Effective September 11, 2020
Focus IP, Inc. dba Appdetex (“Appdetex”) provides products and services related to brand protection as well as domain name registration and registrar services. As a provider of brand protection services, Appdetex detects and removes fraudulent and infringing uses of customers’ brands. As a domain name registrar, Appdetex registers domain names and provides registry services in compliance with rules and regulations adopted by domain name regulatory authorities.
Personal Information We Collect and How We Use That Information
The personal information which Appdetex collects about you will depend on the services you access and how you choose to interact with us. Although we do not generally process sensitive personal data (such as social security numbers or credit card information), we do collect and utilize the following personal data in connection with conducting our business of providing brand protection and domain registration/registrar services:
- Login Credentials: We collect personal information to facilitate secure access to our Website by our customers and other users interested in our services.
- Contact Details: Our brand and domain customers and interested parties using our Website provide us with names, emails, telephone numbers, and other personal contact information so that we can communicate with them about their services to fulfill our contractual obligations, inform them of upcoming events of interest, or provide information about new or existing Appdetex services.
- Suspected Bad Actor Information. We collect names and other personal information such as names, emails, IP addresses, and domain names from various internet channels to identify and prevent bad actors from infringing on or using our customers’ brands for fraudulent or other illegal activity.
- Customer Billing Information: We collect financial and personal contact information for the purpose of billing our customers.
- Website User Information: We collect demographics and usage information (length of visit, pages viewed, etc.) about users of our Website to better understand which content and tools are most useful to such users and to enhance and improve our services and Website content.
- Computer/Device Information: We collect information such as IP addresses about devices used to access our Website.
- Domain Registration and Administration: We collect names, emails, telephone numbers, and other personal contact information from our domain management customers to facilitate and communicate with them about the registration, renewal, modification and transfer of those domains which we manage.
- Domain Information/WHOIS Database: Under ICANN and domain registry requirements, we maintain a public database with personal and other information about the owners of the domains which we manage.
- Updates of WHOIS Registries: For the domains we manage as registrar, we are required to provide updates of owner information to third-party registries who maintain publicly searchable databases of domain ownership. We also search those databases in connection with our brand protection services to identify bad actors unlawfully using our customers’ domains to commit fraud, sell counterfeit goods or the like.
- Prospective Employees: We collect names, emails, telephone numbers and other personal information from candidates for employment with Appdetex for purposes of evaluating such candidates.
In the course of our brand protection services we collect personally identifiable information about individuals using our customers’ brands for the purpose of investigating and preventing bad actors from using those brands to engage in fraud, phishing, the sale of counterfeit goods or other illegal activities. We collect that information from various public online digital channels such as marketplaces, social media, mobile app stores, and websites. We then use that personal information in the manner directed by our customers to take enforcement actions against the bad actors to stop further fraudulent, infringing, or other illegal activities.
Once you become a Website user you may provide additional personal information to us which we use to contact you and send information regarding the services Appdetex provides. In some cases, if you choose not to provide such additional personal information you may be unable to access all of our Website content and services. We do not collect personally identifiable information to send out marketing materials without your consent. If you should receive any such materials you can opt-out of receiving future marketing materials by emailing us at the following address: DPO@Appdetex.com.
Domain Name Registration Data Collection and Use
If you register a domain name, registries and certain organizations require that you share personal information for important lawful purposes to identify domain owners, combat fraud and protect trademarks and brands. When Appdetex customers place an order for the registration of a domain name and when our customers correct or update registration information, we are required by the Internet Corporation for Assigned Names and Numbers (“ICANN”) and domain name registries to collect the domain owner’s name postal address, fax number (where available), e-mail address and telephone number, along with similar information for the technical, administrative and billing contacts associated with the domain name. That information is required to be published in the domain name WHOIS registry maintained by each domain name registry and registrar and is available for review by any member of the public seeking domain name registration details. When such information is collected by Appdetex from its corporate customers, that information often contains the personal data of those customers’ employees.
The information which our customers provide when registering a domain name is also necessary for Appdetex to properly register and renew the domain name, administer the customer’s account (including notifying the customer about renewals, updates or other related matters), and to provide other services requested by the customer. Appdetex also logs other identifying details necessary for the provision of domain registration services and ensure that Appdetex acts only on a customer’s authorization. These include written communications, confirmations, requests for renewals and modifications, related correspondence, payment source information, log files, billing records, communications information such as source IP address, HTTP headers and any other records concerning domain registration (dates, times, zones and sessions).
Our customers contractually represent to us that, in providing us with personal data about individuals such as their employees serving as a domain name’s technical or billing contact, or an individual in whose name the customer is registering the domain name, the customer has notified each of such individuals of the following: (1) the purposes for which their personal data will be used; (2) the recipients of the individual’s personal data; and (3) how the individual can access and correct the personal data. Appdetex customers make contractual representations that they have obtained all necessary consents from those individuals for whom they have provided personal data to Appdetex.
