Privacy Policy

Last Updated: March 14, 2026

1. Introduction

Authentikate, Inc. ("Authentikate," "we," "us," or "our") is a Delaware corporation dedicated to making verifiable communications universal and fraud obsolete. This Privacy Policy describes how we collect, use, disclose, and protect information about you when you:

• Visit our website at authentikate.com or justauthentikate.com
• Use our Enterprise CKY verification platform
• Use our JustAuthentiKate consumer application
• Communicate with us via email, phone, or other channels
• Participate in our services in any other way

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide directly to us, including:

• Contact Information: Name, email address, phone number, company name, job title
• Account Information: Username, password (encrypted), account preferences
• Business Verification Information: Business registration documents, authorized representative information, corporate contact details
• Payment Information: Processed securely through third-party payment processors (we do not store complete credit card numbers)
• Communications: Information in messages you send us, including support requests and feedback
• Verification Data: Information submitted for identity verification purposes

2.2 Information Collected Automatically

When you access our Services, we automatically collect certain information, including:

• Log Data: IP address, browser type and version, operating system, referring URLs, pages viewed, time and date of visits
• Device Information: Device type, unique device identifiers, mobile network information
• Usage Data: How you interact with our Services, features used, actions taken
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies (see Section 7 below)

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Business Partners: If you access our Services through a partner integration
• Verification Services: Identity verification providers, business registration databases
• Public Sources: Publicly available business information, government registries
• Analytics Providers: Usage analytics and demographic information

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide Our Services

• Create and manage your account
• Process and verify business identities
• Enable customer verification of businesses (CKY)
• Process transactions and send transaction confirmations
• Provide customer support and respond to inquiries
• Send service-related communications

3.2 To Improve and Develop Our Services

• Analyze usage patterns and trends
• Conduct research and development
• Test new features and functionality
• Monitor and improve security
• Troubleshoot technical issues

3.3 For Marketing and Communications

• Send promotional materials and updates (with your consent where required)
• Notify you about changes to our Services
• Provide information about products and services that may interest you
• Conduct surveys and gather feedback

3.4 For Legal and Security Purposes

• Comply with legal obligations and government requests
• Enforce our Terms of Service and other agreements
• Protect against fraud, security threats, and illegal activity
• Protect the rights, property, and safety of Authentikate, our users, and the public

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 With Your Consent

We share information with third parties when you give us explicit consent to do so.

4.2 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Cloud hosting providers (data storage and processing)
• Payment processors
• Email service providers
• Analytics providers
• Customer support tools
• Identity verification services

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.3 Business Transfers

If Authentikate is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, government agencies).

4.5 Protection of Rights

We may disclose information when we believe it is necessary to:

• Comply with applicable law or respond to legal process
• Protect and defend our rights or property
• Enforce our Terms of Service
• Prevent fraud or security threats
• Protect the safety of users or the public

4.6 Aggregated or De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Information: Retained while your account is active and for a reasonable period thereafter to comply with legal obligations
• Verification Data: Retained for the duration of the business relationship and as required for compliance purposes
• Transaction Records: Retained for 7 years to comply with financial regulations
• Communications: Retained for as long as necessary to provide support and maintain records
• Log Data: Typically retained for 90 days unless required for security or legal purposes

When we no longer need your information, we will securely delete or anonymize it.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Secure socket layer (SSL) technology
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and to distinguish you from other users of our Services.

7.1 Types of Cookies We Use

• Essential Cookies: Required for the operation of our Services (e.g., authentication, security)
• Analytics Cookies: Help us understand how visitors interact with our Services
• Functionality Cookies: Remember your preferences and settings
• Marketing Cookies: Track your browsing activity to deliver relevant advertisements

7.2 Your Cookie Choices

Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.

8. Your Privacy Rights

8.1 Access and Portability

You have the right to request a copy of the personal information we hold about you and to receive that information in a structured, commonly used, and machine-readable format.

8.2 Correction

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

8.3 Deletion

You have the right to request that we delete your personal information, subject to certain exceptions (e.g., legal retention requirements).

8.4 Objection and Restriction

You have the right to object to or request restriction of certain processing of your personal information.

8.5 Withdraw Consent

Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time.

8.6 Opt-Out of Marketing

You can opt out of receiving promotional emails by following the unsubscribe instructions in those emails or by contacting us directly.

8.7 Do Not Track

Some browsers include a "Do Not Track" (DNT) feature. Because there is not yet a common understanding of how to interpret DNT signals, we do not currently respond to DNT signals.

8.8 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. International Data Transfers

Authentikate is based in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

These countries may have data protection laws that are different from the laws of your country. By using our Services, you consent to the transfer of your information to the United States and other countries.

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we rely on:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Your explicit consent

10. Region-Specific Privacy Rights

10.1 European Economic Area (EEA), United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

Legal Basis for Processing: We process your personal data based on:

• Performance of a contract with you
• Compliance with legal obligations
• Legitimate interests (where not overridden by your rights)
• Your consent (where applicable)

10.2 California Residents (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request information about the categories and specific pieces of personal information we collect
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale or sharing of your personal information (we do not sell personal information)
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Limit the use of sensitive personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at [email protected].

10.3 Other US States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have similar rights. Contact us to exercise these rights.

11. Children's Privacy

Our Services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will delete that information promptly. If you believe we have collected information from a child under 16, please contact us at [email protected].

12. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through our Services if the changes are material
• Obtain your consent if required by law

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after changes are posted constitutes your acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us: