Last Updated: September 10, 2020

SafePass Privacy Policy

Our mission is to keep you safe and informed. At sp0n, Inc. (the company that operates the Citizen mobile app, the SafePass mobile app, and www.citizen.com), our stance is that we will only use and share your data for the limited purposes described in this privacy policy. We do not and will not serve advertisements.

This privacy policy describes our privacy practices in connection with the SafePass app.

About our COVID-19 tracking and contact tracing features

  • We have created SafePass to help contain the spread of COVID-19 and prevent flare-ups after the peak.
  • Our mission is to keep users safe and informed without compromising their control of their personal information. 
  • Through our Citizen app, we have deep community engagement; Citizen is used by a significant percentage of each city including citizens, police and fire department personnel, and city officials. We are uniquely positioned to drive immediate distribution of COVID-19 tracking and contact tracing technology in the US, including major metropolitan epicenters of the pandemic.
  • We will never sell your personal information to third parties or proactively share your personal information with the government without your consent. 
  • We maintain the information we collect to support contact tracing – your bluetooth data and COVID-19 diagnosis information – separately from other details you may provide to us.

We may need to modify our privacy practices to comply with legal requirements, such as court orders or subpoenas.

Our principles for protecting your data

  • We record the information we need to provide our services: Tracking COVID-19 and informing you if you have had contact with a user who has tested positive for the virus, and to direct you to obtain testing if necessary.  
  • We involve as few third-party service providers as possible when touching your data. The third parties we work with have contracts in place to prohibit reuse or sale of your data.
  • We generally limit access to your data to a subset of the engineering team. We have specific systems to control data access, and all access is logged and regularly audited. We perform a privacy review for all new features.
  • We take protecting your location data seriously. We need accurate real-time location data and location history to alert you and others of any contact you may have had with somebody who has tested positive for COVID-19. We will delete your bluetooth and GPS location data 30 days after collection.
  • We test the stability and security of our infrastructure, including annual penetration testing and review of our security systems and their configuration. We use an information security firm to provide these services under a strict non-disclosure agreement. 
  • Our services are designed to inform you of any potential contact with the virus, and to assist you in obtaining testing for the disease. We can only provide those services in certain areas, so if you are located outside of one of those areas, the services may not work for you. We only provide our service in the United States, so we apply U.S. law to our privacy practices.

Your data 

  • Contact information: We use your email address and phone number to set up and validate your user account, to communicate with you, and to prevent abuse of the platform. We may also send you emails about SafePass – you can choose to opt out of any marketing emails by following the instructions at the bottom of the email, but we may still send you some important emails, such as to respond to a question, feedback, or request you send us. You may provide your zip or postal code to allow government agencies with which we partner to track COVID-19 outbreaks.
  • Identity verification information: When a user submits their COVID-19 diagnosis to us to enable tracing, we may request a copy of the user's government-issued ID or use other means to verify the user's identity to protect our community against platform abuse and fraud. We will delete your identity verification information within 30 days from collection.
  • Health information: You may choose to share your health information or authorize a third party to share your information with us.
  • User locations: We use your device’s GPS and bluetooth signals to determine your location; we need to use both technologies to identify your proximity to other users within nearby proximity, based on CDC social distancing guidance. You choose whether to share your location, and can always revoke the app’s access to your location data in your device settings, but the app will not function if the app can't access location data. Initially, only Citizen app users will benefit from GPS-enabled features of the SafePass.  This is because SafePass does not yet have its own ability to collect GPS data and relies on the Citizen app for it.  In the near future, when SafePass can independently collect GPS data, all users will benefit from the app’s GPS-enabled features.  
  • User activity: We aggregate user activity data (like how you interact with the app, what times you use the app, what kind of device you have, etc.) for analysis to improve your user experience. 

How we share your information

If you are using both the Citizen app as well as the SafePass app, we will share your information between the two apps to facilitate our COVID-19 tracking and contact tracing features and relevant notifications.

We may share your data with service providers, such as:

  • Twilio: Twilio allows us to send you an SMS message to validate your account.
  • Google Cloud Services: We use Google to host our infrastructure.

We only partner with service providers that commit to use the information only to provide services to or on behalf of us.

We will alert SafePass users who were within nearby proximity of an affected user during the preceding 30 days. These users will see a location on the map where the contact occurred. While this information does not identify you, there are circumstances when a user could identify you based on the location. For example, this may occur if a user knows you personally and recalls that they met you at the location we specify on the map.

We may share aggregated location data for the purpose of combating COVID-19 with government agencies and public health organizations. 

We may share your personal information with government agencies with your consent.  For example, we may share diagnosis information with such agencies.

To the extent necessary to continue to provide contact tracing services, we may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction involving the sale, transfer, divestiture, or disclosure of all or a portion of sp0n, Inc.’s business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If sp0n, Inc.’s company, business or assets is acquired by another company, that company will possess the personal information collected by sp0n, Inc. and the company will assume the rights and obligations regarding your personal information as described in this Privacy Policy.  We will require the company to commit to using your personal information solely for contact tracing purposes.

