Last Modified: July 3, 2020
Focus IP, Inc. dba Appdetex (“Appdetex”) provides products and services related to brand protection as well as domain name registration and registrar services. As a provider of brand protection services, Appdetex gathers data about the potential infringement or abuse of our customers’ brands to protect our customers’ intellectual property rights. As a domain name registrar, Appdetex registers domain names and provides registrar services in compliance with rules and regulations adopted by domain name regulatory authorities.
Personal Information We Collect and How We Use That Information
The personal information which Appdetex collects about you will depend on the services you access and how you choose to interact with us. Although we do not generally process sensitive personal data, we do collect and utilize the following personal data in connection with conducting our business and providing our brand protection and domain registration/registrar services:
- Login Credentials: We collect personal information to facilitate secure access to our Website by our customers and other users interested in our services.
- Contact Details: Our brand and domain customers and interested parties using our Website provide us with names, emails, telephone numbers, and other personal contact information so that we can communicate with them about their services to fulfill our contractual obligations to them, inform them of upcoming events of interest to them, or provide them with information about new or existing Appdetex services.
- Suspected Bad Actor Information. We collect names and other personal information such as names, emails, IP addresses, and domain names from various internet channels to identify and prevent bad actors from infringing on or using our customers’ brands for fraudulent or other illegal activity.
- Customer Billing Information: We collect financial and personal contact information for the purpose of billing our customers.
- Website User Information: We collect demographics and usage information (length of visit, pages viewed, etc.) about users of our Website to better understand which content and tools are most useful to such users and to enhance and improve our services and Website content.
- Computer/Device Information: We collect information such as IP addresses about devices used to access our Website.
- Domain Registration and Administration: We collect names, emails, telephone numbers, and other personal contact information from our domain customers to facilitate and communicate with them about the registration, renewal, modification and transfer of those of their domains which we manage.
- Domain Information/WHOIS Database: Under ICANN and domain registry requirements, we maintain a public database with personal and other information about the owners of the domains which we manage as domain registrar.
- Updates of WHOIS Registries: For the domains which we manage as registrar, we are required to provide updates of owner information to third-party registries who maintain publicly searchable databases of domain ownership. We also search those databases in connection with our brand protection services so that we can identify bad actors who use domains to infringe our clients’ brands.
- Prospective Employees: We collect names, emails, telephone numbers and other personal information from candidates for employment with Appdetex for purposes of evaluating such candidates.
In the course of our brand protection services we collect personally identifiable information about individuals suspected of infringing our customers’ brands or using those brands to engage in illegal activities such as fraud, phishing, malware and the sale of counterfeit goods. We collect that information from various public online digital channels such as marketplaces, social media, mobile app stores, and websites. We then use that personal information in the manner directed by our customers to notify the bad actors that their activity is fraudulent and violates our customers’ intellectual property rights in order to stop any further infringing or illegal activity.
Once you become a Website user you may provide additional personal information to us which we may use to contact you or send you information regarding the services that Appdetex provides. In some cases, if you choose not to provide the additional personal information which we request you may be unable to access all of our Website content and services. We do not collect personally identifiable information to send out marketing materials without your consent. If you should receive any such materials you can opt-out of receiving future marketing materials by emailing us at the following address: DPO@Appdetex.com.
Domain Name Registration Data Collection and Use
If you register a domain name, registries and certain organizations require that you share certain personal information for important lawful purposes to identify domain owners, combat fraud and protect trademarks and brands. When Appdetex customers place an order for the registration of a domain name and/or when our customers correct or update registration information, we are required by the Internet Corporation for Assigned Names and Numbers (“ICANN”) and local domain name registries to collect the domain owner’s name postal address, fax number (where available), e-mail address and telephone number, along with similar information for the technical, administrative and billing contacts associated with the domain name. Although such information is provided to Appdetex by its corporate customers, it may contain the personal data of the employees of those customers. That information is required to be published in the domain name WHOIS registry maintained by each domain name registry and registrar and is available for public review by users seeking domain name registration details.
The information which customers provide when registering a domain name is required to allow Appdetex to properly handle the customer’s domain name registration, administer the customer’s account (including notifying the customer about matters related to the domain name, such as renewals or updates), and provide other services requested by the customer. Appdetex also logs other identifying details necessary for the provision of domain registration services and to ensure that Appdetex acts only on a customer’s instructions. These include written communications, confirmations, modifications, related correspondence, payment source information, log files, billing records, communications information such as source IP address, HTTP headers and any other records concerning domain registration (dates, times, zones and sessions).
Our customers contractually represent to us that, in providing us with personal data about other individuals such as a customer’s employees serving as the domain name’s technical or billing contact, or an individual in whose name the customer is registering the domain name, the customer has notified each of such individuals of the following: (1) the purposes for which their personal data will be used; (2) the recipients of the individual’s personal data; and (3) how the individual can access and correct the personal data. Customer further represents that it has obtained all necessary consents from such individuals in connection with providing their personal data to Appdetex.
