Privacy Policy
Last updated: 06/12/2024
Biofire values your right to keep your data private from others, including Biofire. Biofire makes the following promises to you:
- Biofire can NEVER access the biometric data you enroll into your Smart Gun, even if Biofire is compelled by regulators/authorities
- Biofire will NEVER sell or rent any of your data to third parties
- Biofire can NEVER collect any location data about your Smart Gun, and your Smart Gun has no way of determining its location
- Biofire can NEVER collect information on the names or identities of users authorized to use the Smart Gun
- Biofire can NEVER collect or access any other potentially personally identifiable data from your Smart Gun without your explicit authorization
- Authorization can only be provided via physical Owner access to your Smart Gun.
- Situations in which we may request that you share potentially personally identifiable information include during a support case with Biofire Support and as a condition of participation in certain Early Access and Beta programs.
- Biofire collects aggregated and deidentified (e.g., your data can never be traced back to you) performance data to help Biofire build better products and deliver better services
- We may collect this data during routine service operations and if you choose to connect your Dock to Wi-Fi.
- You ALWAYS have the option to not connect your Dock to Wi-Fi
- Biofire recommends that you keep your Dock connected to Wi-Fi, but if you choose not to, your Smart Gun will function normally; if a critical update is required, Biofire will reach out to you to provide a method to update other than connecting to Wi-Fi.
- Choosing to not connect your Dock to Wi-Fi limits the features that we can provide if those features rely on internet connectivity, such as notifications.
Biofire Hermes Inc. (“Biofire,” the “Company,” “we,” “us,” or “our”) values your privacy. This Privacy Policy (“Policy”) describes how we collect, use, disclose, and otherwise process Personal Information (as defined below) and our information practices regarding Personal Information, when you visit our website at https://smartgun.com/ (our “Website”), use our mobile application (our “App”), otherwise interact with us online or offline, including using the Dock (collectively with our Website and our App, our “Services”), or use our products, including the Smart Gun (our “Products”).
By using our Services or Products, you agree that your Personal Information will be handled as described in this Policy. Your use of our Services and Products, and any dispute over privacy is subject to this Policy, our Reservation Terms (available at https://smartgun.com/legal/reservation-terms), if applicable, our Purchase Terms (available at https://smartgun.com/legal/purchase-terms), if applicable, and our Account Terms (available at https://smartgun.com/legal/account-terms) including limitations on damages and resolution of disputes.
Please note, depending on how you interact or engage with us, we may provide you other privacy notices with additional details about our information practices.
Residents of certain states may have additional rights concerning their Personal Information under the laws of those states. If you are a resident of California, please refer to the “California Privacy Rights” section below.
Table of Contents
1. Personal Information We Collect
2. How We May Use Personal Information
3. How We May Disclose Personal Information
4. Cookies and Other Tracking Mechanisms
5. California Privacy Rights
6. Retention of Personal Information
7. Children’s Information
8. External Links and Features
9. Security
10. Changes to this Policy
11. Contact Us
1. Personal Information We Collect
As further described below, we may collect information that identifies, describes, or is reasonably capable of being associated with you (“Personal Information”) directly from you, automatically through your use of our Services and Products, and from other sources described below.
Personal Information We Collect Directly from You. While the Personal Information we collect varies depending on your use of our Services and Products, and our interactions with you, in general, we may collect the following Personal Information from our visitors, prospective customers, customers, and other business contacts:
- Identifiers. When you contact us, register for an account, or otherwise communicate with us, we may collect information including your name, email address, phone number, date of birth, and any other information you may choose to provide.
- Product Purchase. When you purchase Products, we may collect information related to such purchase, including your credit card information, shipping address, billing address, email, and date of birth.
- Grip Sizing Information. When you purchase a Biofire Smart Gun, we may ask you to provide images and data about your hand size. This information will not include any biometric data.
- Service and Warranty Requests. When you contact us regarding service and warranty claims regarding Products, we will collect information related to such service or warranty, including shipping and return information.
