Charge is headquartered in the United States at 1100 Highland Ave, Manhattan Beach, CA 90266.
Charge collects “personal information” about users of the Services. “Personal information” is information such as a name, email address, or identification card image, which refers to an identified or identifiable person. Charge processes personal information on behalf of the Customer Data Controller. For its own purposes, Charge only processes the personal information described in section “Charge acting as a data controller” and anonymized and/or aggregated information. “Anonymized information” is information which does not relate to an identified or identifiable person or is rendered anonymous in such a manner that the person is no longer identifiable.
Personal information. Charge collects a wide range of personal information through the Services. This information varies depending on the Charge application and the Customer Data Controller in question, but may include such information as name, physical address, email address, telephone number, social security number, driver’s license number, state or national ID card number, passport number, other ID card number, credit or debit card number, CVV, expiration date, and/or date of birth. In some cases, Charge may collect a visually scanned or photographed image of your face and/or your identification card, driver’s license, passport, utility bill, bank account statement, insurance card, or credit/debit card. This image may include your photograph and other information from the imaged document, such as your eye color, weight, height, and organ donor status.
Information for Illinois residents: Charge’s collection of personal information may include biometric identifiers and/or biometric information (collectively “biometric data”), and Charge may share such biometric data with the Customer Data Controller. Charge may collect, process and store your biometric data for the purpose of verification services and long-term proof of inspection of your provided form of identification, on behalf of and as instructed by the Customer Data Controller. Charge will store your biometric data for as long as the Customer Data Controller requests (e.g., the duration of your use of its services), which shall be no longer than the earlier of the date when (i) the Customer Data Controller ceases to have a relationship with Charge or (ii) within three (3) years after the Customer Data Controller informs Charge that its last interaction with you has occurred.
Facial recognition. If you agree to use our Biometric Facial Recognition, or other facial recognition service that we offer to our business customers, Charge will collect an image of your face that you provide through a mobile app (i.e. a selfie) and a photo or scan of your face as it appears on an identification document. Charge will use facial recognition technology only for the purpose of verifying your identity as the person who appears on the identification document. Charge may share the facial scans with the Charge customer through which you used Charge’s identity verification service. Charge will retain your facial recognition information, including the photo of your face and photo or scan of your identification document, for the amount of time requested by the Charge customer through which you used Charge’s identity verification service. In no event will Charge store your facial recognition information after Charge ceases to have a customer relationship with the customer through which you used Charge’s identity verification service.
At the direction of the Customer Data Controller, Charge also might obtain information about you from other third parties, such as consumer reporting agencies and fraud-prevention services.
What are cookies? Cookies are small files that are stored on your computer or other device by your web browser. A cookie allows Charge to recognize whether you have used the Services before and may store user preferences and other information.
How are cookies used? For example, cookies can be used to collect information about your use of the Services during your current session and over time, your computer or other device’s operating system and browser type, your Internet service provider, your domain name and IP address, and your general geographic location or geolocation. We process personal information generated by cookies only as instructed by the Customer Data Controller.
What kind of cookies are used on the Website? Our website primarily uses the following types of cookies:
|Cookie Name||Cookie Type||Purpose|
|__qa||Persistent cookie||This cookie is used to distinguish users and expires after 2 years.|
|__gat||Session cookie||This cookie is used to throttle the request rate and expires after 10 minutes.|
__gatSession cookie This cookie is used to throttle the request rate and expires after 10 minutes.“Session cookies” are temporary bits of information which are deleted when you exit your web browser. Session cookies are typically used to improve navigation and to collect web statistics.
“Persistent cookies” are more permanent bits of information that are stored and remain on your computer until they are deleted by you. This type of cookie stores information on your computer for a number of purposes; such as saving your passwords. Persistent cookies delete themselves after a certain period of time but are renewed each time you visit the website.
How do you avoid cookies?If you are concerned about having cookies on your computer or device, you can set your browser to refuse all cookies or to indicate when a cookie is being set, allowing you to decide whether to accept it. You can also delete cookies from your computer. However, if you choose to block or delete cookies, certain features of the Services may not operate correctly.
Charge may use your personal information to provide the Services. For example, we might use your credit card information or ID card information to populate an online form, or to verify your identity in connection with your use of another online service. We also may use your personal information to fulfill the terms of any agreement between us and the Customer Data Controller; to complete a transaction that you initiate; to deliver confirmations, account information, notifications, and similar operational communications; and to comply with legal and/or regulatory requirements.
Anonymized and/or aggregated information that we collect in connection with the Services is used by Charge for its own purposes to perform analytics and research concerning the Services.
We process the provided personal information manually, by our specially trained verification agents or automatically with the use of our software and machine learning capabilities. When we process the personal information automatically, we apply especially the following criteria:
Please reach out to the Customer Data Controller responsible for your personal information with any inquiries regarding the rights you may have in case your personal information is subject to automated decision-making.
In general, Charge shares the personal and anonymized and/or aggregated information that we collect in connection with the Services as discussed below.
Charge service providers.We share the personal and pseudonymized information that we collect on behalf of a particular Customer Data Controller with that Customer Data Controller.
Customer Data Controller.Charge also uses third-party service providers to help us deliver, manage, and improve the Services. These service providers may collect and/or use your personal information or anonymized and/or aggregated information to assist us in achieving the purposes discussed above in the section entitled “How Charge uses the personal and anonymized /aggregated information that we collect.”
