Privacy Policy

General Information

This privacy policy (“Privacy Policy”) describes the types of Information that are identifiable to a particular person (“Personal Information”) that TLA Innovation, Inc. d/b/a BoomID (“BoomID,” “we,” “us,” and “our”) collects from you or about you when you use or access our websites, www.boomid.io (“Site”) or BoomID Identity Assurance Platform™ (the “Services”), our practices for using, sharing, and protecting that Information. Please read this Privacy Policy to understand your rights and obligations.

BoomID reserves the right to change this Privacy Policy at any time. If we decide to change the Privacy Policy, we will post the changes on the Site and in our Services so that you are aware of the changed Privacy Policy. We encourage you to check the Site or the Privacy Link in our Services for policy revisions.  To stay current on our practices, please update your email address with us if it changes.

This Privacy Policy does not apply to any activity on third-party websites and mobile applications that link to the Site or Services.  We do not control third-party websites and applications and are not responsible for their actions or privacy practices.

Your use of this Site and the Services constitutes your acceptance of and agreement to this Privacy Policy.  If you do not agree to this Privacy Policy, do not use this Site or our Services.

Definitions

“BoomID Content” is defined as  website content, applications, messages, text, files, images, photos, video, sounds, profiles, icons, custom graphics, works of authorship, data and other content of BoomID and its licensors.

Customer” means company, organization or government accessing the Sites and/or using the Services.

Customer Data” means all electronic data or information submitted by Customer or Users via the Services.

Services” means hosted applications and authorization service as well as other mobile and web based services

Users” means individuals accessing and using the Sites and Services who are Customer associated employees, consultants, contractors, vendors, agents, clients and residents.

Verified Records” are User artifacts that can be digitally verified.

 

Who is BoomID?

Privacy is at the core of BoomID, and we take care first to avoid processing personal data, but when we do, we respect your privacy. What is the BoomID Identity Assurance Platform™?

BoomID Identity Assurance Platform ™” is a SaaS based cloud solution which provides customers and their supply chain participants with advanced, adaptive and easy to use biometric based authorization and fraud prevention capabilities including (i) contactless biometric identity assurance, (ii) humanity validation, (iii) bot protection (iv) vendor validation (v) versatile integration and implementation.

BoomID Backoffice” are the applications that handle palm registration and management as well as the Zappa Protect (see below) portal.

Zappa Protect ™ “ or “BoomID Bot Protection” provides alternative means (as opposed to tools such as “captcha” or “reCAPTCHA”) of performing bot detection and prevention.

What Personal Information does BoomID Collect?

Information Provided by You or Your Company

  • Contact Information – this may include your full name, alias, phone number, and email address. Your company may provide contact information if your company directly contracts with BoomID to provide you with services.
  • Biometric Data – this may include a non-reversable coded representation of your palm in connection with providing you the Services. Such information is collected directly by BoomID. Any coded representation of your palm being processed or temporarily stored provides identity assurance services and improves your user experience with our services. Your palm coded representation data is encrypted and protected with security best practices. This data will be refined and updated as you use your palm to improve your experience, including when you successfully authenticate.
  • User Records – as a user of the BoomID application or services, you may voluntarily upload personal Information to BoomID. This information may be verified by third-party tools before the verified Information is stored securely in our platform.
  • Payment Information – BoomID partners with Stripe via a fully tokenized integration and Stripe will process any payment information collected on the administrative hub; BoomID never processes or stores any cardholder data.

Information Collected Automatically

Information we collect from your interactions with us – When you interact with our Sites (which include the platform services and www.boomid.io) and the Services, we may collect your Internet protocol (IP) address, login information, geo-location, Network data, device data, such as device/browser type and version, time zone setting, kinematics data, and the operating system/platform. This also may include the web address of the page you were on prior to coming to our Sites and the page you visit after you leave. We may also process information about what you do on our Sites, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, downloads, and mouse-overs), and methods used to browse away from the page.  We use this data to drive traffic back to our website and improve our Sites and Services. See our Cookies Policy for more information about your choices in relation to cookies technology.

Data Retention

The coded representation of your palm will be destroyed when the initial purposes for collecting or obtaining such data have been satisfied or within three years of the individual’s last interaction with BoomID, whichever occurs first.

How We Use Your Information

Your privacy is a serious matter, and we will not share this information with third parties for the purposes of marketing to you or to profit from marketing your data to others. Instead, we may use your Personal Information to send users of the Services and visitors to our Sites email notifications of new features or information available through the Services. We will also use the information, included but not limited to, the categories below to identify you, process your account, and operate the Services.