We may share personal information (a) with law enforcement as we’ve explained in the Information for Law Enforcement Authorities, (b) as otherwise required by law, (c) to enforce the terms and conditions that govern the platform, (d) and protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

How long we retain your data

We will retain your SafePass bluetooth data, GPS location data and identity verification information for 30 days from collection on a rolling basis, and all other personal information for the period necessary to fulfill the purposes outlined in this policy and to support other app features you might use, unless a longer retention period is required or permitted by law, or an individual requests that we delete information about them.

How we protect your data

We use reasonable organizational, technical and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information. In the event that we are required to notify you about a situation involving your data, we may do so by email or telephone to the extent permitted by law.

What choices you have regarding your data

You can make the following choices regarding your personal information:

  • Application. You can stop all collection of information by the app by uninstalling it. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
  • Access or correct your information. You may request to review and update the information we maintain about you by submitting a request to support@citizen.com.
  • Opting Out of location tracking. If you initially consented to the collection of geo-location information, you can subsequently stop the collection of this information at any time by changing the preferences on your mobile device. Please note, however, that if you withdraw consent to our collection of location information, you may no longer be able to use some features of the app.

Children

SafePass is not directed towards individuals under the age of 13, and we do not intentionally gather personal information about visitors who are under the age of 13. Furthermore, we do not intentionally allow visitors under the age of 18 to register for the app. If a child under 13 submits personal information to us and we learn that the personal information is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any personal information from a child under 13, please contact us at: Attn: sp0n, Inc., PO Box 55071 #92726, Boston, MA, 02205-5071, US.

Notice to California users

We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of their personal information. 

This notice and the privacy rights it describes do not apply to information related to our business contacts, job applicants, or employees. 

Personal information that we collect, use and share

The chart below describes how we currently collect, use and share personal information, and how we have collected used and shared personal information over the past 12 months. 

We do not sell personal information. We engage in: 

  • Directed disclosures. When you use our COVID-19 tracking and contact tracing features, you direct us to share some of your information with other users in order for us to inform them that they may have had contact with the disease, as well as with government agencies to assist in COVID-19 response efforts.

Personal information we collect

Email address, phone number, zip/postal code and government-issued photo ID:

  • CCPA-defined categories of personal information (Definitions are available here): Identifiers
  • Sources of personal information: SafePass users, automatically collected
  • Business / commercial purposes for which we may collect and use personal information: To register user accounts, to verify your identity and diagnosis, to provide our services, to send you marketing and promotional materials about Citizen and SafePass
  • Data sharing: Directed disclosures of your zip/postal code to government agencies to assist in COVID-19 response efforts

Location information:

  • CCPA-defined categories of personal information (Definitions are available here): Geolocation data
  • Sources of personal information: SafePass users, automatically collected
  • Business / commercial purposes for which we may collect and use personal information: To provide our services
  • Data sharing: Directed disclosures to other users to inform them that they may have had contact with the disease. This information does not specifically identify you, but could be identifiable to a user who knows you.

Health information:

  • CCPA-defined categories of personal information (Definitions are available here): Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) and protected classification characteristics under California of federal law.
  • Sources of personal information: SafePass users, third parties authorized by users
  • Business / commercial purposes for which we may collect and use personal information: To provide our services
  • Data sharing: Directed disclosures to other users to inform them that they may have had contact with the disease.  This information does not specifically identify you, but could be identifiable to a user who knows you; and to government agencies to assist in COVID-19 response efforts

Email interconnectivity, mobile devices, web logs, online activity:

  • CCPA-defined categories of personal information (Definitions are available here): Online identifiers, internet or network information, geolocation data
  • Sources of personal information: Automatically collected
  • Business / commercial purposes for which we may collect and use personal information: To provide our services, to identify you when you visit our app, for internal administrative purposes, to conduct analytics
  • Data sharing: N/A

Feedback/support:

  • CCPA-defined categories of personal information (Definitions are available here): Identifiers
  • Sources of personal information: SafePass users
  • Business / commercial purposes for which we may collect and use personal information: To provide our services, to respond to your inquiries, to conduct analytics, for internal administrative purposes
  • Data sharing: N/A

Please note that we may also disclose personal information with service providers, and in connection with corporate transactions or legal compliance.

California residents’ privacy rights 

The CCPA grants California residents the following rights:  

  • Information. You can request information about how we have collected, used and shared your personal information during the past 12 months. We have made this information available to California residents without having to request it by including it in the above chart.
  • Access. You can request a copy of the personal information that we have collected about you. 
  • Deletion. You can ask us to delete the personal information that we maintain about you.

Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain information we maintain for compliance in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.  

You are entitled to exercise the rights described above free from discrimination, as prohibited by the CCPA. 

How to submit a request

  • To request access to or deletion of personal information:
    o Attn: sp0n, Inc., PO Box 55071 #92726, Boston, MA, 02205-5071, US
    o Email: support@citizen.com
  • Identity verification. We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it. 
  • Authorized agents.  California residents can empower an “authorized agent” to submit requests on their behalf.  We will require the authorized agent to have a written authorization confirming that authority.

Privacy Policy updates

This Privacy Policy is subject to occasional revision. We will notify you of any material changes in its collection, use, or disclosure of your personal information by posting a notice on the Citizen website and within the SafePass application.

Contact us

Feel free to contact us with your questions, requests, comments, or concerns at support@citizen.com.