Aristotle, Inc. Integrity Privacy Policy

Introduction

Aristotle, Inc. (“Aristotle,” “we,” “our,” or “us”) provides this Integrity Privacy Policy (“Privacy Policy”) to explain our handling of two categories of personal information:

  1. Information we receive in connection with the Integrity services we provide to our customers (“Integrity Services”). Our privacy practices with respect to this information are described in Section 1 below. Integrity customers are businesses seeking to verify the identity or age of individuals seeking to open accounts or to participate in age-regulated activities.
  2. Information we receive from visitors to integrity.aristotle.com or any other Aristotle website on which this Privacy Policy is posted, other than information collected through login-protected product portals on any site (collectively, the “Websites”). Our privacy practices with respect to this information are described in Section 2 below.

Section 3 below contains details relevant to our handling of both types of information.

Table of Contents

This Privacy Policy contains the following topics:

  1. PRIVACY PRACTICES FOR OUR INTEGRITY SERVICES
    1. Information Collected in Connection with Our Integrity Services
    2. How We Use the Information Collected Through the Integrity Services
    3. How We Share Information We Collect Through the Integrity Services
  2. PRIVACY PRACTICES FOR OUR WEBSITES
    1. Information We Collect Through Our Websites
    2. How We Use Information We Collect Through Our Websites
    3. How We Share Information We Collect Through Our Websites
    4. Cookies and Other Tracking Technologies
    5. “Do Not Track” Signals
    6. Children’s Privacy
  3. GENERAL INFORMATION ABOUT OUR PRIVACY PRACTICES
    1. Your Rights and Choices
    2. Data Retention
    3. Users From Outside the United States
    4. EU-U.S. and Swiss-U.S. Data Privacy Framework
    5. Data Security
    6. Third-Party Websites and Apps
    7. Notice to California Residents
    8. Notice to Nevada Residents
    9. Notice to Virginia Residents
    10. Changes to This Privacy Policy
    11. Accessibility
    12. Contacting Us
  1. PRIVACY PRACTICES FOR OUR INTEGRITY SERVICES

    When we provide Integrity Services to our customers, we are generally acting on their behalf as their service provider and processor. Our Integrity Services provide check results to our customers who decide how to proceed with the user, this may be to proceed, to reject the user, or to ask for further checks. For additional information about how your specific data is being collected and used, please review the privacy policy of our customer who is using our Integrity Services with you.

    1. Information Collected in Connection with Our Integrity Services

      To operate the Integrity Services, we maintain internal databases (and have access to databases provided by governments and other third parties) containing personal information, such as names, addresses, telephone numbers, birthdates, and government-issued identification data, IP addresses, social network data, as well as details relevant to Know-Your-Customer (“KYC”) requirements, such financial watch list and Politically Exposed Person data.

      During use of our Integrity Services, the relevant individuals (or our customers, with the consent of such individuals or their parents, guardians, or other appropriate legal representatives) provide us with similar information (via data connection, email, videoconference or other means) for verifying the relevant individuals’ age or identity, to otherwise validate the individuals for anti-fraud, financial and legal compliance for age-restricted services, or for other KYC purposes.

      Certain data we provide for some of our Integrity Services may include information obtained from the Death Master File (DMF) made available by the US Department of Commerce National Technical Information Service (NTIS) and subject to regulations found at 15 CFR Part 1110. All Aristotle customers are required to comply with all applicable laws and, if a client is granted access to DMF data, the client certifies compliance with 15 CFR Part 1110. The client’s failure to comply with 15 CFR Part 1110 may subject the client to penalties under 15 CFR 1110.200 of $1,000 for each disclosure or use, up to a maximum of $250,000 in penalties per calendar year.

      We refer to all of the above information as the “Service Information.”

    2. How We Use the Information Collected Through the Integrity Services

      We use the Service Information to provide the Integrity Service for which it was collected, in compliance with law and with contractual restrictions imposed by the relevant sources of the Service Information. As part of this, we may use the information to engage in fraud prevention, risk mitigation, and similarly compatible activities.

      Use of our Integrity Services requires the consent of (i) the individual whose personal information is being processed or (ii) that individual’s parent, guardian or other appropriate legal representative.

