Privacy Policy
Last updated on April 5, 2023
Our commitment to privacy
jaris, inc. and its affiliates and subsidiaries (collectively, “jaris”) know that you care about how your personal information is used and we take your privacy seriously. Our primary goal is to provide you with exceptional service. We understand that you may have questions or concerns regarding your personal information and sensitive personal information and how it will be used or shared. To make our Privacy Policy easy to find, we've made it available on the home page of the jaris website at jaris.io (the "Site"). You may also email us at privacy@jaris.io with any privacy-related questions you may have.
Applicability of privacy policy
This Privacy Policy applies to all information we and our affiliates collect from current and former jaris users, including you. When you are no longer our customer, we may continue to use and share your information as described in this policy.
Unless indicated otherwise, throughout this policy, we use the term "personal information" to describe information that can be associated with a specific person and can be used to identify that person. We do not consider personal information to include information that has been aggregated and/or anonymized so that it does not identify a specific user.
By using jaris’ services, which include all products and services offered at any time and from time to time by jaris (the “Service”), you agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access the Site or otherwise use any jaris products or services.
1. Your rights as a consumer
jaris respects your privacy rights as a consumer (“Consumer”). Unless greater privacy rights are granted by a consumer’s jurisdiction, jaris is voluntarily providing all of its consumers the same rights as those afforded to California consumers under the California Consumer Privacy Act of 2018, as revised by the California Privacy Rights Act of 2020, and the associated regulations (the “CCPA/CPRA”) and other California laws. We are committed to protecting your CCPA/CPRA rights to:
- Delete personal information collected from or about them (“Right to Delete”).
- Correct inaccurate Personal Information collected and maintained about them (“Right to Correct”).
- Know what personal information is being collected about them, to access that personal information, and to know what personal information about them is being sold or shared and to whom (together called the “Right to Know”).
- Opt-out of the Sale or sharing of their personal information (“Right to Opt-out”).
- Limit use and disclosure of sensitive personal information to what is necessary to perform the services or provide the goods reasonably expected by an average Consumer who requests such goods or services (“Right to Limit”).
- Not be retaliated against for exercising their rights (“Right to No Discrimination”).
This document provides you with a description of our business practices, both online and offline, regarding the collection use, disclosure, and sale of personal information and of the rights of Consumers regarding their own personal information.
The terms used in this policy have the meanings used in the CCPA/CPRA. To learn more about your California privacy rights, please visit: https://oag.ca.gov/privacy/privacy-laws.
2. Personal Information we Collect, Sell, Share, and Otherwise Disclose
The CCPA/CPRA defines personal information as “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” The CCPA/CPRA defines the following categories of personal information:
- Identifiers: name, alias, address, online identifier, Internet Protocol address, email address, account name, Social Security number, Driver’s license number, passport number.
- Customer records (defined by the California Customer Records Law, Cal. Civ. Code Section 1798.80): name, signature, Social Security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, any other financial information, medical information, health insurance information.
- Characteristics of protected classifications under California or federal law: age (over 40), AIDS/HIV-positive status, ancestry, citizenship status, disability, gender identity or expression, genetic information or conditions, marital status, medical condition, military or veteran status, national origin, political affiliations or activities, pregnancy, race, religion, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation.
- Commercial information: records of personal property, products or services purchased, obtained, or considered or other purchasing or consuming histories or tendencies.
- Biometric information: imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.
- Internet or other network activity information: browsing history, search history, information regarding a consumer’s interaction with an internet website application, or advertisement, or other similar information.
- Geolocation data: any data that is derived from a device and that is used or intended to be used to locate a Consumer within a geographic area
- Audio, electronic, visual, thermal, olfactory, or similar information (collectively referred to as “Sensory information”), as described in the category name.
- Professional or employment-related information, as described in the category name.
- Education information: information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g; 34 C.F.R. Part 99).
- Sensitive personal information, Social Security number, driver’s license number, state identification card number, passport number, account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account, precise geolocation (meaning any geolocation data that can be used to locate a consumer within a radius of 1,850 feet.), racial or ethnic origin, religious or philosophical beliefs, union membership, contents of a consumer’s mail, email, and text messages unless the business collecting or using the data is the intended recipient of the communication, genetic data, biometric information for the purpose of uniquely identifying a consumer, personal information collected and analyzed concerning a consumer’s health, personal information collected and analyzed concerning a consumer’s sex life or sexual orientation, when collected or used for the purposes of inferring characteristics about a consumer.