- Responses and Feedback. If you participate in our surveys, we may collect your response and feedback, such as user satisfaction or other information related to your use of our Services and Products, and any other information you may choose to provide.
- Events and Other Requests. We may also collect information related to your participation in our events as well as other requests you submit to us related to our Services and Products. For example, if you register to attend an event that we host or sponsor, we may collect information related to your registration for and participation in such event.
- Sensitive Personal Information. We may collect Sensitive Personal Information (as defined in the California Privacy Rights Act 2020), such as credit card information.
Personal Information We Collect Automatically. We may automatically collect Personal Information related to your use of our Products, and related to your use of our Services, including through the use of cookies, pixel tags, and other similar technologies. The Personal Information we may automatically collect includes:
- Device and Browsing Information. When you use our Services and if you connect Products to Wi-Fi, we may collect your IP address, browser type, domain names, access times, date/time stamps, operating system, language, device type, unique ID, internet service provider, referring and exiting URLs, clickstream data, and similar device and browsing information.
- Activities and Usage. We also collect activity information related to your use of our Services, such as information about the links clicked, searches, features used, items viewed, time spent within our Services, your interactions with us within our Services, and other activity and usage information.
- Location Information. We may also collect or derive location information about you, such as through your IP address. If you choose to enable location-based sharing with us through your device settings, we may collect precise location information, such as GPS coordinates, to provide content that is more relevant to your location and to otherwise improve your interactions with our Services. You may turn off location data sharing through your device settings.
- Product Information. We may collect aggregated and de-identified performance data relating to your use of our Products and Services. If the owner of a Smart Gun expressly opts in, we may also collect potentially personally identifiable information as provided in such opt in request.
For more information about our use of cookies and other similar technologies, please see the “Cookies and Other Tracking Mechanisms” section below.
Personal Information We Collect from Other Sources. In addition, we may collect and receive certain Personal Information from business partners, clients and customers, analytics firms, social networks, operating systems and platforms, and vendors and service providers who provide services or perform functions on our behalf. For example, we may collect your name, and contact information from our business partners, and vendors and service providers. We also may receive certain Personal Information from our customers and clients for purposes of administering our Services, or data analytics and marketing providers for purposes of reaching new customers.
Biometric Information. The Biofire Smart Gun collects biometric data in order to function, however, such collected biometric data is stored locally on the Smart Gun in an encrypted format and never leaves your device. Biofire has no access to such biometric data. You control the biometric information held on your Smart Gun and can choose to delete the biometric data held on the Smart Gun at any time. If you choose to delete the biometric data for any reason, including transferring your Smart Gun, all such biometric data is permanently deleted.
2. How We May Use Personal Information
We collect Personal Information about you for the following purposes:
- Purchases. To complete purchase and reservation transactions for Products and Services.
- Services and Support. To allow you to maintain your account with us, provide and operate our Services, communicate with you about your use of our Services, provide troubleshooting and technical support, respond to your inquiries, communicate with you about the Services, provide support for Products, and to otherwise run our day-to-day operations.
- Analytics and Improvement. To better understand how users access and use our Services and Products, and for other research and analytical purposes, such as to evaluate and improve our Services and business operations, to develop our Services and its features, and for internal quality control and training purposes. We may also use Personal Information to train algorithms and machine learning models to improve our Products and Services, provided for clarity, that none of your biometric data can be accessed by Biofire and such data will not be used for any such training.
- Communicate With You. To respond to your inquiries, send you requested materials and content, as well as information and materials regarding our Products and Services, and to communicate with you through email messages about our Products and Services. We also use this information to send administrative information to you, for example, information regarding our Products and Services and changes to our terms, conditions, and policies.
- Research and Surveys. To administer surveys and questionnaires, such as for market research or user satisfaction purposes.
- Planning and Managing Events. For event planning and management purposes, including registration, attendance, and contacting you about relevant events and Services.