In accordance with the regulatory requirements imposed on Appdetex as a domain name registrar, Appdetex is required to disclose a customer’s domain name registration information, which may, as discussed above, include personal data, in the following instances: (1) WHOIS data is made available to the public for free query-based access; (2) domain related data, including communications between Appdetex and Customer, is made available to ICANN and domain name registries pursuant to their applicable rules and regulations; (3) Appdetex must escrow domain related data as often as is required to reputable third parties appointed by ICANN or domain registries; and (4) third parties are able to access WHOIS data in bulk provided they agree, in pertinent part, not to use such data improperly, such as for the transmission of spam or unsolicited email. If a domain name customer orders additional products and services from Appdetex, that order may require the disclosure of personal data to additional third parties. Customers will be notified at the time of the order about the nature and scope of any such disclosure of personal data and the applicable third parties to be receiving such data.
Appdetex also collects and uses the publicly available WHOIS domain name registration information maintained by other registrars and third party registries so that we can identify the owners of those domains which we believe to be infringing the intellectual property rights of our brand protection services customers or using those brands for fraudulent or other illegal activities.
Do We Share Access to Personal Information?
We take all reasonable and necessary precautions to maintain the security of the personal data which we collect. Any financial information which Appdetex collects is collected via secure means and used only for billing purposes. Our Website uses state-of-the-art security technology to keep any personal information, including our customers’ billing and account information, as secure as possible. We limit physical access to our database servers to only those employees with a need for such access and have installed state-of-the-art cybersecurity measures to guard against unauthorized access to our system. Every Appdetex employee is bound by written non-disclosure obligations to protect personal information and other confidential information to which they have access. Employees who violate those obligations are subject to disciplinary action, up to and including immediate termination.
Despite all our precautions, no data transmission over the internet can ever be guaranteed to be completely secure. As a result, while we do our utmost to protect your information, we cannot ensure or warrant the security of any information you give us. Accordingly, all information which you provide to us done at your own risk. We recommend that you do not divulge your user identification or password to anyone and that you do not provide access to your account to any third party. Also remember to sign out of your account, close the browser window and delete any cookies when you have completed your work within your account.
How Long We Keep Personal Data
The period for which we retain your personal data depends on your relationship with Appdetex and the purposes for which we collected such information. Other considerations include: whether our duties and responsibilities require that we retain your personal information for a certain period, whether your relationship with Appdetex has ended, what specific instructions regarding retention you have provided to us, the period needed to fulfill the purposes for which we collected such information, the existence of any legal claims or proceedings relating to the information, and any retention periods required or recommended by law, regulations or industry associations (such as ICANN). We will keep the personal information we have collected about you only for as long as required for the purposes set forth in this policy, or as required in order to comply with any legal requirements to which we are subject.
Compromise of Personal Information
In the event any personal information is compromised as a result of a breach of Appdetex security, Appdetex will promptly notify, by email or as otherwise required by applicable law, those persons whose personal information has been compromised.
Modification and Deletion of Personal Information
Our Website gives you the option of modifying your personal account information at any time by clicking on the “My Account” link in your account page. You may also modify your account information at any time by sending an email to DPO@Appdetex.com or you may cancel your access to the Website pursuant to the Domain Name Registration Service Agreement. Once your Website access is cancelled or you are no longer a user of the Website, your personal information will be deleted within twelve (12) months, or as earlier required by applicable law.
Appdetex does not knowingly collect personal information about children under the age of 13 years. If we learn that we have inadvertently done so, will take immediate steps to delete that information.
International Users and Transfers of Personal Information
Appdetex has further committed to refer unresolved Privacy Shield-related complaints to PrivacyTrust, an alternative dispute resolution provider located in the United States and within the EU and worldwide. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit PrivacyTrust at: https://www.privacytrust.com/about/ for more information or to file a complaint. The services of PrivacyTrust are provided at no cost to you.
The Federal Trade Commission has jurisdiction over Appdetex’s compliance with the Privacy Shield Principles. Additionally, an individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance and for resolution of claimed violations of the Privacy Shield Principles not resolved by any of the other Privacy Shield mechanisms, please see the Privacy Shield website for additional information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Moreover, in conjunction with the Privacy Shield, Appdetex commits to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable, and comply with the advice given by the panel and/or Commissioner, as applicable, with regard to data transferred from the EU and/or Switzerland, as applicable.
Notwithstanding the foregoing, please be advised that in the context of an onward transfer of personal information, a Privacy Shield organization has responsibility for the processing of any personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Privacy Shield organization shall remain liable under the Privacy Shield Principles if its agent processes such personal information in a manner inconsistent with the Principles unless the organization proves that it is not responsible for the event giving rise to the damage.
IF YOU PROVIDE ANY INFORMATION TO APPDETEX THROUGH THE WEBSITE, OR OTHERWISE, YOU REPRESENT AND AFFIRM THAT YOU HAVE THE RIGHT AND AUTHORITY TO DO SO AND THAT YOU HAVE OBTAINED ANY NECESSARY CONSENTS OR AUTHORIZATIONS TO PROVIDE ANY SUCH INFORMATION, INCLUDING BUT NOT LIMITED TO ANY INFORMATION COVERED BY ANY DATA PROTECTION LEGISLATION OR REGULATION, INCLUDING THE EUROPEAN UNION GENERAL DATA PROTECTION REGULATION (GDPR), AND RELATED DATA PROTECTION LAWS.
