Privacy Policy

Last Revised: January 12, 2020

Iris Social Stock App, Inc. provides this Privacy Policy to inform users of our policies and procedures regarding the collection, use, and disclosure of personally identifiable information received from users of this website, located at https://www.iris.finance and any other website owned and operated by Iris Social Stock App, Inc. and any related Iris mobile applications (the “App”) or collected through the products and services available at the Sites, (together with the Sites, the “Service” ).

In this Privacy Policy, “you” or “your” means the person using the Service and the company (if any) on whose behalf he/she is acting, and “we,” “us,” “our,” “Iris,” or the “Company” means Iris Social Stock App, Inc. and its affiliates.

This Privacy Policy may be updated from time to time for any reason; each version will apply to information collected while it was in place. We will notify you of any material changes to our Privacy Policy by posting the new Privacy Policy on our App. You are advised to consult this Privacy Policy regularly for any changes.

By using the Service you agree to our processing of your information as set forth in this Privacy Policy now and as amended by us. “Processing” means using cookies on a computer or using information in any way, including, but not limited to, collecting, storing, deleting, using, combining and disclosing information, all of which activities will take place in the United States.

If you reside outside the U.S., your personally identifiable information will be transferred to the U.S., and processed and stored there under U.S. privacy standards. By using the Service and providing information to us, you consent to such transfer to, and processing in, the U.S. If you have any questions or comments about this Privacy Policy or our use of your personally identifiable information, please contact us at contact@iris.finance.

1. Information Collection and Use

Our primary goals in collecting personally identifiable information are to provide you with the product and services made available through the Service, to communicate with you, and to manage your registered user account, if you have one.

Information we collect. We may collect the following categories of personal information about you through the App, including but not limited to:

  • Registration information: To use certain features of the Services, you will need to register an account. When you make an account, you will be asked for basic registration information, such as an email address and password.
  • Identification information: You may also be asked to provide identification information to confirm your identity, including your first and last name, username, address, and phone number.
  • Third party credentials: You may also enter in certain passwords, usernames, account numbers, and other account information for websites, apps, products or services provided by third-party service providers (“Third-Party Services”).
  • Information from Third-Party Services: In order to display information to you through the Service, we may collect, on your behalf, your account and other personal information from Third-Party Services that you register under your account via the Service. For example, if you register your Robinhood or TD Ameritrade account with us, we will aggregate your Robinhood or TD Ameritrade information via our Service in order to present it to you. If you choose to access Robinhood’s or TD Ameritrade’s services through our Service, we may store a representation of your account information including but not limited to account holdings and transaction histories from your Robinhood or TD Ameritrade accounts.
  • Technical and navigational information: We collect information about your interaction with our App such as computer browser type, pages visited, average time spent on our App, IP address, unique identifier of the device, operating system version and app version.
  • Location information: If you choose to use a location enabled Service, we may collect location information from your device and will notify you of this collection. You may control or disable the sharing of location information via your device setting and/or the App.
  • Other information: We may request or receive other personal information such as feedback, questions, comments, suggestions, or ideas to provide you with other benefits or to improve upon the Service. In such instances, you will be given the opportunity to provide or decline that information.
  • Your full user name and your image (if you decide to upload one) are displayed to people in the Iris network to enable you to connect with people on Iris.
  • Use of Contact Information. If you contact us by email through the App or the Site, we may keep a record of your contact information and correspondence, and may use your email address, and any information that you provide to us in your message, to respond to you. In addition, we may use your contact information to market to you, and provide you with information about, our products and services, including but not limited to our Service. If you decide at any time that you no longer wish to receive such information or communications from us, please follow the unsubscribe instructions provided in any of the communications.

2. Cookies

Like many websites, we may also use “cookie” technology to collect additional website usage data and to improve the Service. A cookie is a small data file that we transfer to your computer’s hard disk. We do not use cookies to collect personally identifiable information. Iris may use both session cookies and persistent cookies to better understand how you interact with the Service, to monitor aggregate usage by our users and web traffic routing on the Service, to serve ads on the Service that are tailored to your interests, and to improve the Service. A session cookie enables certain features of the Site or App and our Service and is deleted from your computer when you disconnect from or leave the Site or App. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the App. Persistent cookies can be removed by following your web browser help file directions. Most Internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit.