- Security and Protection of Rights. To protect our Products and Services and our business operations, and to protect our rights or those of our stakeholders; to prevent and detect fraud, unauthorized activities and access, and other misuse; where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms of Use.
- Defending Our Legal Rights. Including to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with third parties.
- Compliance and Legal Process. To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
- Auditing, Reporting, and Other Internal Operations. To conduct financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions, and to maintain appropriate business records and enforce Company policies and procedures.
- General Business and Operational Support. To assess and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and to administer our business, accounting, auditing, compliance, recordkeeping, and legal functions.
3. How We May Disclose Personal Information
We may disclose the Personal Information we collect for the purposes described above and as follows:
- Affiliates, Subsidiaries, and Business Partners. We may disclose the Personal Information we collect to our corporate affiliates and subsidiaries in order to operate our business, provide our Services, and to sell and support our Products. Biofire also partners with other businesses to operate our business, provide our Services, and operate our business, including completing purchase transactions for Products, and we may disclose Personal Information to those business partners.
- Vendors and Services Providers. We may disclose the Personal Information we collect to vendors and service providers who perform functions on our behalf, such as IT and website hosting, marketing and marketing research providers, customer support, data storage, payment processing providers, data analytics providers, auditors, consultants and legal counsel.
Marketing and Analytics Providers. We may also disclose your Personal Information, such as device and browsing, and activities and usage information, to marketing and advertising networks, data analytics providers, and other companies who provide marketing or analytics services on our behalf. For more information see the “Cookies and Other Tracking Mechanisms” section below.
We may also disclose your Personal Information in the following circumstances:
- In Support of Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may disclose or transfer the Personal Information we have collected from you with or to the other company. We may also disclose certain Personal Information as necessary prior to the completion of such a transaction or other corporate transaction such as a financing or restructuring, to lenders, auditors, and third-party advisors, including attorneys and consultants.
- Compliance and Legal Obligations. To comply with our legal and compliance obligations and to respond to the legal process. For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements.
- Security and Protection of Rights. Where we believe doing so is necessary to protect our Services and Products, our rights and property, or the rights, property, and safety of others. For example, we may disclose Personal Information to (i) prevent, detect, investigate, and respond to fraud, unauthorized activities and access, illegal activities, and misuse of our Services and Products, (ii) situations involving potential threats to the health, safety, or legal rights of any person or third party, or (iii) enforce, detect, investigate, and take action in response to violations of our Terms of Use. We may also disclose Personal Information related to litigation and other legal claims or proceedings in which we are involved, as well as for our internal accounting, auditing, compliance, recordkeeping, and legal functions.
- Aggregate and Deidentified Information. Notwithstanding anything else in this Policy, we may use, disclose, sell, and otherwise process aggregate and deidentified information related to our business, our Services, and our Products with third parties for quality control, analytics, research, development, and other purposes.
- Other Disclosures. We may disclose Personal Information in other ways not described above that we notify you of or that we obtain your consent for.
4. Cookies and Other Tracking Mechanisms
We use cookies and other tracking mechanisms to track information about your use of our Website.
Cookies. Cookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Website and Services, while others are used to enable a faster log-in process or to allow us to track your activities at our Website. There are two types of cookies: session and persistent cookies.
- Session Cookies. Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into your account with us. This allows us to process your online transactions and requests and verify your identity after you have logged in, as you move through our Website and Services.
- Persistent Cookies. Persistent cookies remain on your device after you have closed your browser or turned off your device. We use persistent cookies to track aggregate and statistical information about user activity.
Clear GIFs, Pixel Tags, and other Technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web and app pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Website to, among other things, track the activities of Website visitors and app users, help us manage content, and compile statistics about Website usage. We and our third-party service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
Third-Party Analytics. We may use automated devices and applications, such as Google Analytics, which are operated by third party companies, to evaluate usage of our Website and Services. These third-party analytics companies use cookies, pixels, and other tracking technologies to collect usage data about our Services to provide us with reports and metrics that help us evaluate usage of our Services, improve our Websites, and enhance performance and user experiences. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/partners/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.