  • Contact information
  • Biometric data
  • Website data

How We Disclose Your Information

  • BoomID may disclose your Personal Information: (i) with third parties, who provide us with hosting and other infrastructure services, and who have agreements with us; (ii) if BoomID is required by law to do so, including laws outside your country of residence; (iii) if a transfer of ownership of BoomID, merger or other similar transaction (including one in connection with any bankruptcy or similar proceedings); or (iv) as otherwise set forth in this Privacy Policy. BoomID is not and cannot be responsible for any third party’s activities or privacy policies with whom your Personal Information is shared.
  • Biometric data – we do not disclose, redisclose, or otherwise disseminate your palm code representation unless (i) you consent to the disclosure or redisclosure; (ii) the disclosure or redisclosure is required by State or federal law or municipal ordinance; or (iii) the disclosure is required pursuant to a valid warrant or subpoena.

What Choices Do I Have About My Personal Information?

BoomID values your privacy and strives to provide you with choices regarding the handling of all Personal Information you choose to provide to us. You may choose not to provide us with your Personal Information if you are uncomfortable with our practices, as set forth in our Privacy Policy. If you wish to correct or delete inaccuracies within your personal information or request access to any personal information we obtain about you, please contact us at privacy@boomid.io.

If you sign up for marketing communications from us and you now wish to unsubscribe, you may do so by clicking on the “unsubscribe” link provided in the communication. Please also note that unsubscribing from future marketing-related messages does not prevent BoomID from sending you administrative messages, as applicable.

 

Security of Personal Data

We use appropriate security measures on the BoomID Sites, Applications, and Services designed to safeguard your Personal Information under our control. Any Verified Records will be securely stored by BoomID, using industry-standard encryption protocols (e.g., AES 256, SSL, TLS 1.3). While BoomID protects your Personal Information, the confidentiality and security of any communication or material transmitted to or from the Sites or the Services cannot be guaranteed to be 100% secure at any time. Any transmission of your information is at your own risk. We strongly encourage all users to be careful and responsible about what they choose to provide online.

If you have any reason to believe that your interaction with BoomID through these Sites or the Services is no longer secure, please immediately notify us by email at security@boomid.io.

Your Responsibilities for Protecting Your Data 

You are responsible for maintaining the security of your access to the BoomID platform and you are fully responsible for all activities that occur within the BoomID platform, and any other actions taken in connection with it. You must immediately notify BoomID of any unauthorized use of your BoomID access or any other breaches of security. BoomID will not be liable for any acts or omissions by you, including any damages of any kind incurred because of such acts or omissions.

You are responsible for taking precautions as necessary to protect yourself and your computer systems from viruses, worms, Trojan horses, and other harmful or destructive content. BoomID disclaims any responsibility for any harm resulting from the use by visitors of the Sites, or from any downloading by those visitors of content there posted.

California Privacy Practices

If you are a California resident, please see more information about our privacy practices and your rights under California law below.

Children

BoomID is intended for use only by individuals who are 18 years or older. By using the Sites, you confirm to us that you meet this requirement.

Cookies and Tracking 

BoomID may place and store cookies on a user’s device. Cookies are small data files that are stored in your computer or mobile device by your web browser. We, our business partners, and service providers may set cookies when you visit the Sites or use the Services. Typically, cookies allow us to gather information about the device you are using and collect information, including click stream information, browser type, time and date you visited the Site, and other information about your interactions with the Site.

Please see our descriptions below for a discussion of the technologies you could encounter on the Internet:

  • Cookies.  We use both session cookies, which terminate when you close your browser, and persistent cookies, which remain on your computer until you manually delete them.
  • Pixel tags. We may also track your movements through the Sites and its content through pixel tags (also called web beacons or clear gifs). When you access a page, email, or other content containing a pixel tag, the pixel tag generates a notice to us, our service providers, or our business partners. We use the Information gathered by the pixel tags to monitor the open rate of our communications and to improve and manage content on the Sites.
  • Profiling. Although Information that we collect through these tracking technologies is not always personally identifiable when collected, we may combine such information with personally identifiable information like your name or email address.
  • Kinematics. BoomID may collect information about Your mouse movements for processing and analysis as you interact with our Sites and Services

Google Analytics: We use Google Analytics as described here. You can prevent your data from being used by Google Analytics on our websites by installing the Google Analytics opt-out browser add-on. If you have accounts with third-party providers, you may be able to control your ad preferences through your account.