    3. How We Share Information We Collect Through the Integrity Services

      Where appropriate in light of legal requirements and contractual restrictions imposed by our customers and other data sources, we may share Service Information as follows:

      • When a customer submits information to us for verification or validation through our Integrity Services, we send the customer a code indicating whether the information submitted regarding an individual matches or does not match information in our records. In some cases we may send a code indicating whether the match between the information submitted by a customer and our database is exact or only partial.
      • In many cases, we perform our Integrity Services by reference to data that we hold. In some cases, however, we may pass information received as part of a verification or validation request to a third party to perform all or a portion of the verification or validation for us
      • We may share Service Information with our affiliates or other entities that help us to operate our business and provide our Integrity Services.
      • We may disclose Service Information to (1) comply in good faith with applicable laws, rules, regulations, governmental requests, court orders, or subpoenas, including for purposes of national security and law enforcement; (2) enforce our agreements; or (3) protect the rights, property, or safety of our users or any other person or entity.
      • We may disclose Service Information as part of a business sale, merger, consolidation, investment, change in control, transfer of substantial assets, reorganization, or liquidation, or in connection with steps taken in anticipation of such an event (e.g., due diligence).
  2. PRIVACY PRACTICES FOR OUR WEBSITES

    1. Information We Collect Through Our Websites

      Information You Provide

      Website visitors may choose to provide their contact information (e.g., name, organization, email, phone number), such as part of a registration or order form. Visitors may also provide payment information. We will share any payment information you provide with our payment processors, NCR and First Data. You may view NCR’s privacy policy here: https://www.ncr.com/privacy. You may view First Data’s privacy policy here:https://merchants.fiserv.com/en-us/privacy/.

      Information as You Navigate Our Websites

      We automatically collect certain personal information through your use of the Websites, such as the following:

      • Usage Information. For example, the pages on the Websites you access, the frequency of access, and what you click on while on the Websites.
      • Device Information. For example, hardware model, operating system, application version number, and browser.
      • Mobile Device Information. Aggregated information about whether the Website is accessed via a mobile device or tablet, the device type, and the carrier.
      • Location Information. Location information from Website visitors on a city-regional basis.
    2. How We Use Information We Collect Through Our Websites

      In addition to the uses described elsewhere in this Privacy Policy, we use the personal information we collect through our Websites to provide, market, improve, and operate the Websites, Integrity Services, and any other products or services we have or may develop. This includes use of the personal information to:

      • Fulfill your requests;
      • Send information about our products and services, including marketing communications;
      • Respond to your questions, concerns, or customer service inquiries;
      • To create aggregate or de-identified information;
      • Comply with law and engage in fraud prevention, risk mitigation, and similar purposes;
      • Understand usage trends and preferences;
      • Otherwise analyze, improve, and provide products and services;
      • Customize the content and advertising you see on our Websites, across the Internet, and elsewhere; and/or
      • Other purposes for which the individual provided it.
    3. How We Share Information We Collect Through Our Websites

      We may share the personal information we collect through the Websites in the following situations:

      • With your consent, including through this Privacy Policy;
      • With our affiliates or other entities that help us to operate our business and provide our Integrity Services;
      • To (1) comply in good faith with applicable laws, rules, regulations, governmental requests, court orders, or subpoenas, including for purposes of national security and law enforcement; (2) enforce our agreements; or (3) protect the rights, property, or safety of our users or any other person or entity; or
      • As part of a business sale, merger, consolidation, investment, change in control, transfer of substantial assets, reorganization or liquidation, or in connection with steps taken in anticipation of such an event (e.g., due diligence).

      With respect to aggregated or de-identified information, we may share such information without restriction.

    4. Cookies and Other Tracking Technologies

      How We Use Cookies

      Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons) (collectively, “Cookies”). Cookies are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).

      We use Cookies to:

      • Estimate audience size and usage patterns;
      • Understand and save your preferences for future visits, allowing us to customize our Websites and Integrity Services to your individual needs;
      • Advertise new content and services that relate to your interests;
      • Keep track of advertisements and search engine results;
      • Compile aggregate data about site traffic and site interactions to resolve issues and offer better site experiences and tools in the future; and
      • Recognize when you return to the Websites.

      We set some Cookies ourselves, while separate entities set other Cookies. We use Cookies other entities set to provide us with useful information, to help us improve our Websites and Integrity Services, to conduct advertising, and to analyze the effectiveness of advertising. For example, we use Cookies from Google, Facebook, and other similar companies.

      How You Can Opt Out of Cookies

      Your Preferences

      When you first visit our Websites, we will present you with a banner which offers you choices about whether to accept or reject cookies or tracking technologies of different types. If you wish to change your preferences, you can do so by clicking the cookie icon at the bottom left of this webpage or other Aristotle webpages.

      Browser Settings

      You can block Cookies by changing your Internet browser settings to refuse all or some Cookies. If you choose to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Website(s).

      You can find out more about Cookies and how to manage them by visiting www.AboutCookies.org or www.allaboutcookies.org.

      Platform Controls

      You can opt out of Cookies set by Google by following the instructions found here: https://adssettings.google.com

      Advertising Industry Resources

      You can understand which entities have currently enabled Cookies for your browser or mobile device and how to opt out of some of those Cookies by accessing the Network Advertising Initiative’s website or the Digital Advertising Alliance’s website. For more information on mobile specific opt-out choices, visit the Network Advertising Initiative’s Mobile Choices website.

      Please note these opt-out mechanisms are specific to the device or browser on which they are exercised. Therefore, you will need to opt out on every browser and device that you use.

      Google Analytics

      We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Websites and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google, click here.

      Google reCAPTCHA

      We use Google reCAPTCHA, a free service provided by Google, Inc., to protect our Websites from spam and abuse. Google reCAPTCHA uses advanced risk analysis techniques to decipher humans and bots. Google reCAPTCHA works differently depending on what version is deployed. For example, you may be asked to check a box indicating that you are not a robot or Google reCAPTCHA may detect abusive traffic without user interaction. Google reCAPTCHA works by transmitting certain types of information to Google, such as the referrer URL, IP address, visitor behavior, operating system information, browser and length of the visit, cookies, and mouse movements. Your use of Google reCAPTCHA is subject to Google’s Privacy Policy and Terms of Service. More information as to Google reCAPTCHA and how it works is available here.

    5. “Do Not Track” Signals

      Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, our Websites do not currently interpret, respond to or alter their practices when they receive “Do Not Track” signals.

    6. Children’s Privacy

      Our Websites are not intended for children under 16 years of age. We do not knowingly collect, use, or disclose personal information from children under 16.

  3. GENERAL INFORMATION ABOUT OUR PRIVACY PRACTICES

    The following subsections apply to both categories of personal information described above: (1) information collected in connection with our Integrity Services, and (2) information collected through our Websites.

    1. Your Rights and Choices

      Some individuals (including those whose information we collect under the EU-U.S. Data Privacy Framework) have certain legal rights to obtain confirmation of whether we hold personal information about them, to access personal information we hold about them, and to obtain its correction, update, amendment or deletion in appropriate circumstances. To exercise those rights, they may contact us at [email protected] or the address at the end of this Privacy Policy. Except where prohibited by law, we will charge a reasonable fee to respond to these requests.

      Individuals may also use the contact information below to object to our uses or disclosures of personal information or to withdraw consent, though such actions typically will not have retroactive effect.

    2. Data Retention

      Generally speaking, we retain the information collected from the Websites or in connection with our Integrity Services for as long as necessary to achieve our objectives as detailed in this Privacy Policy, and for legally permissible, compatible purposes, such as compliance with law, resolution of disputes, auditing, and enforcement of our agreements.

    3. Users From Outside the United States

      The Websites and Integrity Services are provided from, supported, and hosted primarily in the United States. However, data on individuals residing in Europe or the UK is generally stored and accessed only in the UK. If you are using the Websites or Integrity Services from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States and other countries outside of yours. The privacy laws of the United States might not be as comprehensive or protective as those in your country. Your personal information can be subject to access requests from governments, courts, or law enforcement in the United States according to the laws of the United States.

      For any transfers of personal information from the European Economic Area (EEA), Switzerland, or the United Kingdom that we make to other entities as described in this Privacy Policy, we use appropriate safeguards to ensure for the lawful processing and transfer of the personal information, including, when appropriate, the use of standard contractual clauses approved by the European Commission. To obtain a copy of the safeguards, contact us at [email protected].

    4. EU-U.S. and Swiss-U.S. Data Privacy Framework

      As a business subject to the investigatory and enforcement authority of the Federal Trade Commission, Aristotle complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Aristotle has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Aristotle has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

      When Aristotle receives personal information under the DPF and then transfers it to a third-party service provider acting as an agent on Aristotle’s behalf, Aristotle has certain liability under the DPF if both (i) the agent processes the information in a manner inconsistent with the DPF and (ii) Aristotle is responsible for the event giving rise to the damage.

