacy?hl=en

Stripe

We may link certain payment information through Stripe. We use Stripe for payment processing and we do not store any credit card or bank account data.

https://stripe.com/gb/privacy#personal-data-definition


Third-Party Services and Websites
SafeFun is not responsible for the privacy policies or other practices employed by websites linked to, or from, our Site or App nor the information or content contained therein, and we encourage you to read the privacy statements of any linked third party. This includes sharing information via social media websites.

Data Storage and How SafeFun Protects Your Information
SafeFun stores End User data on our servers including name, email, phone number, zip code, birthdate, Driver’s License Number and Covid-19 test results. Payment information is processed and stored by our service providers. Personal Data about End Users and Visitors is stored within the United States. The Services are only intended to be used inside the United States. If you are using the Services from the EEA or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Data to the United States. The United States may have laws which are different, and potentially not as protective, as the laws of your own country. By providing your Personal Data, you consent to any transfer and processing in accordance with this Privacy Policy.

SafeFun employs physical, electronic, and managerial control procedures to safeguard and help prevent unauthorized access to your information. We choose these safeguards based on the sensitivity of the information that we collect, process and store and the current state of technology. Our outsourced service providers who support our operations are also vetted to ensure that they too have the appropriate organizational and technical measures in place to protect your information

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your information transmitted to the Services. Any transmission of information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services. In the event that there is breach in the information that we hold; we shall notify of such breach via email or via notice on the Services.

Changes to the Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our End Users’ or Visitors’ Personal Data, we will notify you through a prominent notice on the Site or App or by email to the primary email address specified in your account . Such changes will be effective when posted. The date the Privacy Policy was last revised is identified at the top of the page. Your continued use of our Services following the posting of any modification to this Privacy Policy shall constitute your acceptance of the amendments to this Privacy Policy. You can choose to discontinue use of the Service if you do not accept any modified version of this Privacy Policy.

Questions and Comments
If you have any questions or comments about this Privacy Policy, or if you would like to file a request about the data we hold or file a deletion request, please contact us at privacy@safefun.com.

Powered By
Testing Guidance