To learn more about cookies, please visit  https://allaboutcookies.org/  As of the “Last Updated” date below, there is no commonly accepted response for Do Not Track (DNT) signals initiated by browsers.  On the Site, BoomID retargets individuals back to its website using cookies and pixel tags for this service. To prevent the use of our cookies and technology, your browser may have a DNT option in its preferences.  If you turn tracking off, we can still identify a device, but we do not keep track of which websites it has been to. Although most web browsers are initially set up to accept Cookies, if you prefer, you may decline the placement of a cookie on your hard drive by using the appropriate feature(s) of your web browser software (if available) to delete the Cookie. Please understand that certain areas within this Site may not function properly if the web browser does not accept Cookies.

Contact Us

BoomID welcomes your questions and comments about this Privacy Policy or the use of your Personal Information. Please call us at 646-430-9836, or email us at privacy@boomid.io with any questions or comments.

This Privacy Policy was last updated: May 2025.

 

 

CALIFORNIA-SPECIFIC ADDENDUM

At BoomID, we are mindful of our responsibilities under the California Consumer Privacy Act (together with its implementing regulations, “CCPA”) regarding the collection, use, and disclosure of your personal Information, both online and offline.  This Privacy Notice applies only to California residents who are subject to the CCPA.

How We Collect, Use, and Share Personal Information 

  1. Personal Information of California Residents Collected in the Last Twelve Months 

We collect Information that identifies, relates to, describes, references, and is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“California Personal Information”).  We have obtained the following categories of California Personal Information within the last twelve months:

 

Category Examples
A. Identifiers. Identifiers such as a real name, alias, unique personal identifier, online identifier, IP address, email address, biometric Information, such as palm image, or other similar identifiers.
B. Information under the California Customer Records statute. Personal Information described in subdivision (e) of Section 1798.80 (California Customer Records statute). This means any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, name, signature, physical characteristics or description, address, telephone number, education, employment, and employment history.
C. Commercial Information. Commercial Information, including records of products or services you purchased, obtained, or considered from us.
D. Biometric Information Biometric Information such as palm image.
E. Internet or other similar network activity. Internet or other electronic network activity information, including, but not limited to, browsing history on our Sites, search history, Information on your interaction with us when you choose to visit our Sites, browser type, domain names, access times, and referring website addresses. This Information is not collected, analyzed, or maintained in a way that is traced back to a personal individual.
F. Geolocation data. Geolocation data.
G. Inferences drawn from other personal Information. Inferences drawn from any of the Information identified in this subdivision to enhance your online identity assurance score for identity verification when you use our services.

 

For each of these categories, we obtain California Personal Information from a variety of sources. These sources include yourself, with respect to both online and offline interactions you may have with us, our service providers, and employer; the devices you use to access our websites and online services; and others consistent with this Privacy Notice.  For more Information, please see the “What Personal Information does BoomID Collect?” section of our Privacy Policy.

This website uses cookies to improve functionality and performance. You can configure your browser to prevent the placement of cookies when using our Sites. Please see your browser help documentation for more Information.

Please note that California Personal Information does not include:

  • Publicly available Information from government records;
  • Deidentified or aggregate consumer information; and
  • Information exempted from the CCPA’s scope, including without limitation, the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act (“FCRA”), the Driver’s Privacy Protection Act of 1994, and certain Information associated with business-to-business transactions.
  1. Our Use of California Personal Information for Business Purposes in the Last Twelve Months

We use California Personal Information, identified in each of the above categories, for the business purposes listed below.

  1. Audits and reports relating to particular transactions and interactions, including online interactions, you may have with us or others on our behalf;
  2. Detecting and protecting against security incidents, and malicious, deceptive, fraudulent or illegal activity, and prosecuting the same;
  3. Debugging to identify and repair errors in our systems;
  4. Short-term, transient use including contextual customization of ads;
  5. Providing services on our behalf or on behalf of another, including maintaining or servicing accounts, providing customer service, fulfilling transactions, verifying identity information, processing payments, and other services. This includes:
    1. Delivering the Services you have requested;
    2. Informing you of other products or services available from or to enhance use of BoomID;
    3. Contacting you via surveys to conduct research about your opinion of current Services or of potential new Services that may be offered; and
    4. Delivering customized content and advertising.
  6. Conducting internal research to develop and demonstrate technology;
  7. Conducting activity to verify, enhance, and maintain the quality or safety of Services or devices which we may own, control, or provide;
  8. Preparing statistics and performing analysis to support our operations; and
  9. Receiving and responding to inquiries.

We may also use the Information we collect for our own or our service providers’ other operational purposes, purposes for which we provide you additional notice, or for purposes compatible with the context in which the California Personal Information was collected. For more Information, please see the “How we use your Personal Information” section of our Privacy Policy.

