We believe in creating ethical technology as a means to drive peace of mind whilst preserving your privacy. That’s why we only collect the bare minimum of personal information about you and all metrics are anonymized. See below for details.
Though Authentic Labs may authenticate products such as toys or consumer products, our Site, Services, and Application are all targeted towards adults. If you are under the age of 16 or a child under applicable law (a “Child“), please do not provide us any Personal Data (defined below). We do not target Children with our Site, Application, or Services, nor do we knowingly collect Personal Data from Children. If you or your Child accidentally provide us with a Child’s Personal Data, please contact us at firstname.lastname@example.org.
3) Types of Data We Collect
Depending on how you interact with us, we may collect and process information that relates to identified or identifiable individuals (“Personal Data“). We collect and process the following categories of Personal Data (note, specific Personal Data elements listed in each category are only examples and may change).
4) Information You Provide to Us
- Brands with accounts on our Site (“Brands“):
- Account Data: Data you provide on behalf of your company to see our analytics, such as name, email address, and phone number.
- Other visitors to our Site:
- Email: You may choose to receive marketing and news from Authentic Labs by providing us your email address. We do not require this for you to use our service.
- Contact Data: You may choose to contact us through our Site. We will collect name, email, and whatever else you include in your message.
- Users of our Application:
- Camera Data: We use your camera to authenticate products. We do not collect your camera images, however; we process all camera data on the device.
- Support Data: If you choose to contact us for support in the Application, we may collect Personal Data about you that you provide.
5) Information We Collect Automatically
- Brands, other visitors to our Site:
- Interaction Data: We collect data about the way you interact with the Site, including IP address, time spent on pages, and other data.
- Cookies and Similar Technologies: (collectively “Cookies“). Cookies are small pieces of information that a website stores on your computer’s hard drive while you are viewing a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to improve our Site and Services.
- Users of our Application or Services:
- Authentication Data: In order to authenticate a product, we collect information like the operating system, browser, device type, date and time of scan, and product scanned. We assign each authentication a unique user ID (“UUID“).
- Geolocation Data: We may collect location data down to city level through the Application, subject to applicable law regarding consent. We do not link this Geolocation Data with other information to create a user profile.
- Anonymous Application Analytics: Anonymous application usage analytics. Users may opt out of collection of this information in settings
6) Information We Collect Automatically
Subject to your Rights and Choices below, we process your data in the following ways:
Use it to provide Brands aggregate analytics on authentication
Amazon Web Services, Inc. (“AWS
Send newsletters, surveys, offers, and other promotional materials related to Authentic Labs, and for other direct marketing purposes.
Answer your query
Will vary based on query.
Process the image locally on your device
We do not share Camera Data
Support your inquiry
Will vary based on query
Generate aggregate analytics to improve our Site and Services.
AWS as Site and Application host.
Distinguish between unique Site visitors; improve our Site and Services; targeted or behavioral marketing.
AWS as Site host. Third party cookie providers as detailed in Section 9.
Provide an authentication dashboard to Brands. We may also create de-identified or aggregate data records from this Data by excluding or changing information that makes the information personally identifiable to you. We use this data for a variety of purposes, such as to analyze request and usage patterns so that we may enhance the content of our Site, Services, or Application.
. We do not share individually-identifiable Interaction Data with Brands
If a Brand chooses to collect this Data and you consent under applicable law, we use city-level Geolocation Data in the Services.
Brands; AWS; Amplitude.
7) Other Transfers and Disclosures of your Personal Data
- International Data Transfers. We operate in and use service providers located in the United States. If you are located outside the U.S., your Personal Data may be transferred to the U.S. The U.S. does not provide the same legal protections guaranteed to Personal Data as the European Union does. Accordingly, your Personal Data may be transferred to the U.S. pursuant to the EU-U.S. Privacy Shield Framework, through AWS, and pursuant to Model Clauses (as approved by the Article 29 Working Party) agreed upon between AWS and Authentic Labs. Please see the Amazon Web Services Privacy Shield FAQ for more information on how your data is transferred from overseas.
- Legal Disclosures of Data
- ii) Disclosure for Law Enforcement. Under certain circumstances, Authentic Labs may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
- iii) Legal Requirements. Authentic Labs may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation;
- To protect and defend the rights or property of Authentic Labs, LLC;
- To prevent or investigate possible wrongdoing in connection with the Service;
- To protect the personal safety of users of the Service or the public; or
- To protect against legal liability.