- Inferences drawn from any of the information in any other category to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
The following chart describes what categories of personal information we have collected over the past 12 months, how we collected that information, the business and commercial purposes for which we generally use such information, and which types of trusted business partners to whom we may sell, share, or otherwise disclose that information:
Category of personal information Identifiers Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Customer records Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Characteristics of legally protected classifications Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Commercial information Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Biometric information Collected? NO Categories of Sources N/A Business or Commercial Purpose N/A Categories of third parties to which we have sold or shared N/A Categories of third parties to which we have otherwise disclosed N/A |
Category of personal information Internet or other network activity information Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Geolocation data Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Sensory information Collected? NO Categories of Sources N/A Business or Commercial Purpose N/A Categories of third parties to which we have sold or shared N/A Categories of third parties to which we have otherwise disclosed N/A |
Category of personal information Professional or employment-related information Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Education information Collected? NO Categories of Sources N/A Business or Commercial Purpose N/A Categories of third parties to which we have sold or shared N/A Categories of third parties to which we have otherwise disclosed N/A |
Category of personal information Sensitive personal information Collected? YES Categories of Sources
Business or Commercial Purpose
Categories of third parties to which we have sold or shared
Categories of third parties to which we have otherwise disclosed
|
Category of personal information Inferences from any of the above Collected? NO Categories of Sources N/A Business or Commercial Purpose N/A Categories of third parties to which we have sold or shared N/A Categories of third parties to which we have otherwise disclosed N/A |
Personal information does not include deidentified or aggregate consumer information or information that is lawfully made available from federal, state, or local government records.
Personal information is not considered to have been disclosed by a business when a consumer instructs a business to transfer the consumer’s personal information from one business to another in the context of switching services.
jaris retains consumer's personal information as reasonably necessary and proportionate to achieve the purposes for which the personal information was collected or processed.
We may also disclose personal information in the following situations:
-
Affiliates/Subsidiaries: We may share personal information with our affiliates or subsidiaries, meaning any entity that controls, is controlled by or is under common control with jaris, inc. Our affiliates or subsidiaries may use the personal information we share in a manner consistent with this Privacy Policy.
-
Business partners: We may share information with our banking or business partners (collectively, “business partners”) for their business needs or to provide you with a product or service that you have requested. We may also share personal information with business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you. For our banking partners’ privacy policies which are incorporated into our policy by reference, please see below:
-
Business transfers: jaris may transfer to a third party the personal information of a consumer as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of jaris. It will only do so where that information is used or shared consistent with the CCPA/CPRA, that transfer will not constitute a “sharing” of personal information and it is not required to be reported in our policy and disclosures as such.
Legal compliance and law enforcement: We may be required to disclose your personal information in limited circumstances, for example, to respond to a subpoena or similar judicial process, to comply with state, federal or local laws, to exercise or defend legal claims or, to the extent required by law, to provide information to law enforcement agencies.
3. How we collect your personal information
Personal information you provide: We collect personal information when you create an account or link your accounting, banking, payment processing, tracking software, or vendor to the Service. The personal information collected during these interactions may vary based on what you choose to share with us, but it will generally include your name, your business name, email address, phone number, and a log of the transactions you've authorized through the Service. We may need to collect additional information, such as a copy of your government-issued identification, your social security, your individual taxpayer identification number, your street address, or your zip code to fulfill our legal obligations related to providing the Service to you.
Personal information we collect through our social media pages: We have pages on social media sites like Instagram, Twitter, and LinkedIn (“Social Media Pages”). When you interact with our Social Media Pages, we will collect personal information that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.