3. Information Sharing and Disclosure

Service Providers. We engage certain trusted third parties to perform functions and provide services to us, including, without limitation, hosting and maintenance. We will share your personally identifiable information with these third parties, but only to the extent necessary to perform these functions and provide such services, and only pursuant to binding contractual obligations requiring such third parties to maintain the privacy and security of your data. In addition, we may use information you provide about Third-Party Services to provide the Service, which may include accessing the Third-Party Services you select on your behalf, so that we can present the requested information to you. With respect to mobile applications or mobile versions of our Sites, we may collect the unique device identifier assigned to that device by phone makers, carriers, or makers of the operating system (the “Device ID”). Device IDs allow app developers, advertisers, and others to uniquely identify your device for purposes of storing application preferences and other data.

We may use your Device ID for security purposes. For example, if you have activated a feature that limits access to a Service from a specific device, our systems will access the Device ID from each device you attempt to access the Service with to determine if the device is the specific authorized device. Additionally, we may use Device IDs to monitor suspicious activity. For example, if we detect that a single account on a Site or App is being accessed from multiple devices, as determined by tracking the Device IDs that access an account, we may contact the user to ensure that such access has been authorized by the user.

Compliance with Laws and Law Enforcement. Iris cooperates with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims, legal process (including subpoenas), to protect the property and rights of Iris or a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.

Business Transfers. Iris may sell, transfer or otherwise share some or all of its assets, including your personally identifiable information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.

Personal Information. Except as otherwise stated in this Privacy Policy, we will not, without your permission, sell, publish, or share your personal information to third parties for their marketing purposes.

In connection with third party services, we may share some of your personal information with the third parties when you are attempting to process the transaction you have requested.

We may share your personal information with third party service providers to enable them to assist in fulfilling the requests you make or the transactions you conduct via the Sites, including the operation of certain App or Site functions and Services. Third parties acting on our behalf that are given access to your personal information are contractually obligated to abide by our privacy practices and are not allowed to use the information for any other purposes.

We reserve the right, in our sole discretion, to share or disclose your personal information with law enforcement, government officials, and other third parties:

  • to respond to subpoenas, court orders, or legal process;
  • in order to investigate, prevent, defend against, or take other action regarding violations of our Terms of Service, illegal activities, suspected fraud, or situations involving potential threats to the legal rights or physical safety of any person or the security of our network, Sites or Services;
  • to respond to claims that any posting or other content violates the rights of third parties;
  • in an emergency, to protect the health and safety of our Sites’ users or the general public; or
  • as otherwise required by any applicable law.

We may share your personal information with other third parties with your consent or instructions to do so.

4. Advertising

Ad Serving. We may serve ads on the Service. Such ads may be delivered to you by a web advertising vendor. In order to serve ads to you, we may use information collected during your searches or visits to our websites and information that we specifically acquire from third parties.

Advertising and Cookies. Some of our third party advertising partners may distribute cookies to users in advertisements that are provided to us. Iris has no access to or control over these cookies once we have received the advertisements. Some of these advertisers and services we use to deliver advertising may be engaging in online behavioral advertising as defined by the Digital Advertising Alliance and FTC.

Affiliate Advertising. We participate in affiliate advertising and allow affiliate links to be encoded on some of our pages. This means that we may earn a commission when you click on or make purchases via affiliate links and affiliate partners may use cookies to understand your use of the Services.

Although Iris does not provide any Personally Identifiable Information to third-party advertising companies, if an advertiser asks Iris to show an advertisement to users with certain characteristics or a segment of that group (for example, men ages 21-30 who have viewed certain categories of content on the Service) and you respond to that advertisement, the third-party advertising company may conclude that you have the characteristics of the audience that they are trying to reach.

5. Third Party Data Collection

We may offer a number of separate products and services offered by third parties advertised by you on our App or Site and through the Service. These third party offers may be complementary to your use of the App or Site and may be personalized based on information you provide to us, we have collected about you, queries made through the Site, or other information. If you choose to use these separate products and services, provide information to the third party, or allow the third party to otherwise collect information about you, then their use of your information is subject to the applicable third party’s privacy policy and terms of service. You should review the practices of the third party before deciding to use their service, provide us any of your information with respect to the third party or provide them with any information. Please be aware that Iris is not responsible for the privacy practices of any third party’s privacy practices.

You should also be aware that some content delivered through the Service originates with third parties. Such other content providers may place cookies on your computer, or otherwise gather information about you, including by asking you to provide information through the content player itself. Again, it is up to you to review the terms of use and privacy policy of the originators of such content.

6. Security

Iris is very concerned about safeguarding the confidentiality of your personally identifiable information. We employ administrative, physical and electronic measures designed to protect your information from unauthorized access, but we cannot and do not assure that these measures will be sufficient to protect against all efforts to gain unauthorized access to the information.

We will make any legally-required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored personal data to you via email or conspicuous posting on this App or Site.