 

  1. Our Sharing of California Personal Information in the Last Twelve Months
  • Disclosure of California Personal Information

Within the last 12 months, we have disclosed California Personal Information identified in Categories (A)-(G) above only (i) at your express request; (ii) as part of an exempt business-to-business commercial transaction; or (iii) to our service providers for the business purpose(s) described above.  To learn more about the categories of third parties with whom we share such Information, please see the “How we share your Personal Information” section of our Privacy Policy.  We may share California Personal Information with trusted providers to perform payment functions, offer collaborative workspaces, or provider other business functions.

  • No Sales of Personal Information

We do not sell California Personal Information within the meaning of the CCPA nor do we plan to sell California Personal Information. If that changes, we will let you know in advance and provide you with Information so that you may understand and exercise your right to opt-out of the future sale of your California Personal Information.

We do not disclose personal Information of individuals we know to be under the age of 16 to third parties for monetary or other valuable consideration as a “sale” under California law, without affirmative authorization.

  • Your California Rights

If you are a California resident, you have certain rights related to your California Personal Information. You may exercise these rights free of charge except as otherwise permitted under applicable law.

As discussed above, the CCPA does not apply to Information we obtain, use, or share in connection with certain business-to-business transactions. We will, however, continue to evaluate our business-to-business activities and update our Privacy Policy consistent with California laws and regulations, where applicable.

Right to Access/Know. You may request that we disclose to you:

  • the categories of California Personal Information we have collected about you in the last 12 months;
  • the categories of sources from which the California Personal Information is collected;
  • our business or commercial purpose for collecting or selling California Personal Information;
  • the categories of third parties with whom we share California Personal Information;
  • the specific pieces of Information we have collected about you;
  • the categories of your California Personal Information we have sold in the last 12 months, and the categories of third parties to whom the California Personal Information was sold, by category or categories of California Personal Information; and
  • the categories of your California Personal Information we have disclosed for a business purpose in the last 12 months, and the categories of third parties to whom the California Personal Information was disclosed, by category or categories of California Personal Information.

Right to Delete. You have the right to request that we delete and direct our service providers to delete California Personal Information about you which we have collected from you. We may deny your deletion request if retaining the Information is necessary for us or our service provider(s) to:

  • complete the transaction for which we collected the California Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • debug products to identify and repair errors that impair existing intended functionality;
  • exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  • comply with the California Electronic Communications Privacy Act;
  • engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the Information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
  • enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • comply with a legal obligation; or
  • make other internal and lawful uses of that Information that are compatible with the context in which you provided it.

Right to Opt-Out.  The CCPA provides you with the right to direct us to not sell your California Personal Information. However, as discussed above, we do not engage in the sale of Personal Information as contemplated by the CCPA.

Non-Discrimination.  Subject to applicable law, we may not discriminate against you because of your exercise of any of the above rights, or any other rights under the CCPA. This means that we may not deny you goods or services, charge you different prices or rates for services, or provide you with a different level or quality of services (or suggest that we will do so), in response to a request made under the CCPA.

You, or someone you authorize, may request to exercise these rights by:

Please note that we are not responsible for notices that are not labelled or sent properly, or that do not have complete Information.  If applicable, we will provide you with Information on how to submit the request or remedy any deficiencies with the request.  Responses to your CCPA request will be delivered in the same manner that we received it.

Residents of the State of California may also request a list of all third parties to whom we have disclosed certain personal Information (as defined by California law) during the preceding year for those third parties’ direct marketing purposes. If you are a California resident and would like such a list, please contact us via the Contact Us section provided below.

4. Verification 

As required under applicable law, please note that we may take steps to verify your identity before granting you access to Information or acting on your request to exercise your rights.  You must provide us with enough Information to allow us to reasonably verify you are the person about whom we collected California Personal Information, or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. Please include the statement “Attention: California Privacy Rights Request” in the subject line and body of your written request. We may limit our response to your exercise of the above rights as permitted under applicable law. We will review each request carefully and respond accordingly within the timeframe established by the CCPA.

 

5. Agent Authorization and Disability Access

Under California law, you may designate an authorized agent to make a CCPA request for California Personal Information on your behalf. To designate an authorized agent to act on your behalf, you must provide the agent with signed permission to do so, verify your identity with us directly, and confirm you authorized the agent to submit the request.

To access this Privacy Policy by an alternative method, please contact us at (525) 254-6966.

Contact Information

You may contact us with questions or concerns about our privacy policies or practices by emailing us at privacy@boomid.io, or by calling us at 646-430-9836.  or by completing our rights request form .