Privacy Policy

As of February 5, 2025

Wicket, LLC (“Wicket,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it through our compliance with this Privacy Policy.

1. Who we Are

Wicket is a software company that has developed a unique cloud-based authentication management and registration platform (“Platform”) that enables a variety of authentication services on behalf of our clients, which include hosts or organizers of events as well as employers that own and operate various facilities (our “Clients”). Through our Platform, we provide you with a variety of facial authentication services (“Facial Authentication Services”) on behalf of our Clients, which uses your own face to seamlessly interact through a venue or facility. For instance, using our Facial Authentication Services, we can provide you with fast access for admissions to venues or facilities, VIP suite credentialing, touchless purchasing of food, beverages, and merchandise, verification of age and/or payment information (on behalf of third party point-of-sale devices), safe pairing of your tickets, mobile wallets, identification, and more. In addition, employees and staff of our Clients, can enroll for secure, touchless access to physical or virtual spaces.

“You” refers to individuals who access and use our Platform and Facial Authentication Services. You may be an attendee of an event operated by one of our Clients, or an employee of one of our Clients. In addition, You may be an agent of a Client, who is authorized to access the Platform as an administrator. Or, You may be a visitor to various websites and domains operated by us (including our website located at www.wicketsoft.com and/or from which You are accessing this Privacy Policy; collectively “Websites”) and are interested in browsing and learning about our Facial Authentication Services, or any other services or products offered by Wicket (“Services”). Our Platform, Facial Authentication Services, Websites, and Services may collectively refer to as our “Site” and “Services.”

Please note that enrolling and registering in our Facial Authentication Services is entirely optional. If You are invited to, register for, check into, or receive information regarding a Client event through a Wicket Site or in connection with our Facial Authentication Services, You will be considered an “Event Attendee” and we will provide any Personal Information You submit through our Site or in connection with your use of our Facial Authentication Services to the Client of the event (but we do not provide any of your Personal Information to any other third parties). Wicket does not control the Client’s venue or management process. We are not responsible for any decisions or actions taken by the Client with respect to your information (or by any third-party with whom the Client may share your information). Client is responsible for managing your information appropriately if and when they receive it. Please read the applicable privacy policies of the Client of an event or that operates a facility before submitting Personal Information.

2. About this Privacy Policy

This Privacy Policy applies to all information that Wicket may collect about You or that You may provide us in connection with your access and use of our Site and Services, as well as our social media pages, mobile apps, edge devices, and any electronic messages we receive from You or that we send You that link to this Privacy Policy (including texts, emails, or QR codes that You receive), and other communications in which You may provide Personal Information to Wicket.

This Privacy Policy does not apply to 1) information collected by any third party, including our Clients and any third party link that may be accessible from or on our Site and Services; and 2) any third party software or applications that integrate with our Site and Services.

Please read this Privacy Policy carefully to familiarize yourself with Wicket’s privacy practices and procedures. If You do not agree with this Privacy Policy, please do not access or use our Site and Services.

BY CLICKING “I AGREE TO THE USER PRIVACY TERMS DEFINED IN WICKET’S PRIVACY POLICY” WHEN REGISTERING WITH WICKET OR A PROGRAM AT A CLIENT BEING ADMINISTERED BY WICKET, OR BY ACCESSING, USING, OR INTERACTING WITH ANY PART OF OUR SITE AND SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS PRIVACY POLICY, THAT YOU UNDERSTAND IT AND ITS TERMS AND CONDITIONS, AND THAT YOU AGREE TO BE BOUND LEGALLY BY IT AND ITS TERMS AND CONDITIONS.

We may update this Privacy Policy periodically to reflect new features or changes in our personal information practices, so please check it periodically for updates. When we update this Privacy Policy, we will state the date when this Privacy Policy was most recently updated. We will provide other notice to you as required by law. Your access and continued use of our Site and Services, after we make changes to this Privacy Policy is deemed to be acceptance of those changes.