In accordance with the regulatory requirements imposed on Appdetex as a domain name registrar, Appdetex is required to disclose a customer’s domain name registration information (which may, as discussed above, include personal data of individuals) in the following instances: (1) WHOIS data is made available to the public for free query-based access; (2) domain related data, including communications between Appdetex and Customer, is made available to ICANN and domain name registries pursuant to their applicable rules and regulations; (3) Appdetex must escrow domain related data as often as required to reputable third parties appointed by ICANN or domain registries; and (4) third parties are able to access WHOIS data in bulk provided they agree, in pertinent part, not to use such data improperly, such as for the transmission of spam or unsolicited email. If a domain name customer orders additional products and services from Appdetex, that order may require the disclosure of personal data to additional third parties. Customers will be notified at the time of the order about the nature and scope of any such disclosure of personal data and the applicable third parties to be receiving such data.
Appdetex also collects and uses publicly available WHOIS domain registration information maintained by other registrars and third-party registries in connection with our brand protection services to identify the domain owners of websites using our customers’ brands and taking action against those who are suspected of using such brands for fraud or other illegal activities.
Do We Share Access to Personal Information?
We take all reasonable and necessary precautions to maintain the security of the personal data which we collect. Any financial information which Appdetex collects is collected via secure means and used only for billing purposes and our Website uses state-of-the-art technology to secure all personal information we collect, including our customers’ billing and account information. We limit physical access to our database servers to only those employees with a need for such access, all of whom are subject to appropriate background checks, and have installed state-of-the-art cybersecurity measures to guard against unauthorized intrusion into our system. All Appdetex employees are bound by written non-disclosure obligations to protect confidential and personal information and employees who violate those obligations are subject to disciplinary action, up to and including immediate termination.
Despite all our precautions, data transmissions over the internet can never be guaranteed to be completely secure. As a result, while we do our utmost to protect your information, we cannot ensure or warrant the security of any information you give us. Accordingly, all personal information which you provide to us done at your own risk. We recommend that you do not divulge your user identification or password to anyone and that you do not provide access to your account to any third party. Also remember to sign out of your account, close the browser window and delete any cookies once you have completed your work within your account.
How Long We Keep Personal Data
We retain your personal data only for as long as necessary to provide services and perform our operations. The period for which we retain such data depends on the purposes for which we collected such information and our relationship with you. Our considerations include: whether our duties and responsibilities require that we retain personal information for a certain period, whether your relationship with Appdetex has ended, what specific instructions regarding retention you have provided to us, the period needed to fulfill the purposes for which we collected such information, the existence of any legal claims or proceedings relating to the information, and any retention periods required or recommended by law, regulations or industry associations (such as ICANN). We will keep the personal information we have collected about you only for as long as required for the purposes set forth in this policy, or as required in order to comply with any applicable privacy laws or legal requirements to which we are subject.
Compromise of Personal Information
In the event any personal information is compromised as a result of a breach of Appdetex security, Appdetex will promptly notify, by email or as otherwise required by applicable law, those persons whose personal information has been compromised.
Modification and Deletion of Personal Information
Our Website gives you the option of modifying your personal account information at any time by clicking on the “My Account” link in your account page. You may also modify your account information at any time by sending an email to DPO@Appdetex.com or you may cancel your access to the Website pursuant to the Domain Name Registration Service Agreement. Once your Website access is cancelled or you are no longer a user of the Website, your personal information will be deleted within twelve (12) months, or as earlier required by applicable law.
Appdetex does not knowingly collect personal information about children under the age of 13 years. If we learn that we have inadvertently done so, will take immediate steps to delete that information.
International Users and Transfers of Personal Information
Appdetex has further committed to refer unresolved Privacy Shield-related complaints to PrivacyTrust, an alternative dispute resolution provider located in the United States and within the EU and worldwide. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit PrivacyTrust at: https://www.privacytrust.com/about/ for more information or to file a complaint. The services of PrivacyTrust are provided at no cost to you.
The Federal Trade Commission has jurisdiction over Appdetex’s compliance with the Privacy Shield Principles. Additionally, an individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance and for resolution of claimed violations of the Privacy Shield Principles not resolved by any of the other Privacy Shield mechanisms. Please see the Privacy Shield website for additional information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Moreover, in conjunction with the Privacy Shield, Appdetex commits to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable, and comply with the advice given by the panel and/or Commissioner, as applicable, with regard to data transferred from the EU and/or Switzerland, as applicable.
Notwithstanding the foregoing, please be advised that in the context of an onward transfer of personal information, a Privacy Shield organization has responsibility for the processing of any personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Privacy Shield organization shall remain liable under the Privacy Shield Principles if its agent processes such personal information in a manner inconsistent with the Principles unless the organization proves that it is not responsible for the event giving rise to the damage.
