Last Modified: December 23, 2024
Welcome to JunkDNA.AI! This Platform Privacy Notice describes how JunkDNA AI, Inc. ("JunkDNA.AI", "we", "us", or "our") handles personal information collected through our AI-powered personal data management platform (the "Platform"). Given the nature of our services, we understand the importance of privacy and security. This notice details our commitment to protecting your information while providing automated address updating services.
In October 2024, we updated this Privacy Policy to comply with the principles of the EU-U.S. Data Privacy Framework, the U.K. Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework. We also included additional disclosures related to fraud prevention and enhanced our HIPAA compliance sections.
At JunkDNA.AI, we strive to collect only the personal information about you that we need to provide our services. We may obtain personal information about you from various sources, including your JunkDNA.AI membership application. The types of personal information we may obtain include contact details such as name, email, postal address, and telephone number; business contact information including employer details and professional licenses; physical characteristics such as gender and height; government-issued identification information including Social Security number, passport number, and driver's license number, as well as copies of these documents; digital images and videos such as those from your mobile device camera; biometric data including digital images of fingerprints, irises and face; travel information including flight details and itineraries; device information such as IP address and browser data; payment information including billing address and payment card details; financial information including account details and consumer report data; demographic details such as date of birth and citizenship; location information such as GPS data; health information such as vaccination records; and any other information you provide or authorize others to provide.
Our Platform leverages advanced AI and blockchain technology to manage your data. Our AI systems handle automated address validation and verification, institution communication processing, data format standardization, and update confirmation monitoring. The blockchain implementation provides secure transaction logging, immutable update records, verification timestamps, and access control management. These technologies work together to ensure the highest levels of security and transparency in handling your personal information.
JunkDNA.AI will never sell, rent, or trade your Personal Information. We use your information to facilitate and manage application and enrollment processes, operate and administer our programs and services, verify identities and authenticate users, comply with legal requirements, provide customer support, create and manage online accounts, process payments, prevent fraud, and improve our services. For biometric and health information, we limit use to identity verification, fraud prevention, and services you explicitly consent to.
We may use non-sensitive personal information to send news and updates about JunkDNA.AI, communicate about special events or promotions, and perform data analyses to improve our services. You can opt out of marketing communications at any time while continuing to receive essential service updates.
We share your information only with your explicit consent, with service providers who help deliver our services, or as required by law. Our service providers are contractually prohibited from using or disclosing your information except to perform services for us or comply with legal requirements. We require these providers to appropriately safeguard the privacy and security of your information and limit their retention of such data.
For government agencies, we never provide direct and unfettered access to user data or encryption keys. Agencies must follow applicable legal processes and serve us with a subpoena, warrant, or present other legally compelling justification for additional information. Our legal and compliance teams review all requests to ensure validity.
You have comprehensive rights regarding your personal information. You can access, correct, delete, or export your data, restrict its processing, and withdraw consent at any time. You can close your account, though we may retain certain information for up to three years for fraud prevention and compliance. For biometric data, you can request deletion of both images and associated information through our Privacy Rights Center. Deletion may take up to seven days and won't impact your credential status.
You can opt out of marketing emails while still receiving essential service updates. You can control cookies and tracking tools through our Cookie Policy settings. We honor Global Privacy Control signals and provide additional privacy controls through our user interface.
We implement robust security measures including end-to-end encryption, blockchain verification, access controls, regular security audits, and employee training. For sensitive information like biometric data and government IDs, we employ additional measures such as enhanced encryption, firewalls, and intrusion detection systems. Our customer service centers cannot access biometric data.
We maintain procedures for identifying and classifying personal information, implementing appropriate safeguards, controlling access, verifying business needs, reviewing permissions periodically, and ensuring proper termination of access. Our physical and environmental security procedures prevent unauthorized access to premises and information.
We retain your information until we fulfill our legal, contractual, and policy obligations. For government-related verifications, we follow National Archives guidelines and may retain data for up to three years after account closure. We may retain limited information for fraud prevention, particularly for high-risk transactions in government and healthcare settings.
When we destroy your information, we use industry-recognized methods. While stored, your data is protected using approved encryption methods. You can request deletion at any time through our Privacy Rights Center.
For users in the European Economic Area, United Kingdom, and Switzerland, we comply with respective data protection laws and Privacy Shield principles. We provide appropriate safeguards for international data transfers, including standard contractual clauses where necessary. You have additional rights under GDPR, including data portability and the right to object to processing based on legitimate interests.
We've appointed a Data Protection Officer and EU representative for GDPR compliance. You can contact them or submit complaints to your local data protection authority.
For health-related services, we maintain strict HIPAA compliance. We implement additional safeguards for protected health information, including enhanced encryption, access controls, and audit trails. We only share health information with your explicit consent or as required by law. Our systems and processes are regularly audited for HIPAA compliance.
Residents of California, Connecticut, Colorado, Utah, Virginia, and other states with specific privacy laws have additional rights regarding their personal information. These may include the right to know what information we collect and share, request deletion, correct inaccuracies, and opt out of certain data sharing. We honor these rights for all users regardless of location.
For Illinois enrollees, we retain biometric data only until the initial purpose is satisfied or three years following your last interaction, whichever comes first.
Our services are not directed at children under 18. We do not knowingly collect information from anyone under 18, and our website is not designed to attract minors. If we learn we have collected information from a child under 18, we will promptly delete it, subject to legal requirements.
We may update this Privacy Policy to reflect new features or changes in our practices. We will post notice of significant changes at the top of this policy and provide other notice as required by law.
For privacy-related questions, concerns, or to exercise your rights under this policy, you can:
Contact our Privacy Officer at: