Caisson, Corp Privacy Policy

Last Updated: 1/30/2019

  1. Scope. This Privacy Policy applies to Personal Information Processed in the course of our business-to-business relationship with our Customers’ employees, authorized users, and/or other Individuals we may directly interact with, including on our websites (each a “Site”), the Caisson public API, and other online or offline offerings (collectively, the “Services”). The terms “Caisson,” “we,” “us,” and “our” includes Caisson, Corp and our affiliates. All capitalized terms not defined in this Privacy Policy will have the meanings set forth in the Caisson Public API – End User License Agreement.

    An Important Note. Except for Section 2, this Privacy Policy does not apply to or cover our Processing of Caisson Customer Data or Customer Materials (defined below). Our Customers are responsible for providing the appropriate notice to their end-clients and obtaining any required authorizations to permit us to Process Caisson Customer Data. Our Customers’ respective privacy policies will govern the collection and use of such information and we encourage you to read each Customer’s privacy policy in detail.

  2. About Caisson. Caisson acts an identity verification service provider to our Customers. To do this, our Customers will collect information from their end-clients (i.e., our Customer’s customers) and send it to Caisson for Processing. We call this “Caisson Customer Data” or “Customer Materials.” Caisson Customer Data includes, but is not limited to, copies of United States government issued IDs and/or photographs of our Customer’s end-clients.

    Once a Customer sends us Caisson Customer Data, it will instruct us to extract certain information from the Caisson Customer Data to verify an end-client’s identity. For example, we may extract biometric information contained in the photographic images our Customer provides us to determine whether or not the person pictured in each image is the same end-client. We may also extract relevant text fields and/or barcodes from government issued IDs to verify the information. In some cases, our Customers will permit us to use Caisson Customer Data to improve our machine learning models and other services.

    Caisson may use various third-party service providers to Process Caisson Customer Data. Our agreement with each Customer will determine how long we retain Caisson Customer Data, but we delete Caisson Customer Data within one year after a Customer agreement terminates or otherwise expires. We protect Caisson Customer Data using reasonable security measures.

    If you have additional questions about Caisson or the services we provide to our Customers, please contact as set forth below. You may also wish to contact our Customers with any specific questions you may have about Caisson Customer Data.

  3. Personal Information We Collect. The types of Personal Information we collect and our privacy practices depend on whether you are a Customer or visitor to our Services (together, “Individuals”) and the requirements of applicable law.

    Below are the ways we collect Personal Information and how we use it.

    1. Information You Provide to Us.
      • Account Creation. We will require some Individuals to create an Caisson account (e.g., the employees or authorized users of our Customer). When you do this, we will collect Personal Information such as your name, email, and employer.
      • Transactions. If you make a purchase or place an order with Caisson, we will collect the Personal Information and any payment information associated with such transaction. We use Stripe to process transactions involving payment card information.
      • Communications with Us. We may collect Personal Information from you such as email address, phone number, or mailing address when you request information about our Services, request customer or technical support, or otherwise communicate with us.
      • Surveys. We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include Personal Information.
      • Interactive Features. We may offer interactive features such as chat services, forums, and social media pages. We may collect the information you submit or make available through these features. Any content you provide on the public sections of these channels will be considered “public” and will not be subject to the privacy protections referenced herein.
      • Conferences and Trade Shows. We may attend conferences and trade shows where we collect Personal Information from Individuals who interact with or express an interest in Caisson and/or the Services. If you provide us with any information at one of these events, we will use it for the purposes for which it was collected.
      • Automatic Data Collection. We may collect certain information automatically when you use the Services. This information may include your Internet protocol (IP) address, user settings, IMEI, MAC address, Technologies including cookie identifiers, mobile advertising and other unique identifiers, mobile carrier, details about your browser, operating system or device, location information, Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, and other information about how you use the Services. Information we collect may be associated with accounts and other devices.
    2. Information from Other Sources. We may obtain information about you from other sources, including through third-party services and organizations to supplement information provided by you. For example, if you access our Services through a third-party application, such as an App Store, a third-party login service, or a social networking site (“SNS”), we may collect information about you from that third-party application that you have made available via your privacy settings. This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with the Services.
  4. How We Use Your Information. We Process Personal Information about Individuals for a variety of business purposes, including:
    1. To Provide Products, Services, or Information Requested.
      • Manage individual information;
      • Respond to questions, comments, and other requests;
      • Provide access to certain areas, functionalities, and features of our services;
      • Answer requests for customer or technical support; and
      • Allow you to register for events.
    2. Administrative Purposes.
      • Measure interest and engagement in our Site and Services;
      • Improve our products and Services;
      • Develop new products and services;
      • Ensure internal quality control;
      • Verify Individual identity;
      • Communicate with you about your account, activities on our Site and Services and policy changes;
      • Process your financial information and other payment methods for products or Services purchased;
      • Prevent potentially prohibited or illegal activities; and
      • Enforce our Agreement.
    3. Marketing Our Products and Services. We may use Personal Information to tailor and provide you with materials about offers, products, and services that may be of interest to you. We may provide you with these materials by email, phone, and/or postal mail, as permitted by applicable law.