3. Compliance with Children’s Online Privacy Protection Act

Our Site and Services and its contents are intended for adults 18 years of age and are not intended for individuals under 16 years of age. We do not knowingly collect any Personal Information from individuals under 16 years of age, in compliance with the General Data Protection Regulation (GDPR). We therefore are also compliant with the Children’s Online Privacy Protection Act (COPPA), which addresses the collection of personal data of children under 13.

Individuals under the age of 16 may not use or provide any information to or through our Site and Services. If we discover that we have any information from an individual under 16, we will delete it. If You believe we might have any information from or about a child under 16, please contact us immediately at:

security@wicketsoft.com

4. Opting Into Wicket’s Facial Authentication Services

Our Facial Authentication Services verify the identity of an individual who has already provided consent to be in the system via Wicket’s opt-in procedure. Using our facial authentication technology, we analyze certain data points from your uploaded photo to create a 3D numeric representation of your face (called an “Embedding”) that is stored on our encrypted cloud servers and edge devices. The stored data cannot be reverse engineered or used to create an image of your face.

The following approach is generally used when deploying our Facial Authentication Services for our Clients:

Wicket, or a Wicket Client, will send You an invite that includes a link to register with Wicket’s Facial Authentication Services (that is entirely optional and requires your explicit consent). For example, as an Event Attendee or as an employee of a Client, You may be invited to register for our Facial Recognition Services (via a text, email, by clicking a link, scanning a QR code at a venue/facility, or by other means).
When You access the invite, You may be directed to one or more web pages to learn about our Facial Authentication Services, and choose to provide consent to use your name, email address, photo and any data derived from your photo in connection with your use of our Facial Recognition Services.
After we obtain your consent and verify your email address, You are directed to a web page to upload a current photo of yourself from your device to our Platform.
Once uploaded, our Platform evaluates your photo for approval by checking various elements, such as size, clarity, lighting, multiple faces, and filters.
We then create an Embedding of your photo, which is saved on our Platform and our edge devices at a venue or facility.
When You attend an event as an Event Attendee, or arrive at a facility for work, You can then use our Facial Authentication Services as a special check-in option, where a Wicket edge device scans your face taking measurements to create an embedding and authenticate it to Embeddings of all authorized users at that Client.
This process describes the portion of our Platform that constitutes an Artificial Intelligence System, as defined by the EU AI Act. When interacting with our Platform in this way, users should be aware they are interacting with an AI System.

5. Your Photo

Please note that when You submit a photo (selfie), we store it as a source image only on our secure cloud servers (unless You send us an email to opt-out as detailed below). We then create the Embedding of your photo, which is stored on our cloud servers and on one or more edge devices at a Client’s venue or facility. Accordingly, when You enter a venue or facility, an edge device will take measurements of your face to create an embedding which is then compared to Embeddings of all registered users at that Client. If a match is found and You have necessary permissions to proceed, You will be given appropriate access.

We do not store your source photo on any of our edge devices, but do store your embedding on the edge device, which is not usable to recreate a photo or rendering of your face. As such, anyone who inappropriately accesses an edge device will not have access to your photo, only the Embedding (i.e., the 3D mathematical representation of your photo), which cannot be recognizable as anything except a de-identified series of numbers. In addition, we take every reasonable step to limit the collection of your Personal Information to what is reasonably necessary to provide our Facial Authentication Services.

We do not share your photo, face data, or Embedding collected by our edge devices with any third parties.

6. Information We Collect and How We Collect It

We collect information from and about you, including:

Information by which You may be personally identified (“Personal Information”), such as your name, email address, phone number, and date of birth, as described above.
Biometric Information, such as, “selfie” photographs, photos on forms of identification (e.g. driver’s license, employee badge, student identification card, military identification card), video “selfies” for liveness detection.
Usage and analytics information from our Platform and edge devices, summarizing for example, the events You have attended using our Facial Authentication Services.
Information You provide when You report a problem through our Site or in connection with your use of our Facial Authentication Services.
Information that you provide in response to surveys that we might ask you to complete for research and internal business purposes.
Any email, text, or other electronic communications or messages You send us concerning our Site and Services.
Call recordings when You call our customer service phone numbers.