8) Cookies and Similar Technologies
To make our Site and Services more useful to you, we may process usage and other data when you interact with cookies and similar technologies on our Site. We may receive this data from third parties to the extent allowed by the applicable partner. Please note that the privacy policies of third parties may apply to these technologies and information collected.
- for “essential” or “functional” purposes, such as to enable various features of the Site;
- for social media integration e.g. via third-party social media cookies, when you share information using a social media sharing button on our Site or Application, or you engage with our content on or through a social networking website such as Facebook or Twitter; and
- for analytics purposes, consistent with our legitimate interests in how our Site is used or performs, how users engage with and navigate through the Site, what sites users visit before visiting our Site, how often they visit our Site, whether an email was received or opened, and other similar information.
- subject to any consent required by law, for the purpose of displaying advertisements via retargeting to those users who have visited our Site, or for targeting advertising to visitors to our Site.
9) Data Processor List
Email List Administrator
Analytics (no Personal Data)
ML Kit for Firebase
10) Your Rights and Choices
You may exercise the below Rights and Choices by emailing us at email@example.com. Our mailing address is:
Authentic Labs, LLC
PO Box 19046
Boulder, CO 80308
- Your Rights. Subject to the rights granted to other individuals, and our rights under applicable law, you have the following rights in your Personal Data. We may require that you provide additional Personal Data to exercise these rights, e.g. information necessary to prove your identity.
- Access. You may receive a list of your Personal Data that we process to the extent required and permitted by law.
- Rectification. You may correct any Personal Data that we hold about you to the extent required and permitted by law. You may be able to make changes to much of the information you provided directly to the Application or Service via your account settings menu.
- Erasure. To the extent required by applicable law, you may request that we delete your Personal Data from our systems. You may request erasure of your Contact Data by emailing us at firstname.lastname@example.org.
- Data Export. To the extent required by applicable law, we will send you a copy of your Personal Data in a common portable format of our choice.
- Objection. Where we process data in accordance with our legitimate interests, you can object to that processing to the extent allowed by law. You can stop future collection of all data by the Application by uninstalling it.
- Regulator Contact. You have the right to contact or file a complaint with regulators or supervisory authorities about our processing of Personal Data. To do so, please contact your local data protection or consumer protection authority.
- California Rights. Residents of California (and others to the extent required by applicable law) may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes during the preceding twelve months. This request must be emailed to us at the address above.
We use appropriate technical and organizational means to protect your Personal Data. For example, we use SSL to encrypt data in transit and we encrypt data at rest. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure and we do not warrant complete security of your Personal Data, the Site, Services, or the Application. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us is compromised), please immediately notify us of the problem.
12) General Data Protection Regulation (GDPR) Information
- Controller. Authentic Labs, LLC, a Colorado limited liability company, is the data controller for Personal Data collected through the Site and the Application. The legal bases of our processing as a Controller of your Personal Data are in the table below. If you have questions about the legal basis of how we process your Personal Data, contact us at email@example.com.
PROCESSING PURPOSE USE:
- Cookies and Similar Technologies
PROCESSING PURPOSE DISCLOSURE:
- Service providers
- Corporate events
PROCESSING PURPOSE DISCLOSURE:
PROCESSING PURPOSE USE:
- Cookies and Similar Technologies
- Processor. When we provide authentication Services to third parties, we act as a Processor of any data collected, as “Processor” is defined by Article 28 of the GDPR. We only process that data pursuant to instructions contained in an agreement between us and the Controller of that data, which agreements will include a commitment from Authentic Labs to keep your data confidential. If necessary, we will assist Controllers in handling data subject access rights requests, security obligations, requests from supervisory authorities, and other GDPR obligations. We will only engage of sub-processors that meet the same GDPR obligations as we do.
- Privacy Shield & Dispute Resolution. Through AWS as noted in Section 7 above, we comply with the principles of the Privacy Shield Framework. We adhere to the Privacy Shield principles of notice, choice, accountability for onward transfer, security, data integrity, and purpose limitation, access, and recourse/enforcement/liability. If any Privacy Shield-related complaints cannot be resolved between an EU user and Authentic Labs, we will settle unresolved complaints using JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. If required by law, we will work with the appropriate panel of DPAs or individual DPA in the EU to resolve disputes. Under certain circumstances, these dispute resolution processes may result in your ability to invoke binding arbitration. The services of JAMS are provided at no cost to you.