      You may contact us at any time to opt out of the use of your Personal Information for marketing purposes as described below.

    4. De-identified and Aggregated Information Use. We may use Personal Information and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, de-identified or aggregated trends, reports, or statistics, information about the computer or device from which you access our Services, or other analyses we create. De-identified and aggregated information is used for a variety of functions, including the measurement of visitors’ interest in and use of various portions or features of the Site and Services. De-identified and aggregated information is not Personal Information, and we may use and disclose such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes.
    5. Sharing Content with Friends or Colleagues. Caisson’s Services may offer various tools and functionalities. For example, Caisson may allow you to provide information about your friends through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services. Email addresses that you may provide for a friend or colleague will be used to send your friend or colleague the content or link you request, but will not be collected or otherwise used by Caisson or any other third parties for any other purpose.
    6. Other Uses. Caisson may use Personal Information to pursue legitimate interests, such as direct marketing, research (including marketing research), network and information security, and fraud prevention. In addition, Caisson may use Personal Information for other purposes that are clearly disclosed to you at the time you provide Personal Information or with your consent.
    7. Technologies. We, as well as third parties that provide content, advertising, or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information through the Services. Technologies are essentially small data files placed on your computer, tablet, mobile phone, or other devices that allow us to record certain pieces of information whenever you visit or interact with our Site and Services.

      Cookies. Cookies are small text files placed in visitors’ device browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.

      Pixel Tags/ Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded on the Services that collects information about users’ engagement. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.

      Our uses of such Technologies fall into the following general categories:

      • Operationally Necessary. This includes Technologies that allow you access to our Services that are required to identify irregular behavior, prevent fraudulent activity and improve security or that allow you to make use of our functions;
      • Performance Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;
      • Functionality Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services, keeping track of your specified preferences or past pages viewed;
      • Advertising or Targeting Related. We may use first party or third-party Technologies to develop and deliver content, including ads relevant to your interests, on our Services or on third-party sites.

    8. Analytics. We may also use Google Analytics and other service providers to collect information regarding visitor behavior and visitor demographics on our Site and Services. For more information about Google Analytics, please visit You can opt out of Google’s collection and Processing of data generated by your use of the Services by going to
    9. Third Party Websites/Applications and Software Development Kits. The Services may contain links to other websites/applications and other websites/applications may reference or link to our Site or other Services. These other domains and websites are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.

      We may use third party APIs and software development kits (“SDKs”) as part of the functionality of our Services. APIs and SDKs may allow third parties including advertising partners to collect your Personal Information to provide content that is more relevant to you. For more information about our use of APIs and SDKs, please contact us as set forth below.