IF YOU PROVIDE ANY INFORMATION TO APPDETEX THROUGH THE WEBSITE, OR OTHERWISE, YOU REPRESENT AND AFFIRM THAT YOU HAVE THE RIGHT AND AUTHORITY TO DO SO AND THAT YOU HAVE OBTAINED ANY NECESSARY CONSENTS OR AUTHORIZATIONS TO PROVIDE ANY SUCH INFORMATION, INCLUDING BUT NOT LIMITED TO ANY INFORMATION COVERED BY ANY DATA PROTECTION LEGISLATION OR REGULATION, INCLUDING THE EUROPEAN UNION GENERAL DATA PROTECTION REGULATION (GDPR), AND RELATED DATA PROTECTION LAWS.
YouTube API Services
If you are using an Appdetex service we want you to be aware of the following:
- Certain Appdetex products and/or services utilize or require the use of the YouTube API Services (terms available at https://www.youtube.com/t/terms) in order to access the information required to provide the applicable Appdetex product or service;
- Such YouTube API Services use is subject to YouTube’s Terms of Service found at (https://www.youtube.com/t/terms) in order to access the YouTube API Services;
- Appdetex, through its services, collects YouTube API data to determine online uses of its customers’ intellectual property and content, including infringing uses of customer intellectual property, confidential information, proprietary information, libel, slander, or other illegal or potentially illegal activity related to those customers, the API Client accesses, collects, stores and otherwise uses;
- Appdetex uses, processes, and shares the YouTube API data information with its customers making data requests through the applicable product or service and the information is processed internally at Appdetex in order to present and share the acquired YouTube API data with the Appdetex customers, and/or any external authorized representatives of such customers including their attorneys;
- Appdetex’s use of the YouTube API does not permit third parties to serve content to customers that are using the applicable Appdetex products or services and no advertisements or third parties materials, other than the YouTube API data, is provided through the YouTube API Services;
- Appdetex stores, accesses or collects information directly from its customers’ browsers, including by placing, accessing or recognizing cookies or similar technology on users’ browsers, for purposes of providing the Appdetex products or services to customers, in accordance with the Appdetex cookies policy set forth separately herein;
- If customer has any other questions, concerns, or complaints regarding use of its YouTube API data, customer can contact Appdetex with its questions, concerns, or complaints about Appdetex privacy practices at: Attn: Judith Archbold at: DPO@Appdetex.com.
Appdetex uses Google Analytics, Google Advt or AdRoll to conduct our business. These are tools/services used by many companies. You are hereby notified of the following:
- That Appdetex uses Google Analytics to track user behavior;
- That Appdetex user data is collected and processed for improving products and services and, from time to time, Appdetex may wish to contact you, with your prior consent, about our products and services, as well as other content that may be of interest to you;
- Appdetex may also utilize user data for purposes of retargeting services, including AdRoll or Google Ad;
- Appdetex and/or its third-party vendors, including AdRoll, may place cookies on users’ devices to collect data;
- Appdetex may utilize various types of user data to delivering targeted ads;
- From time to time, Appdetex utilizes the services of third parties for the purposes of delivering targeted ads based on analyzing user activity;
California Privacy Laws
The California Consumer Privacy Act (“CCPA”) provides California residents with certain rights with respect to how we handle any “Personal Information” we collect which could be linked to or identify those residents. As of January 1, 2020, verified California residents have the right to request that companies such as Appdetex do the following:
- Provide their personal information collection practices during the prior 12 months, including the categories of personal information collected and the sources of such information, their business purpose for collecting or sharing such information, and the categories of the third parties with whom they share such information.
- Provide a copy of the personal information collected about such residents during the prior 12 months in a format which is readily useable, including by paper or electronic copy.
- Disclose any information sale practices during the prior 12 months, including a list of the categories of personal information disclosed for monetary or other valuable consideration and the categories of third party recipients and a list of the categories of personal information that have been disclosed for a business purpose and the categories of third party recipients.
- Not sell personal information about such residents, and
- Delete (and direct their service providers to delete) their personal information, subject to certain exceptions.
Appdetex will not discriminate against any person who chooses to make any of the above requests. In order to make a request for disclosure, California residents may contact us at DPO@Appdetex.com. If you require additional assistance, you may contact our Customer Service staff which is available 24/7 by phone at: (855) 693-3839. We will ask you for information to allow us to reasonably verify your identity and will use that information only for that purpose. We cannot respond to your request or provide you with disclosures if we cannot verify your identity and confirm that the personal information we hold relates to you.
You may make a request up to twice within any 12-month period. We will endeavor to respond within 45 days of receipt of your request, but if we require more time (up to an additional 45 days), we will notify you of our need for additional time.
We do not sell your personal data to third parties in exchange for monetary consideration, but during the past 12 months we may have disclosed personal information to certain third parties that provide us with services such as data analysis and security information, which may fall under the definition of “consideration” and therefore be deemed a “sale” under the CCPA.
Notice to California customers and Website users regarding California’s “Shine the Light” law:
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. (Note: The Appdetex Website does not recognize the “do not track signals” that some browsers may employ.)
California Do Not Track Disclosure:
To Contact Us
Focus IP, Inc. doing business as Appdetex
508 S. 8th St.
Boise, ID 83702
Attn: Judith Archbold, Data Protection Officer
or email us at: DPO@Appdetex.com