Latest Gartner® research: Strategies for Midsize Enterprises to Mitigate Insider Risk. Download here.

Sign In App

Sign In Solutions Privacy Notice

This Privacy Notice was last updated on April 05, 2024.

1. About Us

Sign In Solutions Inc. and its affiliates respect your privacy and commit to protecting it through our compliance with the practices described herein this notice.

This notice describes the types of information Sign In Solutions Inc. (together with its affiliated companies, “SIS” or “we“) collects from you, its users or customers (“you” or “your“) to SIS’s website(s) and software applications, including the enhancements, features, related website, and contents (the “Services“). It also describes how we use and disclose such information, as well as your rights with respect to SIS’s collection, use, and disclosure of such information.

For your information, the following companies are current affiliates of Sign In Solutions Inc.:

  • Sign In Enterprise Inc., 150 2nd Ave N, Suite 1540, St. Petersburg, Florida 33701, US
  • Traction Guest Corp., 150 2nd Ave N, Suite 1540, St. Petersburg, Florida 33701, US
  • Sign In App Ltd., 4 Waterside Way, Northampton, England, NN4 7XD
  • Sign In App SL, Paseo de la Castellana 40 8º, 28046, Madrid, España
  • Sign In App Inc., 150 2nd Ave N, Suite 1540, St. Petersburg, Florida 33701, US
  • ThreatSwitch, Inc. (Sign In Compliance Inc.), 222 S Church St, Charlotte, NC 28202, US
  • ProNestor, Nørgaardsvej 7, 2800 Kongens Lyngby, Denmark

We understand the importance of your privacy and the privacy of visitors and users to your business locations who access the Services (“Users“) and we treat all information we receive in a responsible manner. By downloading, using, viewing or accessing the Services, you agree that we may collect, use, and disclose Personal Data, Aggregate Information, and Cookies (all terms defined below) pursuant to this Privacy Notice.

Where you are provided access to the Services under your company contract with SIS, SIS may disclose Personal Data with your company in relation to your use of the Services.

When you register for the Services such as Campus independently from your company contract, and confirm that you wish to share your Personal Data with your company, SIS may share your Personal Data with your company.

If you are a visitor to a business location that uses the Services, by accessing the Services at such location (such as by signing in or using the functionality of the Services), you may be sharing your Personal Data with such business. The business’ use and disclosure of visitors’ Personal Data is governed by such business’ privacy policy or other agreement which you may have entered into with such business. Notwithstanding that such agreement may have been presented to you through the Services, SIS is not an affiliate of such business and is not responsible for the business’ access, use, and disclosure of visitors’ Personal Data.

2. Information that we Collect

When you use the Services, we may collect these types of information:

  1. Personal Data - Personal Data is any information directly or indirectly relating to an identified or identifiable individual, such as a name, email address, phone number, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
  2. Aggregate Information - Aggregate Information is information about your activities on or in connection with the Services that typically cannot be used to identify, locate, or contact you or your Users. For example, Aggregate Information includes information regarding the frequency of use of the Services, quantity and type of data entered when using the Services, components of the Services most frequently accessed, and browser types used to access the Services.
  3. Cookies and Similar Technologies. - Cookies, beacons, device identifiers, or similar technologies (referred to for convenience as “Cookies“) are small pieces of data placed on your device that your web browser or device uses to access the Services and that permit SIS to track your activity on the Services. We obtain information from Cookies when, for example, you or a User visits SIS’s website. You may turn off Cookies in your browser or device settings, but this may limit functionality of the Services. Cookies help analyze usage and provide certain functionality.

3. When do we Collect

We collect Personal Data when:

  1. You sign up for the Services.
  2. You use certain features of the Services that require the collection of Personal Data in order for those features to function.
  3. You or your Users voluntarily enter or upload Personal Data to or through the Services.
  4. You communicate with SIS, whether through the Services or through another form of communication, such as e-mail, web chat or telephone.
  5. SIS collects Aggregate information resulting from your use and the use by your Users of the Services.
  6. SIS may use the Services to collect and use location information to provide certain functionality, such as identifying a User sign-in at a specific business location or providing access to subscribed features such as scheduling and manual input logins.

4. Using and Sharing Personal Data

Your data will be processed only for specified, explicit and legitimate purposes. We collect and process the Personal Data detailed in this notice, and the purposes for which we process Personal Data will be informed to data subjects at the time that their Personal Data is collected.

SIS uses Personal Data we collect:

  • To provide the Services;
  • To improve the features and functionality of the Services;
  • To communicate with you in response to any of your questions and requests;
  • To personalize and enhance your experience using the Services;
  • To administer and provide you with information about your account;
  • To prevent fraud and abuse of the Services and to otherwise protect members and Users and our business;
  • To administer, operate and improve the Services and for internal business purposes;
  • To generate and review reports and data about our user base and service usage patterns;
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale of transfer of some or all of our assets;
  • To provide relevant marketing and other information to you, but only if, and to the extent that, you have consented to us providing such marketing and other information to you in accordance with applicable laws. In such a case, we will provide an easy link to permit you to “opt-out” of receiving future marketing communications.