7. Links to Other Websites

Our App contains links to other websites. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personally identifiable information from you. Other sites follow different rules regarding the use or disclosure of the personally identifiable information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

8. Our Policy Towards Children

The App or Site is not directed to persons under 18. We do not knowingly collect personally identifiable information from children under 18. If we become aware that a child under 18 has provided us with personal identifiable Information, we will delete such information from our files.

9. Access and Deletion Rights

You have the right to access, correct or delete Personal Information held about you by Iris. To the extent allowed, any requests to exercise such rights may be subject to a small fee to meet our costs in providing you with details of the Personal Information we hold about you. Should you wish to access the Personal Information held about you, please let us know by contacting us at the contact information provided below.

10. Contact Us

To request access to personal data relating to you which is processed by Iris, and/or if you have any questions about the handling of personal information, please send an email to contact@iris.finance.

11. Developer Policy

This Developer Policy (“Policy”) provides rules and guidelines that govern access to or use by our developers (“you” or “your”) of the Iris Muse API, websites (“Site”), dashboards, related tools, and other products or services (collectively, the “Service”) provided by Iris Social Stock App, Inc. and its subsidiaries (“Iris”, “we”, “our”, and “us”). Any violation of this Policy may result in suspension or termination of your access to the Service and/or access to end users’ personal and financial information (“End User Data”).

By accessing and using the Service, you agree to comply with all the terms of this Policy. This Policy will apply each time you access or use the Service. If you are agreeing to the terms of this Policy on behalf of an organization or entity, you represent and warrant that you are so authorized to agree on behalf of that organization or entity. This Policy is important; please read it carefully.

We may update or change this Policy at any time in our discretion. If we make any changes to this Policy that we deem to be material, we will make a reasonable effort to inform you of such change. If you don’t agree with the change, you are free to reject it; unfortunately, that means you will no longer be able to use the Service.

Registration

To sign up for the Service, you must create an account (“Account”) by contacting Iris and providing true, accurate, and complete information about yourself and your use of the Service. You agree not to misrepresent your identity or any information that you provide for your Account, and to keep your Account information up to date at all times. It is your responsibility to maintain access to your Account; you may never share your Account information as well as your API authentication credentials with a third party or allow any other application or service to act as you. If you become aware of any unauthorized use of your Account or any other breach of security, please immediately notify us via email to contact@iris.finance

Compliance with Applicable Law

When using the Service, you must abide by all applicable local, state, national, and international laws. You also confirm that you, your business, your employees, your service providers, and any others acting on your behalf adhere to all applicable laws, especially those pertaining to financial data and to data protection, privacy and data security.

In addition, you certify that you, your officers, directors, shareholders, direct and indirect parent entities, subsidiaries, and affiliates:

  • are and will remain in compliance with all applicable import, re-import, sanctions, anti-boycott, export, and re-export control laws and regulations (including all such laws and regulations that apply to a U.S. company, such as the Export Administration Regulations, the International Traffic in Arms Regulations, and economic sanctions programs implemented by the Office of Foreign Assets Control (OFAC));
  • are not subject to, or owned by parties that are subject to, sanctions or otherwise identified on any sanctions-related list, including but not limited to lists maintained by the United States government (such as the List of Specially Designated Nationals and Blocked Persons, maintained by OFAC, the Entity List maintained by the U.S. Commerce Department’s Bureau of Industry and Security, and the CAATSA section 231(d) list maintained by the U.S. State Department), the United Nations Security Council, the United Kingdom, the European Union or its Member States, or other applicable government authority; and
  • are not engaging, and will not engage, in activities which may require or permit any applicable government authority to pursue an enforcement action against, or impose economic sanctions on you or us.

The certifications immediately above are not sought, and are not provided, if and to the extent such request or certification would constitute a violation of the EU Blocking Statute, of laws or regulations implementing the EU Blocking Statute in the EU Member States or in the United Kingdom, or any similar anti-boycott, non-discrimination, or blocking provisions foreseen in applicable local laws.

You are solely responsible for ensuring that your use of the Service is in compliance with all laws applicable to you.

Security

You are responsible for securely maintaining your API authentication credentials. You must notify us immediately in the event of any breach of security or unauthorized use of your Account or any End User Data. You must never publish, distribute, or share your Client ID or secret, and must encrypt this information in storage and during transit.