We also may share your personal information with other third parties when necessary to fulfill your requests for services; to complete a transaction that you initiate; or to meet the terms of any agreement that you have with us or our partners.
Legal purposes.We also may use or share your personal information with third parties when we have reason to believe that doing so is necessary:
Aggregated information. From time to time, Charge may also share anonymized and/or aggregated information about users of the Services, such as by publishing a report on trends in the usage of the Services.
Information for California residents. Charge processes your personal information on behalf of the Customer Data Controller pursuant to a written agreement for verification services. As such, Charge acts as a service provider to the Customer Data Controller. Moreover, Charge does not sell your personal information as the terms “sell” and “personal information” are defined by the California Consumer Privacy Act (the “CCPA”) and, in providing its services to the Customer Data Controller, Charge will not retain, use, or disclose your personal information to any other third parties that would constitute “selling” as the term is defined by the CCPA. Any questions or requests regarding Charge’s processing of your personal information in respect of your rights under the CCPA should be directed to the Customer Data Controller that is responsible for your personal information.
Charge uses commercially reasonable physical, electronic, and procedural safeguards designed to protect your personal information against loss or unauthorized access, use, modification, or deletion. Among other things, Charge encrypts sensitive information both in transit and at rest. Charge regularly conducts security audits, vulnerability scans, and penetration tests to ensure compliance with industry security practices and standards. However, no security program is foolproof, and thus we cannot guarantee the absolute security of your personal or other information. Moreover, we cannot guarantee the safety of your information when in the possession of other parties, such as the Customer Data Controller.
With the exception of Charge acting as a data controller (please see below), Charge will grant you access to your personal information only as directed by the Customer Data Controller that integrates the Services into its website, application, or online service. Charge also will retain your personal information as directed by the Customer Data Controller and, accordingly, we may retain your personal information for as short as a few minutes or longer as directed by the Customer Data Controller.
Thus, if you want to learn more about the personal information that Charge has about you, or you would like to submit a request to update or change that information, please contact the Customer Data Controller. You also may reach us by email at email@example.com.
Charge acts as a data controller when processing GPS coordinates and IP addresses collected when rendering its services to Customers Data Controllers.
The data subjects whose personal information is processed are end-users using the Services.
The purpose of processing is to provide legal notices to data subjects and allow them to grant their informed consent relating to the use of biometric information by Charge in connection with the Services, as required under the laws applicable to Charge concerning the respective user (e.g. the Illinois Biometric Information Privacy Act or “BIPA”).
Charge processes the personal information – GPS coordinates and IP addresses – on the basis of Article 6(1)(f) GDPR, specifically:
(i) the prevailing legitimate interest of Charge to comply with its legal obligations in jurisdictions outside of the European Union;
(ii) the prevailing legitimate interest of data subjects using Charge’s services to be notified of biometric information processing by Charge and express their consent, under the laws applicable to Charge concerning the respective user.
The personal information is entrusted to data processors acting on Charge’s behalf, providing hosting services, technical staff and relevant technical infrastructure. In such case the processors shall process personal information on the basis of an agreement with Charge and exclusively in accordance with Charge’s instructions.
The personal information may be received by competent state authorities operating on the basis of generally applicable legal provisions.
Charge’s authorized employees and contractors may have access to the personal information.
GPS coordinates and IP addresses will only be stored for the period necessary to establish the location of the data subject and deleted immediately afterwards.
In accordance with applicable law, you may have the right to: (i) request confirmation of whether we are processing your personal information; (ii) obtain access to or a copy of your personal information; (iii) receive an electronic copy of personal information that you have provided to us, or ask us to send that information to another company (the “right of data portability”); (iv) object to or restrict our uses of your personal information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed personal information; and (vi) request erasure of personal information held about you by us, subject to certain exceptions prescribed by law.
We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request. If we are unable to verify your identity, we will not be able to fulfill your request.
For purposes of the California Consumer Privacy Act, Charge does not “sell” personal information.
California residents have the right not to receive discriminatory treatment by Charge for the exercise of their rights conferred by the California Consumer Privacy Act.
If you are located in the European Economic Area, you have the right to file a complaint with the supervisory authority – Austrian Data Protection Authority (Österreichische Datenschutzbehörde). To exercise your rights please contact us at the address provided below.
The personal information that Charge collects through or in connection with the Services is transferred to and processed in the United States for the purposes described above. Charge also may subcontract the processing of your data to, or otherwise share your data with, its affiliates or third parties in the United States or countries other than your country of residence. The data protection laws in these countries may be different from, and less stringent than, those in your country of residence.
However, we only transfer your personal information to countries where the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients provide an adequate level of data protection. We do this for example by entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EC and/or 2004/915/EC).
The Services are not directed to children under the age of 13, and Charge will never knowingly collect personal or other information from anyone it knows is under the age of 13. We recommend that persons over 13 but under 18 years of age ask their parents for permission before using the Services or sending any information about themselves to anyone over the Internet.
If you have any questions or comments regarding our Policy, please mail or email us at:
Charge Technology Group, Inc.
1100 Highland Ave
Manhattan Beach, CA 90266
The Data Protection Officer can be reached by email at: firstname.lastname@example.org
We may request that you confirm your identity in order to continue with your request.
Effective date: April 1, 2020