In exceptional cases, SIS may be required, or may, acting in good faith, believe it is required, to share certain information with legal authorities. In such a case, SIS will only share what is legally necessary and only fulfill such requests where we are permitted to do so in accordance with applicable law or regulation. When SIS do provide this information to the authorities, it is for them to protect that information. Such cases include:

  • If required by law;
  • To protect or defend itself, you, your Users, or others against legal liability;
  • To protect itself, you, your Users, or others from immediate danger, such as personal injury or death;
  • To investigate a possible crime, such as fraud or identity theft.

Personal Data may be disclosed to third parties for a business purpose in accordance with our Privacy Policy. SIS may share Personal Data with third party service providers as SIS deems necessary for such third party service providers to perform their duties required for the Services to function. For example, the Services may utilize mail relays, payment processors and hosting providers. A list of third party service providers used by SIS can be requested by contacting us at These third party service providers are not authorized to retain, share, store or use Personal Data for any purposes other than to provide the services for which they have been retained to provide.

SIS may transfer your Personal Data to countries other than the one in which User resides or where the Personal Data was collected.

Where you are provided access to the Services under your company contract with SIS, SIS may disclose Personal Data with your company in relation to your use of the Services.

Your Personal Data may also be shared with our subsidiaries and affiliates in order to provide the Services to you, or as part of a sale of any or all of the assets of SIS. In such a case, each such party will be required to hold Personal Data and not disclose Personal Data except in accordance with terms at least as restrictive as those contained in this Privacy Notice. To the extent you are a user of the services of an SIS affiliate, the Privacy Policy of such affiliate may also apply.

SIS does not sell or otherwise share Personal Data with unrelated third parties.

5. Using and Sharing Aggregate Information

SIS uses Aggregate Information:

  1. To provide the Services;
  2. To improve the Services;
  3. To monitor usage of the Services;
  4. To analyze usage of the Services;
  5. To research, compile, and report on usage trends, user demographics, and user behaviors;
  6. To create improvements, enhancements and upgrades for the Services;
  7. And for other legitimate business purposes.

SIS may share Aggregate Information with its affiliates and certain third parties, such as investors, potential investors, and third party service providers we use to provide the Services. Aggregate Information is anonymized and does not have the capacity to be used to identify an individual. In other words, SIS may share this information, but no Personal Data will be disclosed to third parties.

6. Lawful Basis for Processing

  1. Lawful Basis

    Data protection laws require that we meet certain conditions before we are allowed to use your data in the manner described in this notice, including having a "legal basis" for the processing. Our lawful basis for collecting and processing the Personal Data described in this notice will depend on the type of Personal Data concerned and the specific context in which we collect it. These are explained further below.

    Consent: You have provided us your consent for processing your personal data.

    Performance of Contract: The processing of your Personal Data may be necessary in relation to the contract we have entered into, with you or an organization you represent, to provide Services to you, or because you have asked for something to be done or performed so you are able to enter into such a contract.

    Legitimate interests: The processing of your Personal Data may be necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or by fundamental rights and freedoms which require protection of Personal Data. It may be necessary for our legitimate interests to collect your Personal Data to enable us to manage certain operations of SIS effectively. For example when responding to your queries, improving our services, or undertaking direct marketing.

    Lawful interests: processing is necessary for compliance with a legal obligation to which the controller is subject. Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your Personal Data.

    If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant and appropriate time and advise you whether the provision of your Personal Data is mandatory or not.

  2. Lawful Principles

    We follow the lawful principles below:

    Lawful PrinciplesPersonal Data shall be:
    Lawfulness, fairness and transparencybe processed lawfully, fairly and in a transparent manner in relation to the data subject.
    Purpose limitationcollected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
    Data minimisationadequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
    Accuracyaccurate and, where necessary, kept up to date.
    Storage limitationkept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
    Integrity and confidentialityprocessed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
    Accountabilitybe able to demonstrate compliance with the above principles.

7. How do we protect your personal data?

  1. Data Security

    We are committed to securing all data and Personal Data and complying with our obligations towards applicable data protection laws, but cannot absolutely guarantee the security of any data we collect from you. By choosing to share the data with us, you’re acknowledging this risk.

    We use appropriate physical, technical, privacy and organizational security measures to protect your data from unauthorized access, destruction, use, modification, and/or disclosure during transmission, at-rest and in-storage. As an example, we use the zero-trust approach for verifications and we have at minimum, industry standard encryption practices.

  2. International Data Transfers

    Any transfer of your Personal Data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

    We have put in place appropriate technical and organizational security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we practice “least-privilege” which limits access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  3. Data Quality

    If we collect your Personal Data when providing Services to you, we will process it in a way that is adequate, relevant and limited to what is necessary in relation to the purposes for why it is processed. We will maintain and update your information as necessary to keep it accurate or when you advise us that your Personal Data has changed. We will keep your information in a format which permits your identification for no longer than is necessary.

  4. Data Retention

    The length of time we keep your Personal Data depends on what it is and whether we have an ongoing business need to retain it - for example, to provide you with a service or to comply with applicable legal, tax or accounting requirements.