Your systems and application(s) must handle End User Data securely. With respect to End User Data, you should follow industry best practices but, at a minimum, must perform the following:

  • Maintain administrative, technical, and physical safeguards that are designed to ensure the security, privacy, and confidentiality of End User Data.
  • Use modern and industry-standard cryptography when storing or transmitting any End User Data.
  • Maintain reasonable access controls to ensure that only authorized individuals that have a business need have access to any End User Data.
  • Monitor your systems for any unauthorized access. Patch vulnerabilities in a timely fashion. Log and review any events suggesting unauthorized access.
  • Plan for and respond to security incidents.
  • Comply with relevant rules and regulations with regard to the type of data you are handling, such as the Safeguards Rule.
Data Storage

Any End User Data in your possession must be stored securely and in accordance with applicable laws.

Account Deactivation

Once you stop using the Service in accordance with any applicable agreement you may have with us, you may deactivate your Account by following the instructions on the Site. We may also deactivate your Account if you have ceased using the Service for three months; your applicable agreement with us terminates or expires; or as reasonably necessary under applicable law. After your Account deactivation, we will deprovision your access to all End User Data associated with your integration.

Even after your Account deactivation, and to the extent permitted under applicable law, we may still retain any information we collected about you for as long as necessary to fulfill the purposes outlined in our privacy policy/statement, or for a longer retention period if required or permitted under applicable law.

Prohibited Conduct

You agree not to, and agree not to assist or otherwise enable any third party to:

  • sell or rent End User Data to marketers or any other third party;
  • access or use the Service or End User Data for any unlawful, infringing, threatening, abusive, obscene, harassing, defamatory, deceptive, or fraudulent purpose;
  • collect and store end users’ credentials and/or End User Data other than as required to access or use the Service, as authorized by the end user, as permitted by Iris, and as permitted under applicable law;
  • use, disclose, or retain any “nonpublic personal information” (as defined under the Gramm-Leach-Bliley Act) or “personal information” (as defined under the California Consumer Privacy Act) other than in strict compliance with applicable law;
  • use, disclose, or otherwise process any “personal data” (as defined in Regulation (EU) 2016/679 (General Data Protection Regulation)) other than in strict compliance with applicable law;
  • access or use the Service or access, transmit, process, or store End User Data in violation of any applicable privacy laws or in any manner that would be a breach of contract or agreement with the applicable end user;
  • access or use the Service to infringe any patent, trademark, trade secret, copyright, right of publicity, or other right of any person or entity;
  • access or use the Service for any purpose other than for which it is provided by us, including for competitive evaluation, spying, creating a substitute or similar service to any of the Service, or other nefarious purpose;
  • scan or test (manually or in an automated fashion) the vulnerability of any Iris infrastructure without express prior written permission from Iris;
  • breach, disable, interfere with, or otherwise circumvent any security or authentication measures or any other aspect of the Service;
  • overload, flood, or spam any part of the Service;
  • create developer accounts for the Service by any means other than our publicly-supported interfaces (e.g., creating developer accounts in an automated fashion or otherwise in bulk);
  • transfer, syndicate, or otherwise distribute the Service or End User Data without express prior written permission from Iris;
  • decipher, decompile, disassemble, copy, reverse engineer, or attempt to derive any source code or underlying ideas or algorithms of any part of the Service, except as permitted by applicable law;
  • modify, translate, or otherwise create derivative works of any part of the Service;
  • access or use the Service or End User Data in a manner that violates any agreement between you or the end-user and Iris; or
  • access or use the Service or End User Data in a manner that violates any applicable law, statute, ordinance, or regulation.
Suspension and Termination

We reserve the right to withhold, refuse, or terminate access to the Service and/or End User Data in whole or in part where we believe the Service is being accessed or used in violation of this Policy or any other Iris agreement, including Iris’s agreements with any third party partners or data sources of Iris (each, a “Partner”), or where use would pose a risk of harm, including reputational harm, to Iris, its infrastructure, its data, the Service, an end user, or a Partner.

We will use reasonable efforts to notify you via email or other method when deciding to withhold, refuse, or terminate access to the Service and/or End User Data. We may immediately suspend or terminate access without notice if appropriate under the circumstances, such as when we become aware of activity that is a violation of any applicable law or when we determine, in our sole discretion, that harm is imminent.

Iris will not be liable for any damages of any nature suffered by you or any third party resulting from Iris’s exercise of its rights under this Policy or under applicable law.

Reporting Violations

If any person becomes aware of a violation of this Policy, we request that you immediately notify us via email to contact@iris.finance. We may take any appropriate action — including reporting any activity or conduct that we suspect violates the law to appropriate law enforcement officials, regulators, or other appropriate third parties — in our sole discretion in respect to such violations.

Miscellaneous

The failure by you or Iris to exercise in any respect any right provided for herein shall not be deemed a waiver of any further rights hereunder.

If any provision of this Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Policy shall otherwise remain in full force and effect and enforceable.