  5. How We May Disclose Your Information.
    1. We Use Service Providers. We may share any Personal Information we collect about you with our third-party service providers. The types of service providers to whom we entrust Personal Information include service providers for: (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) invoice processing; (iv) customer service activities; and (v) the provision of the Services.
    2. Business Partners. We may provide relevant Personal Information to business partners to provide you with a product or service you have requested. We may also provide relevant Personal Information to business partners with whom we jointly offer products or services. In such cases, our business partner’s name will appear along with ours.
    3. Marketing – Interest-Based Advertising and Third -Party Marketing. Through our Services, Caisson may allow third-party advertising partners to set Technologies and other tracking tools to collect information regarding your activities and your device (e.g., your IP address, mobile identifiers, page(s) visited, location, time of day). These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third party websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising.” We may allow access to other data collected by the Site and Services to share information that may be useful, relevant, valuable or otherwise of interest to you. If you prefer not to share your Personal Information with third party advertising partners, you may follow the instructions below.
    4. Disclosures to Protect Us or Others. We may access, preserve, and disclose your Personal Information if we believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) protect your, our or others’ rights, property, or safety; (iii) to collect amounts owed to us; (iv) when we believe disclosure is necessary or appropriate to prevent financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (v) if we, in good faith, believe that disclosure is otherwise necessary or advisable.
    5. Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.
  6. International Data Transfers. You agree that all information Processed by us may be transferred, Processed, and stored anywhere in the world, including but not limited to, the European Union, the United States or other countries. Personal Information may be stored in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers.
  7. Your Choices
    1. General. You may have the right to object to or opt out of certain uses of your Personal Information. Where you have consented to the Processing of your Personal Information, you may withdraw that consent at any time by contacting us as described below.
    2. Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to this Privacy Policy).
    3. Do Not Track”. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
    4. Cookies and Interest-Based Advertising. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these, and also learn more about targeted advertising and consumer choice and privacy, at,,, and Alternatively, for some devices you may use your device's platform controls in your settings to exercise choice.

      Please note you must separately opt out in each browser and on each device. Advertisements on third-party websites that contain the AdChoices link may have been directed to you based on information collected by advertising partners over time and across websites. These advertisements provide a mechanism to opt out of the advertising partners’ use of this information for interest-based advertising purposes.

  8. Access, Rectification, Erasure, and Restriction. In accordance with applicable law, you may have the right to: (i) request confirmation of whether we are Processing your Personal Information; (ii) obtain access to or a copy of your Personal Information; (iii) receive an electronic copy of Personal Information that you have provided to us, or ask us to send that information to another company (the “right of data portability”); (iv) restrict our uses of your Personal Information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly Processed Personal Information; and (vi) request erasure of Personal Information held about you by Caisson, subject to certain exceptions prescribed by law. If you would like to exercise any of these rights, please contact us as set forth below.

    We will process such requests in accordance with applicable laws. To protect your privacy, Caisson will take steps to verify your identity before fulfilling your request.

  9. Data Retention. We retain the Personal Information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
  10. Security of Your Information. We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure.

    By using the Services or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an e-mail to you.

  11. Children’s Information. The Site and Services are not directed to children under 13 (or other age as required by local law), and we do not knowingly collect Personal Information from children. If you learn that your child has provided us with Personal Information without your consent, you may contact us as set forth below. If we learn that we have collected any Personal Information in violation of applicable law, we will promptly take steps to delete such information.
  12. California Privacy Rights. California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties. Except as otherwise provided in this Privacy Policy, Caisson does not share Personal Information with third parties for their own marketing purposes.
  13. Supervisory Authority. If you are located in the European Economic Area, you have the right to lodge a complaint with a supervisory authority if you believe our Processing of your Personal Information violates applicable law.
  14. Changes to Our Privacy Policy. We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use the Services after the new Privacy Policy takes effect.
  15. Contact Us.

    If you have any questions about our privacy practices or this Privacy Policy, please contact us at:

    Caisson, Corp
    120 E 23rd ST
    New York, NY 10010

  16. Definitions.

    • Personal Information” means information that (i) relates to you and (ii) can – either on its own or in combination with other information – identify you as an Individual. Personal Information does not include Caisson Customer Data, Customer Materials, or data that has been de-identified or aggregated such that you can no longer be identified.
    • Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.