Social and Content Cookies. Many social media plugins use social and content cookies (for example, The Facebook “like” button), and other tools meant to provide or improve the content on a Website. We integrate these modules into Biofire’s platform to improve the experience of browsing and interacting with the Website. Please note, some of these third-party services places cookies that are also used for things like behavioral advertising, analytics, and/or market research. Biofire does not set any additional cookies relating to your use of these embedded social and content cookies. However, if you choose to click on these links and they take you to a third-party website, the third-party may place additional cookies on its own. These third-party cookies fall outside the scope of this Privacy Policy. We encourage you to review their Privacy Policy and/or reach out to the third-party if you have questions about how they track your use of the embedded content on the Website.
Third-Party Ad Networks. We work with third parties, such as ad networks, channel partners, mobile ad networks, analytics and measurement services and others (“third-party ad companies”) to personalize content and display advertising within our Services, as well as to manage our advertising on third-party sites, mobile apps and online services. We and these third-party ad companies may use cookies, pixels tags, and other tools to collect activity information within our Services (as well as on third-party sites and services), as well as IP address, location information, unique ID, cookie and advertising IDs, and other identifiers. We and these third-party ad companies use this information to provide you with more relevant ads and content within our Services and on third-party sites and apps, and to evaluate the success of such ads and content.
Tracking and Advertising Choices. We allow you to manage your preferences and privacy choices, as described below:
- Cookie Settings. To prevent cookies from tracking your activity on our Website or visits across multiple websites, you can set your browser to block certain cookies or notify you when a cookie is set; you can also delete cookies. The “Help” portion of the toolbar on most browsers will tell you how to prevent your device from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to delete cookies. Visitors to our Website who disable cookies will be able to browse the website, but some features may not function.
- Industry Solutions for Opting Out of Interest-based Advertising. Notwithstanding the above, you may follow the steps provided by initiatives that educate users on how to set tracking preferences for most online advertising tools. These resources include the Network Advertising Initiative (https://thenai.org/about-online-advertising/) and the Digital Advertising Alliance (https://digitaladvertisingalliance.org/). The Digital Advertising Alliance also offers an application called AppChoices (https://youradchoices.com/appchoices) that helps users to control interest-based advertising on mobile apps.
- Marketing Communications. You may consent or withdraw your consent to our use of your Personal Information for marketing at any time by following the instructions to unsubscribe included in each marketing-related email sent to you. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you administrative messages relevant to any Products that you have purchased.
- Google Analytics. You can download the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.
5. California Privacy Rights
This section provides additional information for California residents pursuant to the California Consumer Privacy Act 2021 as amended by the California Privacy Rights Act 2020 (the “CPRA”) and its implementing regulations (the "CCPA"). To the extent that Biofire is subject to the CPRA and the CCPA, and you are a resident of California, including our customers and business-to-business contacts and we collect Personal Information subject to the CCPA, the following section applies.
The Right to Know/Access
With respect to the Personal Information we have collected about you, you have the right to request (up to twice per year and subject to certain exemptions):
- The categories or Personal Information we collected about you;
- The categories of sources from which the Personal Information is collected;
- Our business or commercial purposes for collecting, selling, or sharing Personal Information;
- The categories of third parties to whom we disclosed Personal Information; and
- A copy of the specific pieces of Personal Information we have collected about you.
The Right to Delete
You have the right to request we delete your Personal Information. Please note, we are not obligated to delete Personal Information that is related to your purchase of our Products, which is necessary to provide our Services you request, that is necessary to provide service for Products, or that is necessary to comply with applicable laws. Please further note that simply logging out or uninstalling an app does not delete your account or the Personal Information we may have collected.
The Right to Correct
You have the right to request that we correct inaccuracies in your Personal Information.
