Privacy policy

Effective date: May 7th, 2021.

1. Introduction

FingerprintJS Inc. (“us”, “we”, or “our”) operates https://fingerprint.com and API services available at https://fpjs.io (including subdomains) (hereinafter referred to as “Service”).

Our Privacy Policy governs your visit to https://fingerprint.com or usage of our API services, available at https://fpjs.io (including subdomains), and explains how we collect, safeguard and disclose information that results from your use of our Service. For information about how we collect and use information collected from our business customers’ end users (“End User Data”) during the provision of our Service, please see the section titled “End User Data,” below.

If you are accessing our Service from the European Economic Area, Switzerland or the United Kingdom, please refer to the additional disclosures in Annex 1.

We use your data to provide and improve Service. By using Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Our Terms and Conditions govern all use of our Service and together with the Privacy Policy constitutes your agreement with us (“agreement”).

2. Definitions

SERVICE means the https://fingerprint.com website or https://fpjs.io (including subdomains) services operated by FingerprintJS Inc.

USAGE DATA is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).

COOKIES are small files stored on your device (computer or mobile device).

THE USER is the individual using our Service.

3. Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you.

4. Types of Data Collected

Personal Information

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Information”). Personally identifiable information may include, but is not limited to:

(a) Name, address, phone number, email address and password from our business customers

(b) Payment and transaction related information (see section titled “Payments” below) from our business customers

(c) Cookies and Usage Data

(d) Internet Protocol Address

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link.

Usage Data

We may also collect information that your browser sends whenever you visit our Service or when you access Service by or through a mobile device (“Usage Data”).

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.

Examples of Cookies we use:

(a) Session Cookies: We use Session Cookies to operate our Service.

(b) Preference Cookies: We use Preference Cookies to remember your preferences and various settings.

(c) Security Cookies: We use Security Cookies for security purposes.

If you would prefer not to accept cookies, most browsers will allow you to (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies. Please note that not accepting cookies may negatively impact your experience using the Service, as some features and services on our Service may not work properly. Depending on your operating system, you may not be able to delete or block all cookies and you may not be able to block non-cookie technologies and these browser settings that block cookies may have no effect on such techniques. You may also set your e-mail options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it.

Do Not Track Signals. Although we do our best to honor the privacy preferences of our users, we are unable to respond to Do Not Track signals set by your browser at this time.

We may use third-party Service Providers to monitor and analyze the use of our Service.

Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

We also encourage you to review the Google's policy for safeguarding your data: https://support.google.com/analytics/answer/6004245.

5. Use of Data

FingerprintJS Inc. uses the collected data for various purposes:

(a) to provide and maintain our Service;

(b) to notify you about changes to our Service;

(c) to allow you to participate in interactive features of our Service when you choose to do so;

(d) to provide customer support;

(e) to gather analysis or valuable information so that we can improve our Service;

(f) to monitor the usage of our Service;

(g) to detect, prevent and address technical issues;

(h) to fulfill any other purpose for which you provide it;

(i) to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;

(j) to provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc.;

(k) to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;

(l) in any other way we may describe when you provide the information;

(m) for any other purpose with your consent.

6. Retention of Data

We will retain your Personal Information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. Any End User Data that we have access to shall be retained according to our agreement with our business customer.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

7. Disclosure of Data

We may disclose personal information that we collect, or you provide as follows:

(a) Third-Party Vendors and Other Service Providers.

We may share your Personal Information with Service Providers who perform services on our behalf, as needed to carry out their work for us, which may include, for example, payment providers to successfully process payments. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

(b) Other Companies and Brands Owned Or Controlled by FingerprintJS.

We may disclose your Personal Information with other companies owned by or under common ownership as FingerprintJS, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns. These companies will use your personal information in the same way as we can under this Privacy Policy,

(c) Disclosure for Law Enforcement.