Personal information we receive from third parties: We may collect personal information from you, from other users, our affiliates, our business partners, and third parties, as permitted by law. For example, we may collect information from third-party verification services, credit bureaus, financial institutions, mailing list providers, and publicly available sources to verify your identity. We may also collect information about you from third parties in connection with any identity or account verification process, fraud detection process, collection procedure, or as may otherwise be required by applicable law. In addition to the instances noted above, if you apply for or enter into a sale of future receipts with jaris, jaris may receive your customer information, account fraud information, and risk information from your payment processor as well as other underwriting, experiential, transaction, balance information regarding your activity with such payment processor.If you are based in the U.S., we may use Plaid, Inc. ("Plaid") to verify your bank account, confirm prior transactions from that account, and confirm your bank account balance prior providing you Services. By using the Services, you grant us and Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from your relevant financial institution. Information shared with Plaid is treated by Plaid in accordance with its Privacy Policy, available at https://plaid.com/legal/#end-user-privacy-policy.
Personal information we receive automatically from your use of the Service: When you visit, use, and interact with the Service, we may receive certain information about your visit, use, or interactions. For example, we may monitor the number of people that visit the Service, peak hours of visits, which page(s) are visited, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), which browsers people use to access the Service (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and navigation pattern. In particular, the following information is created and automatically logged in our systems:
- Log data: Information that your browser automatically sends whenever you visit the Site (“log data”). Log data includes your Internet protocol address, browser type and settings, the date and time of your request, and other interactions with the Service.
- Cookies: Please see the Cookies section below to learn more about how we use cookies.
- Device information: Includes the name of the device, the operating system, and the browser you are using. Information collected may depend on the type of device you use and its settings.
- Usage information: We collect information about how you use our Service, such as the content that you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.
- Location information: We derive a rough estimate of your location from your IP address. We also collect your location information through the App using your device IP address, WiFi, Bluetooth, and GPS coordinates (e.g. latitude/longitude) of your mobile device. If you have given the App permission to access your location, we will collect your device’s location only while you are using the App and store your location history. If you want to opt-out of the collection of your Location Information, please adjust your settings on your mobile device to limit the App’s access to your location information.
- Cookies: We use cookies to operate and administer the Site, gather usage data on the Site, and improve your experience on the Site. A “cookie” is a piece of information sent to your browser by a website you visit. Cookies can be stored on your computer for differing periods of time. Some cookies expire after a certain amount of time or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set within the cookie (determined by the third party that placed it), and others help your computer be recognized when you open your browser and browse the Internet again (persistent cookies). For more details on cookies please visit All About Cookies.
- Clear gifs (web beacons): We may employ a software technology called clear gifs (a.k.a. web beacons) that help us better manage content on our Site by letting us know which content is effective. Clear gifs are tiny graphics containing a unique identifier (similar in function to cookies) and are used to track the online movements of Internet users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly within web pages and are about the size of the period at the end of this sentence. We may tie the information gathered by clear gifs to our customers’ personal information. We may also use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and our marketing campaigns.
Your choices: On most web browsers, there is a “help” section located in the toolbar. Please refer to this section for information on how to receive a notification when you receive a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings:
Please note that if you limit the Site's ability to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the Site's full functionality.
Advertising networks may collect personal information through the use of cookies. Most advertising networks offer you a way to opt-out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org and follow the opt-out instructions there.
If you access the Site on your mobile device, you may not be able to control tracking technologies through the browser's settings.
Analytics: We use Google Analytics, a web analytics service provided by Google, inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the Site and also to enhance your experience when you use the Site. For more information on how Google uses this data, go to www.google.com/policies/privacy/partners/.
Online tracking and "Do Not Track" signals: We and our third-party service providers may use cookies or other types of tracking technologies to collect information about your browsing activity over time and across different websites following your use of the Site. Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so. See below for the California-specific "Do Not Track" notice.
4. Right to delete personal information
You have the right to request that we delete any of your personal information, subject to certain exceptions.
5. Right to correct inaccurate personal information
You have the right to request that we correct any inaccurate personal information about you.
6. Right to know
You have the right to request, up to two times per year, that we disclose the following information to you about our collection and use of your personal information over the past 12 months:
-
the categories of personal information we collected about you.
-
the categories of sources for the personal information we collected about you.
-
our business or commercial purpose for collecting your personal information.
-
the categories of third parties with whom we sell, share, or otherwise disclose your personal information.
-
the specific pieces of personal information we have collected about you. You may also request a copy of specific pieces of personal information that we have collected about you. Please note that “specific pieces of information” do not include data generated to help ensure security and integrity or as prescribed by regulation.
