Privacy Policy

Last Revisied: July 20, 2022

We want you to understand how and why WebShield (“WS,” “we,” “us”) collects, and uses, information about you based on your consents. Before using the App, please read the following carefully to understand how we will treat your personal data.

1. Applicability of this Privacy Policy

For the purposes of applicable data protection laws, WS is the “controller” or “data user” of your personal data provided to, collected by, or processed in connection with the App. If you don’t agree with this Privacy Policy, do not access or use the App. This means that WS is responsible for determining how and why your personal data is processed.

This Privacy Policy does not apply to WS's products, websites, or applications that do not incorporate this Privacy Policy by reference or that expressly refer to a separate privacy policy.

2. Personal data We Collect About You

When you use the WebSite, we collect no personal data unless you consent

3. Use of Your Data

We use your data for what you consent to

To communicate with you. We may also use your personal data to directly communicate with you about your use of the App or to respond to an email or submission from you.

To comply with the law. We may in some cases need to process your personal data in order to comply with applicable law, including requests from governmental authorities.

To establish, exercise, or defend legal claims and for related purposes such as the prevention or detection of fraud where necessary.

Unless otherwise indicated, there is typically no contractual or legal requirement to provide your personal data, however, if you do not provide it, then we may not be able to provide the App to you.

4. Sharing Your Data

We will not disclose your personal data to others unless you consent to it, nor will we ever sell your personal data to advertisers.

5. Choices and Rights over your Personal Data

You have a number of rights with respect to the personal data we have about you, which may be restricted by law. One key right is the right to ‘object’ to the processing of your personal data in certain circumstances (e.g., if we have no legal right to keep using it). You also have the right:

To delete personal data. You can ask us to erase or delete all or some of your personal data. We will comply with this request unless there is a legal right for us to deny this request (for example, if we need to retain your data to comply with a legal obligation to which we are subject).

To change or correct personal data. You can also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate.

To limit, or restrict use of personal data. You can ask us to limit our use of your personal data (e.g., if your personal data is inaccurate or unlawfully held).

To access and/or take your personal data away (data portability). You can ask us for a copy of your personal data. For your own privacy and security, we may sometimes ask you to prove your identity before providing the requested information. In some cases, you also have a right to receive your personal data or have it transmitted to others in an interoperable, machine-readable format.

To withdraw consent which you have given. If you have given consent to process your personal data, you may withdraw it at any time by deleting the App and/or submitting a request to delete your personal data. This does not affect the lawfulness of our processing based on your consent prior to such withdrawal.

To not be discriminated against. WS will not discriminate against you in any manner for exercising any of the above rights with respect to your personal data. However, WS cannot control the actions of third parties with whom you choose to share information through the App.

Contact us at jonathan@webshield.io if you would like to exercise any rights you have to control your personal data.

Note that the rights outlined above only extend to personal information.

6. Retention and Deletion

We will keep your personal data only for as long as is reasonably necessary to provide the App to you and to fulfill the purposes described in this policy. When your personal data is no longer needed, we will destroy or irreversibly de-identify it.

7. Our Legal Bases

We will collect, use and share your personal data only where we have a legal basis for doing so. This section explains the legal bases we rely on for processing personal data:

Consent. When you use the App to request your Health Records, we rely on your (explicit) consent in order to process and transfer your personal data. In the context of this App, you have been asked to review this policy and provide specific consent for the App to access your Health Records. If you consent, you may also withdraw your consent at any time – see Section 5 (Rights) above.

Legitimate Interests. We also process your personal data where it is necessary based on our legitimate interest in providing our App, understanding how our App is being used, improving the performance of our App, and protecting our App against illegal or fraudulent activity (ie. cyberattacks).

Legal Obligations. In some circumstances, we may need to process personal data where necessary to comply with applicable laws.

Contract Necessity. In some circumstances, we may need to process personal data for the performance of an agreement we have with you or in order to take steps at your request prior to entering into an agreement with you.

When processing sensitive personal data about you (such as personal data about your health), we may also rely on the fact that it is necessary for the establishment, exercise or defense of legal claims.

8. California Residents

The California Consumer Protection Act (“CCPA”) gives consumers who are residents of California the right to request certain information from businesses about their data collection practices.

In order to submit a CCPA request, please contact us at legal@thecommonsproject.org. Please include in your request sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information. Please note that we do not sell your personal data and that WS will not discriminate against you in any way based on your exercise of these rights.

9. Other Important Information

9.1 Security of Your Personal Data. Security of personal data is important to us. We implement security safeguards designed to protect your personal data. This includes safeguards to protect against anticipated threats or hazards to the security or integrity of the data, and to protect against unauthorized access, acquisition, leak, destruction, alteration, loss, disclosure or destruction. Despite these efforts, we cannot guarantee that your data may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or administrative safeguards. Please notify us immediately at jonathan@webshield.io if you become aware of any security issues relating to our App.

9.2 Changes to This Privacy Policy. We evaluate our privacy policies and procedures to implement improvements and refinements from time to time. If we make any material changes to how we process your data, we’ll provide you notice through this Privacy Policy and by publishing a notice in the App. If you object to any changes, you may stop accessing the App or exercise other opt-outs or rights that we provide.

9.3 Children. The App is not designed or intended to be directly used by children (as defined by applicable law). However, a guardian or parent of a child may choose to use a health provider to consent to the use of the App to create a SafetyPass certificate for their child. If we become aware that we have the personal data of such children collected through the App without parental consent, we will promptly delete it.

Contact InformationWebShield, 3040 Steiner Street, San Francisco, CA 94123