Ezement California Biometric & CCPA Privacy Disclosure

Last updated: July 1, 2025

CALIFORNIA PRIVACY POLICY

Please read these terms and conditions carefully before using Our Service.  Ongoing use of the service constitutes your acceptance of such disclosures.

Tribus LLC d/b/a Solid Earth (the “Company”) has instituted the following biometric information privacy policy:

 

Definitions:

 

As used in this policy, “biometric information” “personal information” and “sensitive personal information” are defined as in the California Consumer Privacy Act (“CCPA”) § 1798.140.

 

“Biometric Information” means an individual’s physiological, biological, or behavioral characteristics, including information pertaining to an individual’s deoxyribonucleic acid (DNA), that is used or is intended to be used singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.

 

“Biometric Information” falls within the definition of “Personal Information” and “Sensitive Personal Information” in the CCPA.

 

Categories of Biometric Information Collected and Purpose for Use

 

The Company and its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform indirectly collect and use biometric information solely for platform user identification, user authentication, fraud prevention, and the granting of user access to the Solid Earth platform. The Company does not store any biometric information. When the user accesses the platform, the user may, on their own device, access the platform by using their device’s FaceID or TouchID. When the user initiates their account with the Company, the Company connects to the user’s device and requests permission to use the device’s FaceID or TouchID (typically a face scan or a fingerprint) as a way to login using a Passkey API. The user’s device then ultimately returns a token to the Company that the Company uses to confirm every subsequent login of the user to the platform. Thus, the Company is never in possession of any biometric information but biometric information is used in generating the token the Company uses to authenticate the user. The token is a string of many random numbers and letters. The Company keeps the token for the user until the user’s MLS ceases to license the platform, or until the MLS or the user informs the Company that the user needs to be deactivated. The Company will retain the token for such a canceled user for six months. At any time that the user is deactivated in the system permanently, then this information will be also deleted. The above paragraph describes the process, categories, and purpose that the Company may have used for California residents within the last twelve months.

 

The Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform will not sell, lease, trade, or otherwise profit from users’ biometric information; provided, however, that the Company, its vendors, and/or the licensee of the Company’s “Solid Earth” identity provider platform may be paid for products or services used or provided by the Company that utilize such biometric information.

 

Retention Schedule

 

The Company does not retain any biometric information.

 

Requirements to Share

 

The Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform will not share biometric information with any third party unless the Company enters into an agreement with that third party that: (1) Specifies that the biometric information is sold or disclosed by the business only for limited and specified purposes. (2) Obligates the third party to comply with applicable obligations under the CCPA and obligates the third party to provide the same level of privacy protection as is required by the CCPA. (3) Grants the Company rights to take reasonable and appropriate steps to help ensure that the third party uses the biometric information transferred in a manner consistent with the Company’s obligations under the CCPA. (4) Requires the third party to notify the Company if it makes a determination that it can no longer meet its obligations under the CCPA. (5) Grants the Company the right, upon notice, including under paragraph (4), to take reasonable and appropriate steps to stop and remediate unauthorized use of biometric information. See Section 1798.100(d).

 

Storage and Security

 

The Company shall take reasonable measures to secure any biometric information stored or used from unauthorized or illegal access, destruction, use, modification, or disclosure. The Company will use the same protective measures it uses to to secure other confidential and sensitive information.

 

Your Rights Under the CCPA

 

The full statutes of the CCPA are publicly available. California consumers have rights under the CCPA regarding their personal information held by businesses which are applicable to the biometric information addressed in this privacy policy, as briefly summarized below and throughout this privacy policy.

 

Section 1798.100 - A business that controls the collection of a consumer’s personal information or sensitive personal information shall, at or before the point of collection, inform consumers of the categories of the information to be collected, the purposes for which the categories of the information are collected or used, and whether that information is sold or shared. A business shall not collect additional personal information for incompatible purposes without notice. A business shall also inform consumers of the length of time the business intends to retain the personal information or if that is not possible, the criteria used to determine that period. A business’ collection, use, retention, and sharing of a consumer’s personal information shall be reasonably necessary and proportionate to achieve the purposes for which the personal information was collected or processed.

 

Section 1798.105 - California consumers have the right to request that a business delete any personal information about the consumer which the business has collected from the consumer, subject to certain exceptions.

 

Section 1798.106 - California consumers have the right to request a business that maintains inaccurate personal information about the consumer to correct that inaccurate personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information.

 

Section 1798.110 - California consumers have the right to know what personal information is being collected and the right to access that personal information. California consumers have the right to request that a business that collects personal information about the consumer disclose to the consumer the following: (1) The categories of personal information it has collected about that consumer. (2) The categories of sources from which the personal information is collected. (3) The business or commercial purpose for collecting, selling, or sharing personal information. (4) The categories of third parties to whom the business discloses personal information. (5) The specific pieces of personal information it has collected about that consumer.

 

Section 1798.115 - California consumers have the right to request that a business that sells or shares the consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer: (1) The categories of personal information that the business collected about the consumer. (2) The categories of personal information that the business sold or shared about the consumer and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared. (3) The categories of personal information that the business disclosed about the consumer for a business purpose and the categories of persons to whom it was disclosed for a business purpose.

 

Section 1798.120 and Section 1798.121 - California consumers have the right to direct a business that sells or shares personal information about the consumer to third parties not to sell or share the consumer’s personal information. California consumers have the right to direct a business that collects sensitive personal information about the consumer to limit its use of the consumer’s sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer.

 

Section 1798.125 - A business shall not discriminate against a consumer because the consumer exercised any of the consumer’s rights under this title, including, but not limited to, by: (A) Denying goods or services to the consumer. (B) Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties. (C) Providing a different level or quality of goods or services to the consumer. (D) Suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.

 

These rights can be exercised, to the extent they are applicable to the biometric information addressed by this privacy policy, at any time by notifying the Company in writing to: TRIBUS, Attn: Revocation of Consent - California, 231 South Bemiston Ave. Suite 850, Box 33454, St. Louis MO 63105, or by email to: support@solidearth.com

Solid Earth

CALIFORNIA PRIVACY POLICY - USER ACKNOWLEDGEMENT FORM

 

TRIBUS LLC d/b/a “Solid Earth” (the “Company”) furnishes a single sign-on identity platform to which the undersigned individual (the “user”) requests access. The user named below has been advised and understands that the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform may collect, retain, and use biometric information for the purpose of user identification, user authentication, fraud prevention, and the granting of user access to the Solid Earth platform.

 

The California Consumer Privacy Act § 1798.100, et seq. (“CCPA”) regulates the collection, use, sharing, safeguarding, handling, storage, retention, and destruction of biometric information.

 

“Biometric Information” means an individual’s physiological, biological, or behavioral characteristics, including information pertaining to an individual’s deoxyribonucleic acid (DNA), that is used or is intended to be used singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.

 

“Biometric Information” falls within the definition of “Personal Information” and “Sensitive Personal Information” in the CCPA.

 

The user understands that he or she is free to decline to provide biometric information to the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform without any adverse action.

 

To the extent that the Company, its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform possess a user’s biometric information, the Company will retain any biometric information only so long as it is reasonably necessary and proportionate to achieve the purposes for which it was collected or processed, as described in the attached privacy policy and subject to any exceptions provided in the CCPA.

 

The user or a user’s authorized agent may exercise any of the rights highlighted in CCPA § 1798.100, et seq. such as the right to delete, the right to correct inaccuracies, the right to request and access, the right to know what is being sold or shared and with whom, the right to opt out of sale or sharing, the right to limit use or disclosure, and the right of no retaliation to the extent that those rights apply and the user may revoke the consent provided in this user acknowledgement form at any time by notifying the Company in writing to: TRIBUS, Attn: Revocation of Consent - California, 231 South Bemiston Ave. Suite 850, Box 33454, St. Louis MO 63105, or by email to: support@solidearth.com.

 

By accepting this Agreement and your continued use of the system, the user acknowledges that he/she has received this Biometric Information Privacy Policy, and that he/she voluntarily consents to the Company’s, its vendors’, agents’, and/or the licensee of the Company’s “Solid Earth” identity provider platform’s collection, storage, and use of biometric data through various biometric sign-in measures, including to the extent that it utilizes the user’s biometric information as defined in the CCPA, and voluntarily consents to the Company providing such biometric information to its vendors and agents, and/or the licensee of the Company’s “Solid Earth” identity provider platform.