Ezement BIPA Disclosure and Privacy Policy

Last updated: February 5, 2024

Please read these terms and conditions carefully before using Our Service.  Ongoing use of the service constitutes your acceptance of such disclosures.

BIPA PRIVACY POLICY

Solid Earth
BIPA PRIVACY POLICY

Tribus LLC d/b/a Solid Earth (the “Company”) has instituted the following biometric information privacy policy: 

Biometric Data Defined:

As used in this policy, biometric data includes “biometric identifiers” and “biometric information” as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq. 

“Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color. Biometric identifiers do not include donated organs, tissues, or parts as defined in the Illinois Anatomical Gift Act or blood or serum stored on behalf of recipients or potential recipients of living or cadaveric transplants and obtained or stored by a federally designated organ procurement agency. Biometric identifiers do not include biological materials regulated under the Genetic Information Privacy Act.  Biometric identifiers do not include information captured from a patient in a health care setting or information collected, used, or stored for health care treatment, payment, or operations under the federal Health Insurance Portability and Accountability Act of 1996. 

“Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers. 

Purpose for Collection of Biometric Data 

The Company and its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform indirectly collects, and uses biometric data solely for platform user identification, user authentication, fraud prevention, and the granting of user access to the Solid Earth platform.  The Company does not store any biometric information.  When the user access the platform, the user may, on their own device, access the platform by using their device’s internal, biometric based authentication systems.  When the user initiates their account with the Company, the Company connects to the user’s device and requests permission to use the device’s internal, biometric based authentication systems (typically a face scan or a fingerprint) as a way to login using a Passkey API.  The user’s device then ultimately returns a token to the Company that the Company uses to confirm every subsequent login of the user to the platform.   Thus, the Company is never in possession of any biometric information but biometric information is used in generating the token the Company uses to authenticate the user.  The token is a string of many random numbers and letters.  The Company keeps the token for the user until the user’s MLS ceases to license the platform, or until the MLS or the user informs the Company that the user needs to be deactivated.  The Company will retain the token until such time the providing party requests destruction.


Disclosure and Authorization 

To the extent that the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform capture, or otherwise obtain biometric data relating to a user or potential user (collectively “user) of the Solid Earth platform, the Company must first: 

a. Inform the user in writing that the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform are collecting, capturing, or otherwise obtaining the user’s biometric data, and that the Company is or may be providing such biometric data to its vendors, agents and the licensee of the Company’s “Solid Earth” identity provider platform; 

b. Inform the user in writing of the specific purpose and length of time for which the user’s biometric data is being collected, stored, and used; and 

c. Receive a written release signed by the user (or his or her legally authorized representative) authorizing the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform to collect, store, and use the user’s biometric data for the specific purposes disclosed by the Company, and for the Company to provide such biometric data to its vendors and agents and the licensee of the Company’s “Solid Earth” identity provider platform.

The Company, its vendors, and/or the licensee of the Company’s “Solid Earth” identity provider platform will not sell, lease, trade, or otherwise profit from users’ biometric data; provided, however, that the Company, its vendors, and/or the licensee of the Company’s “Solid Earth” identity provider platform may be paid for products or services used or provided by the Company that utilize such biometric data. 

Instances of Disclosure 

The Company will not disclose or disseminate any biometric data to anyone other than its vendors and agents and the licensee of the Company’s “Solid Earth” identity provider platform providing products and services using biometric data without/unless: 

a. First obtaining written user consent to such disclosure or dissemination; 

b. The disclosed data completes a financial transaction requested or authorized by the user; 

c. Disclosure is required by state or federal law or municipal ordinance; or 

d. Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction. 

Retention Schedule 

The Company does not retain any fingerprint, facial / retinal scan, or any other direct biometric information.  Company does however retain the token their device associates to such biometric information.

Data Storage 

The Company shall use a reasonable standard of care to store, transmit and protect from disclosure any paper or electronic biometric data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which the Company stores, transmits and protects from disclosure other confidential and sensitive information, including personal information that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers and social security numbers.

Solid Earth
BIPA PRIVACY POLICY - USER ACKNOWLEDGEMENT FORM

TRIBUS LLC d/b/a “Solid Earth” (the “Company”) furnishes a single sign-on identity platform to which the undersigned individual (the “user”) requests access.  The user named below has been advised and understands that the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform collect, retain, and use biometric data for the purpose of user identification, user authentication, fraud prevention, and the granting of user access to the Solid Earth platform. 

The Illinois Biometric Information Privacy Act, 740 ILCS 14/1, et seq. (“BIPA”), regulates the collection, storage, use, and retention of “biometric identifiers” and “biometric information.” 

“Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. “Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. The user understands that he or she is free to decline to provide biometric identifiers and biometric information to the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform without any adverse employment action. 

The Company shall retain user biometric data only until, and shall permanently destroy such data, and shall request that its vendors and agents and the licensee of the Company’s “Solid Earth” identity provider platform permanently destroy such data, the first of the following occurs:  

The initial purpose for collecting or obtaining such biometric data has been satisfied, or

Within 3 years of the user’s last interaction with the Company.

The user may revoke this consent at any time by notifying the Company in writing to:

TRIBUS
Attn: Revocation of BIPA Consent
231 South Bemiston Ave. Suite 850
Box 33454
St. Louis MO 63105. 

You acknowledge that you have received the above Biometric Information Privacy Policy, and that you voluntarily consent to the Company’s, its vendors’, agents’, and/or the licensee of the Company’s “Solid Earth” identity provider platform’s collection, storage, and use of biometric data through various biometric sign-in measures, including to the extent that it utilizes the user’s biometric identifiers or biometric information as defined in BIPA, and voluntarily consent to the Company providing such biometric data to its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform.