You need to enable JavaScript in order to use the AI chatbot tool powered by ChatBot Skip to main content

Identifize Privacy Policy

Effective Date: January 22, 2026

Who We Are

Identifize LLC (“Identifize,” “we,” “our,” “us”) provides QR/NFC stickers, tags, and cards that connect physical items to digital information, plus related mobile apps and websites (collectively, the “Services”). This Privacy Policy explains what we collect, how we use and share information, and the choices and rights you have.

Scope

This Policy applies to our consumer and business-facing Services in the United States. Our Services are intended for U.S. users.

Quick Summary

We collect account info and usage data, and—only if you choose—optional medical/emergency details and precise location for specific features. We do not sell or share your personal information for cross-context behavioral advertising. If that ever changes, we will add a “Do Not Sell or Share My Personal Information” link and honor Global Privacy Control and other universal opt-out signals.

You control what a finder can see when they scan your item. Public pages are public—don’t include anything you wouldn’t want a stranger to view. You can access, correct, delete, or export your data and appeal any decision. We honor Global Privacy Control and other state-required universal opt-out signals.

1. Information We Collect

A. Information You Provide

Account & Profile: Name, email, phone, password, profile photo, and items/tags you activate.

Transactions: Product orders, shipping details, subscription tier, and in-app purchases. Payments are processed by our payment processor; we receive limited billing metadata.

Item Profiles & Notes: Content you choose to add to an item’s digital identity, such as descriptions, container/organization notes, and emergency contacts.

Optional Medical/Emergency Data: Allergies, medications, conditions, and emergency contacts. We collect and use this only with your opt-in consent to power features you request (such as emergency info visible to a finder), and not for advertising.

Communications: Messages you send us (support, feedback) and your marketing preferences.

B. Information Collected Automatically

Device/Usage Data: App and browser identifiers, operating system, IP address, device settings, crash logs, and in-app navigation.

Location: Precise location (e.g., GPS, Wi-Fi, Bluetooth) only if you opt in to features that need it. Approximate location (e.g., city/ZIP) may be inferred from IP for content delivery and security/fraud prevention.

When Someone Scans Your Item: We may log the finder’s browser/device metadata, approximate location derived from IP, time/date, and the item identifier to deliver the page, secure the Service, prevent abuse, and show you scan activity. If a finder uses our contact form, we collect the info they provide.

C. Cookies and Tracking Technologies

We use cookies and similar technologies (pixels, SDKs, local storage) to operate and improve our Services.

Essential Cookies: Required for basic functionality like authentication, security, and remembering your preferences. These cannot be disabled.

Analytics Cookies: Help us understand how users interact with our Services. 

We do not use advertising cookies or allow third-party advertising networks to collect information through our Services.

You can control cookies through your browser settings and mobile device settings (iOS and Android provide app tracking controls). We honor Global Privacy Control (GPC) signals, which we treat as an opt-out of any non-essential tracking. Blocking essential cookies may prevent you from using some features.

Do Not Track: Some browsers offer a “Do Not Track” (DNT) setting. There is no industry standard for DNT, and we do not currently respond to DNT signals. However, we do honor GPC signals as described above.

2. How We Use Information

We use your information to:

  • Provide and maintain the Services, power features you select, authenticate access, troubleshoot, and improve safety/reliability
  • Show or hide public item details according to your settings and share your chosen contact method with finders who contact you
  • Communicate about your account, transactions, product updates, and (if you opt in) marketing
  • Secure our Services, prevent fraud/abuse, and protect users and the public
  • Comply with law and enforce our terms

We may use artificial intelligence and machine learning to improve our Services. We do not use AI to make decisions that significantly affect you without human review.

Sensitive Data: We process precise location and medical/emergency info only with your opt-in consent, for the limited purposes described above, not for targeted advertising or sale/share.

3. How We Disclose Information

At Your Direction: If you configure an item’s page as public, anyone who scans the QR/NFC can see the fields you make public. You can remove information or delete your item at any time.

Service Providers: Vendors that perform services for us (hosting, support, analytics, email/SMS, security, payments, shipping). They may access personal information only to perform services for us and must protect it.

Corporate Transactions: If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, we may transfer data as part of that transaction, consistent with this Policy.

Legal & Safety: To comply with law or legal process; to protect the rights, property, or safety of Identifize, our users, or others; or to detect/prevent fraud, security, or technical issues.

No Sale/Share for Ads: We do not sell or share personal information for cross-context behavioral advertising. If we later engage in such activity, we will update this Policy, provide an opt-out link, and honor GPC signals.

4. Notice at Collection

The following table summarizes the categories of information we collect, why we collect it, and how long we keep it:

Category Examples Purposes Retention
Identifiers Name, email, phone, account ID, item/tag IDs Account creation, authentication, support Life of account + 2 years
Commercial info Orders, subscription tier, in-app purchases Fulfillment, accounting, fraud prevention 7 years
Internet/Network activity App events, IP, device/browser metadata Security, diagnostics, improvement 30 days
Scan activity Item scans via QR or NFC Track scan counts Until account deletion
Geolocation Precise (opt-in); approximate via IP Features you request; security 30 days
User content Item descriptions, notes, images Provide item identities Until deletion
Inferences Basic analytics (no ad profiling) Improve features, anti-abuse 12 months
Sensitive data Medical/emergency info; precise location (opt-in) Safety/emergency features Until you remove it

We may retain data longer to resolve disputes, enforce terms, or comply with law. Where feasible, we minimize and anonymize.

5. Your Choices and Rights

Controls

Profile Visibility: Choose which fields appear on a public scan page.

Sensitive Data: Provide/remove medical/emergency details; enable/disable precise location.

Marketing: Opt in/out of promotional emails/SMS.

Global Signals: We honor Global Privacy Control and other state-required universal opt-out mechanisms.

Privacy Rights

We honor privacy rights broadly, even where not required by law. You can access, correct, delete, and export your personal information, and opt out of targeted advertising, sale, or certain profiling (where applicable). You can also appeal our decision if we decline your request.

How to Exercise: Email support@identifize.co or use in-app settings. We’ll verify your request and respond within 45 days (we may extend once by 45 days where permitted). If we deny, you may appeal using the instructions in our reply. Authorized agents may submit requests as allowed by law.

We won’t discriminate against you for exercising your rights.

6. Children’s Privacy (COPPA Compliance)

Age Requirements and Parental Responsibility

Our Services are intended for users 13 and older. We do not knowingly collect personal information directly from children under 13, and children under 13 may not create accounts.

We do not collect or verify age information from account holders. By creating an account, you represent that you are at least 13 years old (or the age of majority in your jurisdiction, if higher).

If a parent or legal guardian chooses to use their own account to create item profiles for a child under 13 (e.g., for school items, medical alerts, lost-item recovery), that is the parent’s decision. The parent is solely responsible for determining what information to include and display. We do not independently verify the relationship between an account holder and any person whose information they add.

If we learn that we have collected personal information directly from a child under 13 without a parent’s involvement, we will delete it promptly.

Information Collected for Children’s Items

We collect only the information a parent/guardian provides, which may include a child’s first name/nickname, emergency contact details, and medical/allergy notes. We use this information solely to display parent-approved information when the item is scanned, support lost-item return or emergency communication, and maintain the parent’s account.

Scans of Children’s Items

When an item linked to a child is scanned, only parent-approved information is shown. We collect limited device/browser metadata and approximate IP location for security and scan reporting. Parents can view all scan activity in their account.

Parental Rights

Parents/guardians may at any time review all information associated with a child’s item, delete a child’s item and its data, modify or limit information collection, and control what is displayed during scans.

Educational Use (FERPA)

If schools use Identifize for students, the school obtains required parental consents and acts as the data controller. We act as a service provider and follow the school’s instructions. We do not use student data for advertising or non-educational profiling. FERPA inquiries should be directed to the school.

Connected Toys Clarification

Identifize QR/NFC items are not connected toys under COPPA. They do not independently connect to the Internet or transmit data; they are passive devices activated only when scanned.

If we learn that we have collected personal information directly from a child under 13 without parental consent, we will delete it promptly. For concerns, contact support@identifize.co. For more information about COPPA, visit www.ftc.gov/privacy/coppa.

7. Security; Health Breach Notices

We implement administrative, technical, and physical safeguards designed to protect personal information. No security program is perfect; we continuously improve controls.

If we qualify as a vendor of personal health records and there’s a breach of unsecured PHR-identifiable health information, we will provide notices consistent with the FTC Health Breach Notification Rule.

8. Data Transfers; U.S. Audience

We operate in the United States. If you access the Services from outside the U.S., your information will be processed in the U.S.

9. Changes to This Policy

We may update this Policy. If we make material changes, we will notify you (e.g., in-app, by email) and indicate the effective date. Where required, we will obtain your consent.

10. Contact Us

For questions or privacy requests, email support@identifize.co.

Postal address: Identifize LLC, 548 Market Street, Suite 27620, San Francisco, CA 94104

11. Additional Notes for Businesses

If you use Identifize for your business (e.g., asset tags for employees/customers), you are responsible for your own privacy notices and for honoring your legal obligations as a controller/employer with respect to data you collect from your users or workforce. Obtain any required consents before populating profiles with others’ personal information.

12. Accessibility

We aim to make this Policy accessible. If you need it in an alternative format, contact support@identifize.co.

13. Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, or as required by law.

Active Account Data: Your profile, item content, medical/emergency information, and scan activity are retained until you delete them or delete your account.

Short-Term Operational Data: Logs (usage, diagnostics, IP addresses) and all geolocation data are automatically deleted after 30 days.

Transaction Records: Orders, payments, and related financial records are retained for 7 years for accounting, tax, and legal compliance.

Inactive Accounts: If you stop using your account, we will delete or anonymize your data 2 years after your last activity (unless you have active subscriptions or we’re legally required to retain it).

Account Deletion: When you delete your account or specific data, we remove it from active systems within 30 days. Backup systems may retain data for up to 90 additional days for disaster recovery.

Legal Holds: If data is subject to litigation, investigation, or regulatory inquiry, we retain it until the matter is resolved.

We may retain anonymized or aggregated data indefinitely for analytics and service improvement. To request deletion of your data, contact support@identifize.co.

14. State-Specific Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Montana, Oregon, Texas, Florida, Iowa, Delaware, New Jersey, New Hampshire, Nebraska, Maryland, Minnesota, Tennessee, Kentucky, or Rhode Island, you have additional privacy rights under your state’s privacy law.

Standard Rights (VA, CO, CT, MT, TN, DE, NH, FL, KY, RI)

Residents of these states have the following rights:

  • Right to confirm whether we process your personal data and access it
  • Right to correct inaccuracies in your personal data
  • Right to delete personal data you provided
  • Right to obtain your personal data in a portable format
  • Right to opt out of targeted advertising, sale of personal data, and profiling for legal/significant decisions

We do not engage in targeted advertising, sale of personal data, or profiling for legal/significant decisions.

How to Exercise: Email support@identifize.co. Response time: 45 days (may extend 45 additional days with notice).

Appeals: Email support@identifize.co with “[State Name] Appeal” in the subject line. We will respond within 60 days (Colorado: 45 days). If denied, contact your state Attorney General.

State Attorney General contacts:

  • Virginia: oag.state.va.us | 202 North 9th Street, Richmond, VA 23219
  • Colorado: coag.gov | 1300 Broadway, 10th Floor, Denver, CO 80203
  • Connecticut: portal.ct.gov/ag | 165 Capitol Avenue, Hartford, CT 06106
  • Montana: dojmt.gov | 215 N Sanders St, Helena, MT 59601
  • Tennessee: tn.gov/attorneygeneral | P.O. Box 20207, Nashville, TN 37202
  • Delaware: attgen.delaware.gov | 820 N. French Street, 5th Floor, Wilmington, DE 19801
  • New Hampshire: doj.nh.gov | 33 Capitol Street, Concord, NH 03301
  • Florida: myfloridalegal.com | The Capitol PL-01, Tallahassee, FL 32399-1050
  • Kentucky: ag.ky.gov | 1024 Capital Center Drive, Suite 200, Frankfort, KY 40601
  • Rhode Island: riag.ri.gov | 150 South Main Street, Providence, RI 02903

Special requirements: Colorado and Delaware honor Global Privacy Control (GPC) and universal opt-out mechanisms.

California Residents (CCPA/CPRA)

In addition to the standard rights above, California residents have the right to know the categories and specific pieces of personal information collected, sources, purposes, third parties, and sale/sharing disclosure; the right to limit use of sensitive personal information to CCPA-authorized purposes; and the right to non-discrimination for exercising CCPA rights.

We do not sell or share personal information. Under California’s “Shine the Light” law, we do not disclose personal information to third parties for direct marketing. Minors under 18 may request removal of posted content at support@identifize.co.

California metrics for January 1 – December 31, 2025: Requests to Know (0 received); Requests to Delete (0 received); Requests to Correct (0 received); Opt-Out Requests (0 received). To file a complaint, contact the California Attorney General at oag.ca.gov.

How to Exercise: Email support@identifize.co. Response time: 45 days (may extend to 90 days with notice). Authorized agents must provide written authorization and identity verification. We honor GPC signals.