YouTube API Services
If you are using an Appdetex service we want you to be aware of the following:
- Certain Appdetex products and/or services utilize or require the use of the YouTube API Services (terms available at https://www.youtube.com/t/terms) in order to access the information required to provide the applicable Appdetex product or service;
- Such YouTube API Services use is subject to YouTube’s Terms of Service found at (https://www.youtube.com/t/terms) in order to access the YouTube API Services;
- Appdetex, through its services, collects YouTube API data to determine online uses of its customers’ intellectual property and content, including infringing uses of customer intellectual property, confidential information, proprietary information, libel, slander, or other illegal or potentially illegal activity related to those customers, the API Client accesses, collects, stores and otherwise uses;
- Appdetex uses, processes, and shares the YouTube API data information with its customers making data requests through the applicable product or service and the information is processed internally at Appdetex in order to present and share the acquired YouTube API data with the Appdetex customers, and/or any external authorized representatives of such customers including their attorneys;
- Appdetex’s use of the YouTube API does not permit third parties to serve content to customers that are using the applicable Appdetex products or services and no advertisements or third parties materials, other than the YouTube API data is provided through the YouTube API Services;
- Appdetex stores, accesses or collects information directly from its customers’ browsers, including by placing, accessing or recognizing cookies or similar technology on users’ browsers, for purposes of providing the Appdetex products or services to customer, in accordance with Appdetex cookies policy set forth separately herein;
- If customer has any other questions, concerns, or complaints regarding use of its YouTube API data, customer can contact Appdetex with its questions, concerns, or complaints about Appdetex privacy practices at Attn: Judith Archbold at: DPO@Appdetex.com.
Appdetex uses Google Analytics, Google Advt or AdRoll to conduct our business. These are tools/services used by many companies. You are hereby notified of the following:
- That Appdetex uses Google Analytics to track user behavior;
- That Appdetex user data is collected and processed for improving products and services and, from time to time, Appdetex may wish to contact you, with your prior consent, about our products and services, as well as other content that may be of interest to you;
- Appdetex may also utilize user data for purposes of retargeting services, including AdRoll or Google Ad;
- Appdetex and/or its third-party vendors, including AdRoll, may place cookies on users’ devices to collect data;
- Appdetex may utilize various types of user data to delivering targeted ads;
- From time to time, Appdetex utilizes the services of third parties for the purposes of delivering targeted ads based on analyzing user activity;
California Privacy Laws
The California Consumer Privacy Act (“CCPA”) provides California residents with certain rights with respect to how we handle any “Personal Information” we collect which could be linked to or identify those residents. As of January 1, 2020, verified California residents have the right to request that companies such as Appdetex do the following:
- Provide their personal information collection practices during the prior 12 months, including the categories of personal information collected and the sources of such information, their business purpose for collecting or sharing such information, and the categories of the third parties with whom they share such information.
- Provide a copy of the personal information collected about such residents during the prior 12 months in a format which is readily useable, including by paper or electronic copy.
- Disclose any information sale practices during the prior 12 months, including a list of the categories of personal information disclosed for monetary or other valuable consideration and the categories of third party recipients and a list of the categories of personal information that have been disclosed for a business purpose and the categories of third party recipients.
- Not sell personal information about such residents, and
- Delete (and direct their service providers to delete) their personal information, subject to certain exceptions.
Appdetex will not discriminate against any person who chooses to make any of the above requests.
In order to make a request for disclosure, California residents may contact us at DPO@Appdetex.com. If you require additional assistance, you may contact our Customer Service staff which is available 24/7 by phone at: (855) 693-3839. We will ask you for information to allow us to reasonably verify your identity and will use that information only for that purpose. We cannot respond to your request or provide you with disclosures if we cannot verify your identity and confirm that the personal information we hold relates to you.
You may make a request up to twice within a 12-month period. We will endeavor to respond within 45 days of receipt of your request, but if we require more time (up to an additional 45 days) we will notify you of our need for additional time. Once we receive a Do-Not-Sell request we will wait at least 12 months before asking the requestor to reauthorize personal information sales. We do not sell personal information of individuals we actually know are less than 16 years of age.
We do not sell your personal data to third parties in exchange for monetary consideration, but during the past 12 months we may have disclosed personal information to certain third parties that provide us with services such as data analysis and security information, which may fall under the definition of “consideration” and therefore be deemed a “sale” under the CCPA.
Notice to California customers and Website users regarding California’s “Shine the Light” law:
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. (Note: Our Website does not recognize the “do not track signals” that some browsers may employ.)
California Do Not Track Disclosure:
To Contact Us
Focus IP, Inc. doing business as Appdetex
508 S. 8th St.Boise, ID 83702
Attn: Judith Archbold, Data Protection Officer
or email us at: DPO@Appdetex.com