Under certain circumstances, we may be required to disclose your Personal Information with third parties as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our Terms and Conditions or to protect the security or integrity of our Service; and/or (c) to exercise or protect the rights, property, or personal safety of FingerprintJS, our visitors, or others.

(d) Business Transaction.

We may disclose your Personal Information with other parties in connection with a company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party, or in the event of a bankruptcy or related or similar proceedings.

8. Security of Data

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

9. End User Data

In providing our Service, our customers may upload data to our Service, which may include Personal Information about our customers’ end users. End User Data is owned and controlled by our customers, and any End User Data that we maintain or process we consider to be strictly confidential. We collect and process End User Data solely on behalf of our customers, and in accordance with our agreements with customers. We do not use or disclose End User Data except as authorized and required by our customers and as provided for in our agreements with our customers.

10. CI/CD tools

We may use third-party Service Providers to automate the development process of our Service.

GitHub

GitHub is provided by GitHub, Inc.

GitHub is a development platform to host and review code, manage projects, and build software.

For more information on what data GitHub collects for what purpose and how the protection of the data is ensured, please visit GitHub Privacy Policy page: https://help.github.com/en/articles/github-privacy-statement

GitLab CI/CD

GitLab CI/CD is provided by GitLab, Inc.

GitLab CI (Continuous Integration) service is a part of GitLab that build and test the software whenever developer pushes code to application.

GitLab CD (Continuous Deployment) is a software service that places the changes of every code in the production which results in every day deployment of production.

For more information on what data GitLab CI/CD collects for what purpose and how the protection of the data is ensured, please visit GitLab CI/CD Privacy Policy page: https://about.gitlab.com/privacy/.

11. Payments

We may provide paid products and/or services within Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are:

Stripe:

We use Stripe for payment, analytics, and other business services. Stripe collects identifying information about the devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy.

12. Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

13. Children's Privacy

Our Services are not intended for use by children under the age of 13 (“Children”).

We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Information, please contact us at the information provided below. If we become aware that have collected Personal Information from Children without parental consent, we take steps to remove that information from our servers.

14. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

15. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: [email protected].

ANNEX 1

EEA, SWISS AND UK DISCLOSURES

This Annex 1 (the "European Data Annex") sets out how we collect, store, process, transfer, share and use data that identifies or is associated with you ("personal data") when you access our Service from the European Economic Area, Switzerland or the United Kingdom.

This European Data Annex was last updated on May 7th, 2021.

1. Who is responsible for the use of your personal data

There are various ways in which we collect and receive personal data about you when you use the Service, and our relationship with you with respect to your personal data will vary depending on our relationship with you, how we collect this personal data and how we use it.

In certain circumstances we will act as the controller of your personal data, which means we determine and are responsible for how that personal data is used.

In other circumstances we act as a processor on behalf of another person, meaning that our use of this personal data is governed by our Terms of Service and, where applicable, the data processing addendum.

The following summarizes where we believe we act as a controller and where we would consider ourselves to act as a processor:

  • When you subscribe to the Service and set up an account, whether on your own behalf or on behalf of your employer, we will be the controller of your personal data that you provide to us, such as your name and other contact details, your payment details and transaction details (including the details of the type of service you have purchased).

  • When someone else sets up an account on the Service (the "Customer") and gives you access to the Service (and makes you an "Authorised User"), such as your employer, we will process the personal data about you (such as your contact details) that they submit to us as a processor on their behalf.

  • When you access and use the Service, we will be a controller in respect of any information about your use of the Service, such as the pages you access and functionalities you use, as well as information about the type of device you use to access the Service.

  • When you submit support requests to us, we will process any personal data contained in that support request as a processor on behalf of the relevant Customer.

  • When you submit comments and opinions to us, and we use those comments and opinions to improve the Service or develop new products, we will be the controller of the personal data contained in those comments and opinions; and

  • With respect to End User Data, we act as a processor on behalf of the relevant Customer.

This European Data Annex applies to our use of your personal data when we act as a controller of that personal data.

