What information do we collect from the people that use our website or app?
When creating an account or linking a device to your account, you may be asked to enter your:
Name: It is referred to the user name that you use to login to your website or service that is authenticated by NoPass™.
Email Address: If you decide not to use the QR code that is provided during the registration sequence, then you will have to provide us with your email so we can send an activation link to your email.
Automatically Collected Information
In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.
Identité.us follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
Your user data
Identité™ mobile application (NoPass™) cannot see your data like your contacts, it cannot read your text messages, it cannot access your photos (but it can use your camera to scan QR code if you explicitly allow that permission), it cannot access your files, it cannot erase your device, it cannot see information about other applications on your device. We do not track any personal data about these accounts – only the name of the service.
Precise real-time location information of the device
When you visit the mobile application, we may use GPS technology (or other similar technology) to determine your current location in order to determine your location. We use this data to provide features of our Service, to improve and customize our Service, to enforce our geo-fencing security measures for the security of our application and additional identity verification checks. We will not share your location with other users.
If you do not want us to use your location for the purposes set forth above, you should turn off the location services for the mobile application located in your account settings or in your mobile phone settings and/or within the mobile application.
You can stop all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
Device state data
As part of your (NoPass™) login request, your organization's NoPass™ administrator(s) may set access policies requiring devices to meet certain security properties in order to login to a service. Data about the security properties of your device are collected at the time of login to determine whether your device meets your organization’s policies. In general, these security properties are yes/no values, such as whether your phone has a biometric control enabled (fingerprint or face recognition), whether your device is jailbroken, rooted or otherwise in a compromised state, whether your phone has a screen lock, and whether the device’s storage is encrypted. We also collect some specific values, like the version of your operating system (i.e. iOS 12.0.1 or Android 8.1), and the version of Identité™ mobile application (NoPass™) you are using. As mentioned before, Identité™ mobile application (NoPass™) cannot see personal data on
When do we collect information?
We may collect information from you when you:
Create an account
Update/modify an existing account
Assign devices to your account
Respond to a survey or marking communication
While using our application
What permissions do we need?
In general, Identité™ mobile application (NoPass™) cannot access things like your contacts, photos, text messages, and emails. However, we do have a few device data permissions that we request to help make the authentication process easier for you.
Permission to send Push notifications
We only send push notifications for two purposes:
To send you a login request to approve or deny, or
To alert you to a security issue we detect on your device.
We will never spam or send irrelevant push notifications. You can deny this permission, but you will have to manually go into Identité™ mobile application (NoPass™) to approve or deny a login request each time you log in.
This permission requires you to explicitly grant permission for Identité™ mobile application (NoPass™) to use your camera to scan QR codes that are used to quickly add multi-factor authentication accounts. You can deny this permission, but without access, you will have to enter in your valid email so we can send the activation link to your email so that you can get your account working. Identité™ mobile application (NoPass™) will never access your photos and will only use your camera when you are scanning the QR code during the registration sequence.
Identité™ mobile application (NoPass™) uses a pseudonymized mobile data analytics provider, Firebase. It helps us understand how Identité™ mobile application (NoPass™) users interact with our app. Our usage analytics only collect information about how you use (NoPass™), it cannot “see what you do” in other applications on your phone. We use analytics data to increase stability and to develop new features for Identité™ mobile application (NoPass™).
If you give us permission, we will be able to use your precise geolocation (latitude and longitude) in order to offer you features that make use of it. We use this data to provide features of our service, to improve and customize our service, to enforce our geo-fencing security measures for the security of our application and additional identity verification checks.
Identité™ mobile application (NoPass™) user pseudonymized mobile crash reporting service called Firebase crash reporting. Firebase collects information about app crashes, which we use to monitor app stability and to fix bugs.
How do we use your information?
We may use the information we collect from you when you create an account, update an existing account, assign devices to an account, respond to a survey or marketing communication, use our site or NoPass™ Application, or use certain other features in the following ways:
To quickly process your transactions
To verify for security purposes who you are
To authenticate logins to third party sites/apps
How do we protect your information?
Security is what we do, and we take the security of the personal information we have about very seriously. We use appropriate administrative, organizational, technical, and physical safeguards that are designed to protect the personal information we collect and process. The measures we use are designated to provide a level of security appropriate to the risk of processing your personal information and to help ensure that your data is safe, secure, and only available to you and those with authorized access (as decided by your organization administrator or you, as appropriate.)
We implement a variety of security measures whenever a person uses our website, or app, to maintain the safety of your personal information.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Our apps are monitored regularly for vulnerabilities and opportunities to make them more secure.
We regularly use Malware and Virus Scanning, as well as log and activity monitoring.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are to keep the information confidential.
All secured protected information you supply is encrypted via Secure Socket Layer (SSL) technology, as well as a second encrypted layer, meeting and exceeding most specs by other companies, governments, and other entities.
Who do we share your data with?
Identité™ mobile application (NoPass™) never sells your data. We only use your data to provide and improve our security service. Identité™ mobile application (NoPass™) only communicates with two entities: our own Identité™ mobile application (NoPass™) security service and Firebase (for usage analytics and crash reporting). When sending data to an external service like Firebase, we only send de-identified pseudonymized data to protect your privacy. Every service that Identité™ mobile application (NoPass™) sends data goes through an extensive security audit process to ensure that the service meets Identité™ mobile application (NoPass™) strict privacy and security controls.
You can read more about Firebase privacy controls in their support article provided in this link: https://firebase.google.com/support/privacy/
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice.
This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may release your information when we believe its release is appropriate to comply with the law, enforce our site policies, or protect our or other's rights, property, or safety.
How long do we keep your data?
We only keep your information for as long as we have an ongoing legitimate business need to provide our service.
When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If this is not possible (for example, because your information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Cookies and Web Beacons
Like any other website, identite.us uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.
They may also collect information about
Your Internet Protocol (IP) address. This is a number automatically assigned to your computer or device whenever you connect to the Internet. It is a unique address assigned by your Internet service provider or IT department on a TCP/IP network. Among other things, the IP address allows web servers to locate and identify your device.
Google DoubleClick DART Cookie
“Do Not Track” Signals
Some web browsers may give you the ability to enable a "do not track" feature that sends signals to the websites you visit, indicating that you do not want your online activities tracked. This is different from blocking or deleting cookies, as browsers with a "do not track" feature enabled may still accept cookies.
No industry standard currently exists on how companies should respond to "do not track" signals, although one may develop in the future. Identité™ websites do not currently recognize and respond to "do not track" signals. If we do in the future, we will describe how in this Privacy Statement. Learn more information about "do not track".
Our Advertising Partners
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users.
California Online Privacy Protection Act
See more at: CalOPPA
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Users are able to change their personal information by logging in to their account.
Does our site allow third-party behavioral tracking?
COPPA (Children Online Privacy Protection Act)
We do not specifically market to children under 13.
When it comes to the collection of personal information concerning children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States of America, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
Within one (1) business day, we will notify the users via in-site notification.
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
To be in accordance with CANSPAM we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can and we will promptly remove you from ALL correspondence.