-
two separate lists disclosing:
- sales and sharing, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
7. How to exercise your rights to delete, correct, and know
Your Right to Delete, Right to Correct, and Right to Know can be exercised by submitting a verifiable request to us by sending an email to privacy@jaris.io.
We cannot respond to your verifiable request if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. For this reason, your request must both:
- provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
- describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
If you have a password-protected account with our Company, we may require you to verify your identity through our existing authentication practices for the account. We will only use personal information provided in a verifiable request to verify the requestor’s identity or authority to make the request.
Only you, or your properly authorized agent, may make a request related to your personal information. To be certain that anyone claiming to make a verifiable request on your behalf has been properly authorized by you, we may require additional information, including:
- submitting the signed authorization that you provided to your agent.
- verifying their own identity directly with us.
- otherwise directly confirming with us that you have provided your authorized agent permission to submit the verifiable request.
You may submit a Right to Delete or a Right to Know request for specific pieces of information on behalf of all members of your household. Where you have a password-protected account with us, we may process Right to Delete requests and Right to Know requests for specific pieces of information relating to household information through that account. Where you do not have a password protected account with us, the following requirements must be met before we can comply with a Right to Delete request or a Right to Know request for specific pieces of information made on a household basis:
- all Consumers of the household jointly request to know specific pieces of information for the household or to delete household personal information;
- we individually verify each of the members of the household; and
- we verify that each member making the request is currently a member of the household.
If a member of the household is under the age of 13, we are also required to obtain verifiable parental consent, as described in the next section, below, before complying with a Consumer Rights request.
8. Right to opt-out of sale or sharing of personal information
The Company sells or shares your personal information to third parties. You have the right at any time to direct us not to sell or share your personal information to third parties (this right is referred to as the “Right to Opt‐out.”). You may submit a request to exercise your Right to Opt-out by email us at privacy@jaris.io.
Only you, or your properly authorized agent, may make a Right to Opt-out request using the method(s) provided above. If you change your mind after making an opt-out, you may contact us at any time by the method(s) listed above or by our contact information below to request to allow us to sell and share your personal information (this is known as requesting to “opt-in”). We are required by the CCPA/CPRA to use a two-step opt-in process, so that if you submit a request to opt-in, we will contact you separately to request additional confirmation of your request.
9. Right to limit use and disclosure of sensitive personal information
The Company uses or discloses your sensitive personal information beyond that which is necessary to perform the services, disclose this information to certain third parties, or to provide the goods reasonably expected by an average consumer who requests such goods or services, to perform the following services:
- ensuring the security and integrity of our website and system.
- short-term, transient use, such as non-personalized advertising.
- performing services on behalf of the business.
- maintaining or improving the quality or safety of a service or device we own, manufacture, or control.
You have the right, at any time, to direct us to limit our use or disclosure of your sensitive personal information to that set forth in (a)-(d), above (this right is referred to as the “Right to Limit”). You may submit a request to exercise your Right to Limit by emailing us at privacy@jaris.io.
Only you, or your properly authorized agent, may make a Right to Limit request using the method(s) provided above. If you change your mind after making a Right to Limit request, you may contact us at any time to opt-in to the use or disclosure of your sensitive personal information as described above.
10. Additional information regarding children under 16 years of age
Exercising Consumer Rights: A parent or guardian may make a Consumer Rights request on behalf of their child under the age of 16. In the case of a request to exercise the Right to Delete or the Right to Know on behalf of a child under the age of 13, we provide additional safeguards to confirm that you are the parent or guardian of that child. If you are making a request for a child under 13, please indicate this in the submission of your request or contact us using our contact information provided below so that we can provide you with further instructions on how to comply with CCPA/CPRA requirements.
Sale or sharing of the children’s personal information: The Company does not knowingly sell or share the personal information of children under 16 years of age.
11. Non-Discrimination
We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not unlawfully:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
- Retaliate against an employee, applicant for employment, or independent contractor for exercising their rights under this title.
12. Changes to our privacy notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on our website and update the notice’s effective date. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.
13. Contact Information
If you have any questions or concerns about our privacy policies and practices, please do not hesitate to contact us by email at privacy@jaris.io.