The Right to Opt-Out
California residents may have the right to opt-out of “sales” or “sharing” of their Personal Information under the CCPA. CCPA defines a "sale" as disclosing or making Personal Information available to a third-party in exchange for monetary or other valuable consideration. CCPA also defines “sharing” as disclosing or making available Personal Information to a third party for purposes of cross-context behavioral advertising. While we do not disclose Personal Information to third parties in exchange for monetary compensation, we may “sell” or “share” (as defined by the CCPA) Personal Information, such as identifiers and internet and electronic network activity information to third-party analytics providers. We do so in order to improve and evaluate our Website and better reach customers and prospective customers.
Please note that submitting an opt out request will only opt you out of disclosures that are considered “sales” or “sharing” under the CCPA, but it will not opt out of other disclosures, such as to our service providers.
We do not sell or share sensitive Personal Information, nor do we sell or share any Personal Information about individuals who we know are under twenty-one (21) years old.
Right to Limit Use and Disclosure
Subject to certain conditions and exceptions, you may have the right to limit the use and disclosure of “Sensitive Personal Information,” as defined under the CPRA. However, we do not engage in activities triggering this right.
The Right to Non-Discrimination
We will not unlawfully discriminate against you for exercising any of these rights.
How to Exercise Your Privacy Rights
To submit a request to exercise these rights you may use one of the following two methods:
- Email: privacy@biofire.io.
- Mail: Legal Department, Biofire Hermes Inc., PO Box 408, Broomfield, Colorado 80038
For all requests, please clearly state that the request is related to “Your California Privacy Rights,” indicate which type of request you are making, and provide your name, street address, city, state, zip code, and email address or phone number where we may contact you. Before responding to your request, we must first verify your identity using the Personal Information you recently provided to us. If we are not able to verify your request we will contact you for more information. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial. We are not responsible for notices that are not labeled or sent properly or that do not include complete information.
Designating an Authorized Agent
You may designate someone to submit requests and act on your behalf (an "Authorized Agent"). To do so, you must provide us with written permission to allow your Authorized Agent to act on your behalf. We may also ask you directly to verify that you have authorized your authorized agent to act on your behalf.
6. Retention of Personal Information
We retain your Personal Information for as long as needed, or permitted, based on the reason we obtained it (consistent with applicable law). When deciding how long to keep your Personal Information, we consider whether we are subject to any legal obligations (e.g., any laws that require us to keep records for a certain period of time before we can delete them) or whether we have taken any legal positions that require data retention (e.g., issued any legal holds or otherwise need to preserve data). From time to time, we may also de-identify your Personal Information, retain it, and use it in compliance with CCPA and other applicable laws.
7. Children’s Information
Our Website, Services, and Products are intended for users who are 21 years or older and we do not knowingly collect information from children under 21 years old. If we become aware that we have collected information from a child under 21 years old, we will delete such information from our records. If you are a parent or legal guardian and believe your child has given us information and you did not provide consent, please contact us at privacy@biofire.io.
8. External Links and Features
The Website may contain links or references to other websites outside of our control. Please be aware that this Policy does not apply to these websites. Biofire encourages you to read the privacy statements and terms and conditions of linked or referenced websites you enter. These third-party websites may send their own cookies and other tracking devices to you, log your IP address, and otherwise collect data regarding your use of the Website or solicit Personal Information. Biofire does not control and is not responsible for what third parties do in connection with their websites, or how they handle your Personal Information. Please exercise caution and consult the privacy policies posted on each third-party website for further information.
9. Security
We have implemented safeguards that are intended to protect the Personal Information that we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.
10. Changes to this Policy
This Privacy Policy is reviewed and updated regularly. If we change this Policy, we will post the updated Privacy Policy, and those changes will go into effect on the “last updated” date shown above. We will take your continued use of our Products and Services to mean you accept the terms of the updated Policy.
11. Contact Us
If you have any questions about this Policy or our information practices, you may contact us by email at privacy@biofire.io.