      Covered European, UK, and Swiss residents should direct any questions, concerns or complaints regarding Aristotle’s handling of personal information or compliance with the Data Privacy Framework to Aristotle at [email protected] or the address listed at the bottom of this Privacy Policy. Aristotle will attempt to answer your questions and satisfy your concerns in a timely and complete manner as soon as possible. In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Aristotle commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Aristotle at [email protected].

      Aristotle has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

      If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf

    5. Data Security

      We maintain commercially reasonable security measures with the goal of protecting the personal information we collect and store from loss, misuse and unauthorized access, disclosure, alteration, and destruction. However, no security measure is perfect, and we cannot guarantee absolute security of your personal information.

      To assist with data security, you understand that you are responsible for maintaining the secrecy of any credentials that can be used to access any account or service with Aristotle. Any actions taken using your access credentials are your sole responsibility.

    6. Third-Party Websites and Apps

      We are not responsible for the privacy practices or disclosures of third parties that access or use our Websites or Integrity Services. When you access our Websites, you may be directed to other websites that are also beyond our control. We encourage you to read the applicable privacy policies and terms and conditions of such third parties and websites, as well as those of the tools that we have referenced in this Privacy Policy (such as in the “How You Can Opt Out of Cookies” section above). This Privacy Policy applies only to personal information that is acquired by us through our Websites and Integrity Services. We accept no responsibility or liability for these other websites.

    7. Notice to California Residents

      If you are a California resident, please see our Notice to California Residents for more information about our online and offline practices regarding the collection, use, disclosure, sale, sharing, and retention of your personal information and the rights you have regarding your personal information.

    8. Notice to Nevada Residents

      Nevada law allows Nevada residents to opt out of the sale of certain types of personal information. Subject to several exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. We do not currently sell personal information as defined in the Nevada law. However, if you are a Nevada resident, you still may submit a verified request to opt out of sales and we will record your instructions and incorporate them in the future if our policy changes. You may send opt-out requests to https://www.aristotle.com/privacy/do-not-sell-my-personal-info/.

    9. Notice to Virginia Residents

      The Virginia Consumer Data Protection Act (“VCDPA”) provides Virginia residents with the right to receive certain disclosures regarding the personal data we process about them. For purposes of this section, personal data means any information that is linked or reasonably linkable to an identified or identifiable natural person. Personal data does not include de-identified or publicly available information as the VCDPA defines those terms.

      For a discussion of the categories of personal data we process, the purposes for our processing, the categories of personal data that we share with third parties, and the categories of third parties with whom we share personal data, please see Sections 1 and 2, above.

      If you are a Virginia resident, the VCDPA grants you the right to: (1) confirm whether or not we are processing your personal data and to access such personal data; (2) correct inaccuracies in your personal data, taking into account the nature of the personal data and the purposes of the processing of your personal data; (3) delete personal data you have provided or we have obtained about you; (4) obtain a copy of your personal data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another controller without hindrance, where the processing is carried out by automated means; and (5) opt out of the processing of your personal data for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

      We do not sell personal data to third parties as defined in the VCDPA via our Integrity services. See Aristotle’s corporate privacy policy for discussion of other Aristotle services. We process personal data collected through our Websites for targeted advertising.

      To opt out of the sale or processing of your personal data, complete this form. To request that we delete your personal data, complete this form. To exercise your other rights, please email us at [email protected] with your name, the fact that you are a Virginia resident, and specifying the right(s) you wish to invoke. If we refuse to take action regarding your request, you may appeal our decision by emailing us at [email protected]. If you would like to opt out of targeted advertising, you may alter your cookie preferences by clicking on the cookie icon at the bottom left of this or other Aristotle webpages.

    10. Changes to This Privacy Policy

      From time to time, we may update this Privacy Policy to reflect changes to our privacy practices. If we do, the amended Privacy Policy will be displayed on or accessible from our Websites. Please check our Privacy Policy regularly to ensure you have read the latest version and to stay informed of our privacy practices. Your continued access to or use of the Websites or Services constitutes your acknowledgement of this Privacy Policy and any updates.

    11. Accessibility

      We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.

    12. Contacting Us

      If you have any questions regarding this Privacy Policy, or wish to exercise your rights or file a complaint, please contact us at [email protected] or at:

      Integrity
      205 Pennsylvania Avenue, SE
      Washington, DC 20003
      United States

Effective Date: January 10th, 2024

Last Updated Date: January 23rd, 2024