2. Personal data we collect from you directly and how we use it

The following table sets out the categories of personal data that we collect from you directly when you subscribe to and use the Service and when you correspond with us. It also sets out the purposes for which we will process this personal data and the lawful basis we rely on to do so.

We will indicate to you where the provision of certain personal data is required in order for us to provide you certain features of the Service. If you choose not to provide such personal data, we may not be able to provide those parts of the Service to you or respond to your other requests.

Category of personal dataHow we use itLegal basis for the processing
Contact information that you provide to us when you subscribe to the Service, such as your name and e-mail address.

We use this information to set up and authenticate your account.

If you are the Customer, the processing is necessary for the performance of a contract with you and to take steps prior to entering into a contract with you.

If you subscribe to the Service on behalf of a Customer, the processing is necessary for the Customer's legitimate interests, namely setting up and administering the Customer's account.

We use this information to deal with enquiries and complaints made by you relating to the Service.

The processing is necessary for our legitimate interests, namely administering the Service, and for communicating with you effectively to respond to your queries or complaints.

We use this information to communicate with you, including sending service-related communications.

If you are the Customer, the processing is necessary for the performance of a contract with you.

If you subscribe to the Service on behalf of a Customer, the processing is necessary for our legitimate interests, namely providing service related information and updates.

We use this information to send you unsolicited marketing communications in accordance with your preferences.

If you are the Customer, or sign up and create an account on behalf of the Customer, the processing is necessary for our legitimate interests, namely promoting certain features of our Service and our similar products and services to you.

If you have been granted access to the Service as an Authorized User, we will only use your personal data in this way to the extent you have given us consent to do so.

We use this information to identify and prevent fraud.The processing is necessary for our legitimate interests, namely identifying and preventing fraud.

Payment and transaction information, such as your credit or debit card and billing address.

We use this information to process the payments you make through the Service.

If you are the Customer, the processing is necessary for the performance of a contract with you and to take steps prior to entering into a contract with you.

If you subscribe to the Service on behalf of a Customer, the processing is necessary for our legitimate interests, namely billing the Customer in respect of their use of the Service.

We use this information to determine products and services that may be of interest to you for marketing purposes

The processing is necessary for our legitimate interests, namely to inform our marketing activities.

Chat, comments and opinions. When you contact us directly, e.g. by email or phone, we will record your comments and opinions.

We use this information to address your questions, issues and concerns.

The processing is necessary for our legitimate interests, namely communicating with users and responding to queries, complaints and concerns.

We use this information to develop new products and features available through the Service or otherwise improve the Service.

The processing is necessary for our legitimate interests, namely developing and improving the Service.
Your preferences, such as preferences set for notifications, marketing communications, how the Service is displayed and the active functionalities on the Service.

We use this information to provide notifications, send news, alerts and marketing communications and provide the Service in accordance with your choices.

The processing is necessary for our legitimate interest, namely ensuring the user receives the correct marketing and other communications, and that the Service is displayed in accordance with the user's preferences.

We use this information to ensure that we comply with our legal obligation to send only those marketing communications to which you have consented.

The processing is necessary for compliance with a legal obligation to which we are subject.
All personal data set out above.

We may use all the personal data we collect to operate, maintain and provide to you the features and functionality of the Service, to communicate with you, to monitor and improve the Service and business, and to help us develop new products and services.

The processing is necessary for our legitimate interests, namely to administer and improve the Service.

3. Personal data we collect about you automatically when you use the Service

We also collect personal data about you automatically when you use the Service. The following table sets out the categories of personal data that we collect about you in this way. It also sets out the purposes for which we will process this personal data and the lawful basis we rely on to do so.

Category of personal dataHow we may use itLegal basis for the processing

Approximate location information. Other than information you choose to provide to us, we do not collect information about your precise location. Your device’s IP address may however help us determine an approximate location.