    SIS will not keep Personal Data for longer than is legally necessary at which time it will either be deleted or anonymized. For Personal Data collected under contract by a business it is the business location that determines the length of time data is to be kept, refer to their privacy policy for more details. Data will be retained for as long as your account is active and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policy.

  5. Age Limitation

    We do not direct our website to minors and we do not knowingly collect Personal Data from children under 16. If we learn we have mistakenly or unintentionally collected or received Personal Data from a child without appropriate consent, we will delete it. If you believe we mistakenly or unintentionally collected any information from or about a child, please contact us below.

8. Your rights and how to use them

SIS provides you with the ability to exercise your rights under applicable law as it relates to your Personal Data. You may have certain rights with respect to your Personal Data, including:

  1. Obtain a copy of your Data – “Right of access and data portability”:

    You may request a copy of the Personal Data you provide us and ask for copies of your Personal Data though there may be some exceptions. If you or your company have been sanctioned in relation to our Services, we may not be able to give you access to the Personal Data regarding your sanction so as to maintain our ability to detect or take action against such behavior.

  2. Correct your Data – “Right to rectification”:

    You may have the right to correct your Personal Data when it is inaccurate or incomplete (for example, change your delivery address).

  3. Delete your Account – “Right to erasure (right to be forgotten)”:

    You may request the closure of your account and the deletion of the associated Personal Data subject to certain limitations under applicable law.

    If you or your company have been sanctioned in relation to our Services, we cannot delete the Personal Data regarding your sanction as to allow us to maintain your sanction.

  4. Limit the use of your Data – “Right to restriction of processing”: You may request us to restrict processing of your information in some circumstances.

  5. Freedom of exercising certain rights - “The right not to be discriminated”: You have the right not to be discriminated against for exercising certain rights under California law.

    To exercise any of these rights please contact us at If you feel that your rights have not been respected after having contacted us and discussed with us; you have the right to contact the regulatory authority in your country. If you are a UK customer, you can find out more at this link. If you are based within the EU, you can find out more here.

9. Data Processing and GDPR

SIS is a data processor and not the data controller for visitors’ Personal Data. This means that SIS performs operations on Personal Data, but it does not control your visitors’ Personal Data. With respect to visitors’ Personal Data, the controller is the party whose business location the visitor has visited to interact with the Services.

To the extent you are a visitor of a business and you do not have access to do so directly through the Services, you may contact the business you visited to update your Personal Data. In the alternative, you may contact SIS for further access and assistance. We will take reasonable steps to assist with your request.

10. Data Processing and CCPA

The California Consumer Privacy Act (“CCPA”), regulates how SIS handles personal information of California residents and gives California residents certain rights with respect to their personal information.

SIS is both a “business” and a “service provider” under the CCPA. The following supplemental section applies to information we collect in our role as a business - this is when we interact directly with you.

When we act as a service provider (for example, by providing our services to a business that you interact with including as a visitor), we follow the instructions of the business that engaged us with respect to how we process your personal information. If you would like more information about how your personal information is processed by other businesses, including companies that engage us as a service provider, please contact those businesses directly.

The general privacy policy shall continue to apply to the extent that it applies to you as a resident of California. If you are a resident of California, we are required to disclose certain uses and disclosures in a certain format, as well as to inform you of certain rights you may have.

Information We May Collect:

We may collect the following categories of information:

  • Identifiers
  • Demographic Information
  • Commercial Information
  • Internet or other electronic network activity information
  • Geolocation data
  • Audio, electronic, visual, or similar information
  • Professional or employment-related information

For each category of information, we collect the information from a variety of sources, including directly from you, from your devices, from your social media profiles, and/or from third party providers. We collect the information to provide you with services, protect our customers and ourselves (including the services), and to improve the services. We do not share personal information with Third Parties as the term is defined under the CCPA.

We do not sell personal information of any individual, including personal information of minors under 16 years of age.

11. External Links

The Services may contain links to third party websites operated by other people or companies. We do not guarantee that we have endorsed or reviewed any links to third-party websites. SIS is not responsible for those websites, and links to such websites are solely for your convenience. We cannot control nor are we responsible for the privacy practices or consent of these third-party websites. We suggest contacting these websites directly for information on their privacy policies.

12. Changes to our Privacy Notice

Our Privacy Notice may be updated from time to time. At least annually, the Privacy Notice is reviewed unless organizational changes, legislation, guidance or non-compliance prompt an earlier review. If the changes materially alter how we use or treat your Personal Data we will notify you by email to the primary email address specified in your account and/or through a notice on the website home page. Any updates will appear on this website page.

This Privacy Notice was last updated on April 05, 2024.

13. How to Contact Us

You can contact us through the mediums noted below. Sign In Solutions’ corporate headquarters is located at 150 2nd Ave N, Suite 1540, St. Petersburg, Florida 33701, USA.

To contact us about our privacy, data protection and information that we may keep about you, please contact as below:

Jason Mordeno

Global Privacy Officer


By toll-free phone number: 8552159508

By Post Mail:

Sign In Solutions Inc.
Attn: Global Privacy and Data Protection Officer
150 2nd Ave N, Suite 1540, St. Petersburg, Florida 33701, USA