Title information

PRIVACY POLICY  
Last updated April 2, 2020

Thank you for choosing to use the Novid service, app, and website (collectively, the “Services”) offered by Expii, Inc. (“we” or “us”, or “our”). We are committed to protecting your personal information and your right to privacy.

This Privacy Policy applies to all information collected through the Services

Please read this Privacy Policy carefully.

1. WHAT INFORMATION DO WE COLLECT AND WHAT IS IT USED FOR?

Random user ID and password

When you first install the app, we generate a random user ID and password to identify your device. The user ID and password allows us to detect when your device is in proximity to other devices with the app. We also generate a notification token that is unique to your copy of the app, which we use to provide notifications. We do not link the random user ID, password, or notification token to other information that could identify you or your device, such as your name, email address, or device ID (i.e., the Identity for Advertisers on Apple devices, or Google Play Services ID on Android devices), unless you choose to submit such information to us. For example, if you choose to request e-mail notifications, the e-mail address you provide will be linked to your random user ID.

Device information

We collect information such as your device make and model, OS version, language preference, and information about Bluetooth and sonic signals, to help troubleshoot and improve the Services. The information we collect about sonic signals does not include audio recordings.

Contact information

When the app senses a nearby device running the app (a “Contact”), we collect information about the time and proximity of the Contact, as well as an alias ID provided by the nearby device. The nearby device does not provide its actual user ID, and the linkage between alias ID’s (which change over time) and actual user ID is only stored on our servers. This information enables us to provide and improve the app functionality, such as information about Contacts and notifications. We do not collect location data, such as latitude and longitude.

App usage information

We may collect information about how and when you use the app and features within the app, in order to help improve our Services.

Website

Like many websites, our website may collect information from website visitors through cookies and similar technologies to help us customize and improve our Services.

2. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

Other users

When a Contact occurs, your random user ID is encrypted and sent to the other user’s device, and their encrypted random user ID is sent to your device. No other identifying information is exchanged. However, note that in certain circumstances the other user may be able to determine who you are based on the time of the Contact (e.g., if over the past week, you were the only person they were in close contact with).

When you report a positive test result, we inform users that they had a direct or indirect Contact with someone with a positive test result, based on criteria such as time and proximity of the Contacts. We do not provide your user ID to those users. However, note that the other users may be able to determine who you are based on the time of the Contact.

Service providers and processors

We may share information with companies that process information on our behalf, such as hosting services. We require these companies to protect your information consistent with this Privacy Policy.

De-identified and aggregate information

We may share or publish aggregate information that doesn’t identify you, such as statistics about users and Contacts. We may also share de-identified information with third parties such as public health officials or researchers.

Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

3. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

Our website may use cookies and other tracking technologies to collect and store information about how you interact with the website.

4. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

We may transfer your information to the United States or other countries where we operate.

5. HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law.  

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. WHAT ARE YOUR PRIVACY RIGHTS?

You may request a copy of your information or delete your information at any time. We will respond in the time required by the laws in your jurisdiction. Our service is designed for use in the United States of America, and we will have limited ability to respond to privacy inquiries from outside the United States of America.

Your anonymous unique identifier is required for NOVID

To request a copy of your information, please send an email to  privacy@expii.com  with subject line "Requesting Info:  My ID".

To delete your information, please send an email to  privacy@expii.com. with subject line "Delete:  My ID". Note that we may retain certain information, including a record of your request to delete information, to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with legal requirements.

7. DO WE MAKE UPDATES TO THIS POLICY?

In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws and to reflect changes in the way the Services operate.

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If required by law, we may notify you of changes either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

8. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may email us at  privacy@expii.com.