We use information you provide to us about your location to inform and plan our marketing strategy and to monitor and detect fraud or suspicious activity in relation to your or a Customer's account.

The processing is necessary for our legitimate interests, namely informing our direct marketing strategy and monitoring fraud.

We use this information to tailor how the Service is displayed to you (such as the content that is provided to you through the Service and/or the language in which it is provided to you).

The processing is necessary for our legitimate interest, namely tailoring the Service so that it is more relevant to our users.
Information about how you access and use the Service. For example, how frequently you access the Service, the time you access the Service and how long you use it for, the approximate location that you access the Service from, whether you access the Service from multiple devices, and other actions you take on the Service.

We use information about how you use and connect to the Service to present the Service to you on your device.

The processing is necessary for our legitimate interests, namely to tailor the Service to the user.
We use this information to determine products and services that may be of interest to you for marketing purposes.The processing is necessary for our legitimate interests, namely to inform our direct marketing.

We use this information to monitor and improve the Service and business, resolve issues and to inform the development of new products and services.

The processing is necessary for our legitimate interests, namely to monitor and resolve issues with the Service and to improve the Service generally.

Log files and information about your device. We also collect information about the computer, tablet, smartphone or other electronic device you use to connect to the Service. This information can include details about the type of device, unique device identifying numbers, operating systems, browsers and applications connected to the Service through the device, your mobile network, your IP address and your device’s telephone number (if it has one).

We use information about how you use and connect to the Service to present the Service to you on your device.The processing is necessary for our legitimate interests, namely to tailor the Service to the user.
We use this information to determine products and services that may be of interest to you for marketing purposes.The processing is necessary for our legitimate interests, namely to inform our direct marketing.
We use this information to monitor and improve the Service and business, resolve issues and to inform the development of new products and services.The processing is necessary for our legitimate interests, namely to monitor and resolve issues with the Service and to improve the Service generally.

4. Anonymization and aggregation of information

In connection with the purposes and data uses described above, we may anonymize and aggregate any of the information we collect (so that it does not directly identify you). We may use such anonymized information for purposes that include testing our IT systems, research, data analysis, improving the Service and developing new products and features.

5. Recipients of your personal data

We may share your personal data with the parties and for the purposes set out in paragraph 7 (Disclosure of Data), paragraph 10 (CI/CD tools) and paragraph 11 (Payments) of the main body of this Privacy Policy.

We may provide third parties with aggregate statistical information and analytics about users of the Service but we will make sure no one can be identified from this information before we disclose it.

6. How long we store your personal data

Paragraph 6 (Retention of Data) of the main body of this Privacy Policy sets out how long we will retain your personal data.

7. Marketing and Advertising

From time to time we may send you emails about our products, services and features available on the Service. For some marketing messages, we may use personal information we collect about you to help us determine the most relevant marketing information to share with you.

We will give you the opportunity to opt out of these promotional messages when you sign up and create an account on the Service.

You can also withdraw your consent at a later date by clicking on the unsubscribe link at the bottom of our marketing emails or by updating your preferences through the Service.

We will not send you these messages if you opt out from receiving them, or if you do not give us your consent. We will, however, still need to contact you with non-promotional, technical service-related information about the Service.

8. Cookies

Our Service uses cookies and similar technologies such as pixels and JavaScript tags and Local Storage Objects (together "cookies") to distinguish you from other users. The cookies we use are necessary for the operation of certain features of our Service. We also use them to detect errors on our Service and apply security settings.

The following table sets out information about the cookies we use on our Service:

CookieType of cookieWhen is the cookie setHow long does the cookie lastPurpose of the cookie
Google TagsFunctionalOn first visiting the fingerprint.com site (our "Site")Until you finish browsing our Site

This tag allows us to integrate analytics, such as Google Analytics, and similar products that track and monitor website traffic into our Site. This enable us to see how the Site is performing in order to identify errors or features that users find confusing.

This data will not, however, be shared with other Google services or used for contextualizing or personalizing the advertising displayed to you.

You can learn more about Google’s practices at http://www.google.com/policies/privacy/partners, and view its currently available opt-out options at https://tools.google.com/dlpage/gaoptout

_vid, _vid_t, _vid_iFunctionalOn first visiting the Site1 yearThis cookie allows us to demonstrate the functionality of our Service to visitors of the Site.
_cfduiudFunctionalOn first visiting the dev.fingerprint.com site1 monthThis cookie is used to identify individual clients behind a shared IP address and apply settings on a per-client basis. We use it in connection with ensuring the Site is presented to you in the correct language, and to identify trusted web traffic and apply security settings on a per-client basis.

Other than cookies that are necessary for the operation of our Site, you will only receive cookies when you have given us your consent to do so. In addition, if you do not wish to receive cookies, most browsers allow you to change your cookie settings.

Depending on your device and operating system, you may not be able to delete or block all cookies. Please note that if you choose to refuse all cookies you may not be able to use the full functionality of our Service.

These settings will typically be found in the "options" or "preferences" menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the "Help" option in your browser for more details.

.

If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org or the Network Advertising Initiative's online sources at www.networkadvertising.org.

9. Transfer of Data

Your personal data may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including personal data, to United States and process it there.

FingerprintJS Inc. will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this European Data Annex, including implementing adequate safeguards with respect to the security and handling of your personal data.

If you wish to enquire further about the safeguards we use, please contact us using the contact details in paragraph 15 (Contact Us) in the main body of this Privacy Policy.

10. Your Data Protection Rights

In accordance with applicable privacy law you have the following rights in respect of your personal data that we hold:

  • (a) Right of access. You have the right to obtain:

    • confirmation of whether, and where, we are processing your personal data;
    • information about the categories of personal data we are processing, the purposes for which we process your personal data and information as to how we determine applicable retention periods;
    • information about the categories of recipients with whom we may share your personal data; and
    • a copy of the personal data we hold about you.
  • (b) Right of portability. You have the right, in certain circumstances, to receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.

  • (c) Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal data we hold about you without undue delay.

  • (d) Right to erasure. You have the right, in some circumstances, to require us to erase your personal data without undue delay if the continued processing of that personal data is not justified.

  • (e) Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal data if the continued processing of the personal data in this way is not justified, such as where the accuracy of the personal data is contested by you.

  • (f) Right to withdraw consent. If you have provided consent for the processing of your personal data, you have the right to withdraw your consent. If you withdraw your consent, this will not affect the lawfulness of our use of your personal data before your withdrawal.

You have a right to object to any processing based on our legitimate interests. There may, depending on the particular circumstances, be compelling reasons for continuing to process your personal data despite your objection, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.

If you wish to exercise one of these rights, please contact us using the contact details in paragraph 15 (Contact Us) in the main body of this Privacy Policy.

You also have the right to lodge a complaint to your national data protection authority.

If you are in the UK, the relevant authority is the Information Commissioner's Office – please visit https://ico.org.uk/make-a-complaint/ for more information.

If you are in the EEA, further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you are in Switzerland, please visit https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html for more information.

11. Links to third party sites

The Service may, from time to time, contain links to and from third party websites, including those of other users, our partner networks, advertisers, partner merchants, news publications, retailers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.

12. Our Policy towards children

The Service is not directed at persons under 18 and we do not knowingly collect personal data from children under 18. If you become aware that your child has provided us with personal data, without your consent, then please contact us using the contact details in paragraph 15 (Contact Us) in the main body of this Privacy Policy so that we can take steps to remove such information as quickly as possible.

13. Changes to this policy

We may update this European Data Annex from time to time and so you should review this page periodically. When we change this European Data Annex in a material way, we will update the "last modified" date at the beginning of this European Data Annex. Changes to this European Data Annex are effective when they are posted on this page.

14. Notice to you

If we need to provide you with information about something, whether for legal, marketing or other business related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this European Data Annex.