Washington & Nevada Residents (Consumer Health Data)

This section governs Consumer Health Data (CHD) such as medical conditions, medications, allergies, and emergency details you choose to store.

CHD we collect (optional) includes conditions, allergies, medications, emergency contacts, and other health/safety data you add. This information comes directly from you and is used to display the emergency/safety information you choose. We share CHD only with service providers under contract; we do not sell CHD. We retain CHD until you remove it or delete your account.

Your rights include access, deletion, withdrawal of consent, and appeal. Separate opt-in consent is required to collect CHD not strictly necessary for your requested feature. We do not use prohibited geofencing practices.

Utah & Iowa Residents

Utah residents have rights under the Utah Consumer Privacy Act (UCPA), and Iowa residents have rights under the Iowa Consumer Data Protection Act (ICDPA). Rights are similar to the standard rights above. Iowa’s right to delete is limited for third-party data.

How to Exercise: Email support@identifize.co. Response time: Utah 45 days, Iowa 90 days (may extend 45 additional days).

Contacts: Utah Division of Consumer Protection (consumerprotection.utah.gov, PO Box 146704, Salt Lake City, UT 84114-6704); Iowa Attorney General (iowaattorneygeneral.gov, 1305 E. Walnut Street, Des Moines, IA 50319).

Oregon Residents (OCPA)

We do not engage in targeted advertising for any users regardless of age. We do not sell precise geolocation data. We provide enhanced protections for health data and honor universal opt-out mechanisms.

How to Exercise: Email support@identifize.co. Response time: 45 days. Appeals: Email with “Oregon Appeal” in subject. If denied, contact Oregon Attorney General at doj.state.or.us, 1162 Court Street NE, Salem, OR 97301.

Texas Residents (TDPSA)

Rights are the same as standard states above. If we collect biometric identifiers, we will obtain informed written consent before collection, provide specific notice, publicly post retention and destruction schedule, and destroy within reasonable time after purpose fulfilled or within 1 year of last interaction.

How to Exercise: Email support@identifize.co. Response time: 45 days. Appeals: Email with “Texas Appeal” in subject; response within 60 days. If denied, contact Texas Attorney General at texasattorneygeneral.gov, P.O. Box 12548, Austin, TX 78711-2548.

New Jersey Residents (NJDPA)

Rights include standard rights plus opt-out of profiling. New Jersey law requires affirmative consent before processing personal data of consumers aged 13–17 for targeted advertising, sale, or profiling. We do not engage in these practices for any users. We honor universal opt-out mechanisms.

How to Exercise: Email support@identifize.co. Response time: 45 days. Appeals: Email with “New Jersey Appeal” in subject; response within 60 days. If denied, contact NJ Division of Consumer Affairs at njconsumeraffairs.gov, 124 Halsey Street, 7th Floor, Newark, NJ 07102.

Nebraska Residents (NDPA)

Rights are the same as standard states above. We must obtain consent before processing or selling sensitive personal data. We do not sell sensitive personal data.

How to Exercise: Email support@identifize.co. Response time: 45 days. Appeals: Email with “Nebraska Appeal” in subject; response within 60 days. If denied, contact Nebraska Attorney General at ago.nebraska.gov, 2115 State Capitol, Lincoln, NE 68509.

Maryland Residents (MOPDA)

Rights are the same as standard states above. Maryland-specific requirements: We collect only personal data reasonably necessary for our Services. We do not engage in targeted advertising or sell personal data for any users. If we authorize third-party processing inconsistent with the original purpose, we notify you and obtain consent. We conduct data protection assessments as required by law.

How to Exercise: Email support@identifize.co. Response time: 45 days. Appeals: Email with “Maryland Appeal” in subject; response within 60 days. If denied, contact Maryland Attorney General at marylandattorneygeneral.gov, 200 St. Paul Place, Baltimore, MD 21202.

Minnesota Residents (MCDPA)

Rights are the same as standard states above.

Minnesota Privacy Officer: Leah Lamstein, Manager, support@identifize.co, 415-300-7173.

How to Exercise: Email support@identifize.co. Response time: 45 days. Appeals: Email with “Minnesota Appeal” in subject; response within 60 days. If denied, contact Minnesota Attorney General at ag.state.mn.us, 445 Minnesota Street, Suite 1400, St. Paul, MN 55101.

Support Center

About Us

News/Media

Privacy Center

Support Center
FAQs
Get Help

About Us
Company
Sustainability

News/Media
Media Inquiries

Privacy Center
Privacy Policy
Terms of Service

Site Design by The Web Stylist

© 2026 Identifize LLC