We collect this information:

Directly from You when You provide it to us by registering online, inquiring or requesting information about our Services, or placing an order for any of our products or Services.
Automatically from our Platform and edge devices once You enroll, and/or
From Clients, for example, if You receive an in-Platform promotion or other offer from a Client, we may be provided with your name and email address.

7. Information We Collect Through Automatic Data Collection Technologies

As You navigate through our Website (www.wicketsoft.com), we may collect certain information about you, your actions and patterns, and other-related information via automated technologies, such as cookies and web beacons.

Such information may include details of your visits to our Website, including, without limitation, traffic data, communications data, and information about your computer or mobile device.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies). A cookie is a small amount of data placed on the hard drive of your computer or mobile device. You may refuse to accept browser cookies by activating the appropriate setting on your browser or device. However, if you select this setting you may be unable to access certain parts of our Platform. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
Server Logs. A web “server log” is a record of activity created by a computer that delivers certain web pages to your browser. Certain activities that You perform on our Website may record information in server logs, such as if You enter a search term into a search box located on the Website. The server log may record, for example, the search terms or information about your browser, such as your IP address and the cookies set on your browser.
Widgets. A “widget” is generally an application that can be embedded in a web page or mobile app. Widgets can provide real-time information to the Website.

In addition, when you visit our Website at www.wicketsoft.com, or use our Platform, we collect information about your computer, device, equipment, browsing actions, and patterns using Heap. This information may include, but is not limited to:

Usage Information. Information relating to your use of our Site and Services.
Device Information. Information about your computer, device, mobile phone, and internet connection, such as your IP address, operating system, and browser type.
Auto-Fill Information. Information You enter or provide through our Website or provide in response to actions You have taken on our Website (such as information You enter on one or more of our Site forms or in response to actions You take on our Site). Such information may include, but not limited to login information, addresses, phone numbers, emails, and communications.

Please note that we do not combine the information collected through the use of Heap with your Personal Information we may have collected as part of your opt-in to our Platform. Please note that Heap’s ability to use and share information collected by Heap about your visits to our Site is restricted by the Heap Terms of Use and the Heap Privacy Policy. You can prevent Heap from recognizing You on return visits to the Site by disabling cookies on your browser.

The information we collect automatically is used to help us improve our Website and continue to deliver an improved experience.

8. Third-Party Content and Tracking Technologies

Our Platform and/or Website may include content from our Clients. Clients may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about You when You click on this content. We do not control our Client’s tracking technologies or how they may be used. If You have any questions about a Client’s advertisement or content, You should contact the Client directly.

Please note that once You leave our Platform or Website, You are no longer governed by this Privacy Policy.

9. How We Use Your Information

We will only use information that we collect about You or that You provide to us, including any Personal Information, for purposes described in this Privacy Policy and when applicable law allows us to do so. We will generally use your information to:

Perform and manage our enrollment process, including verifying email addresses of our users.
Operate and administer our Facial Authentication Services, including performance of a contract with any of our Clients, where we need to disclose Personal Information about Event Attendees or employees to perform our obligations under our contract with the Client.
Comply with and enforce applicable legal requirements and policies, including this Privacy Policy, or where we need to comply with a legal or regulatory obligation, and/or
Provide Services to users after they have given their consent (which can be withdrawn at any time).

We also use information that we collect about You or that You provide to us, including any Personal Information, for the following purposes:

To provide You with our Facial Authentication Services, including, for example, verifying your email address and using your photo to create and authenticate an Embedding.
To offer our Site and Services and its contents to you.
To send You information about products and services of ours that we think You might like.
To provide You with information and technical support.
To provide You with notices about your account.
To fulfill any other purpose for which You provide it.
To notify You about changes to our Site and Services.
To enhance the performance, safety, and security of our Facial Authentication Services.
To allow You to participate in interactive features on our Website and/or mobile app, and/or
For any other purpose with your consent.

If You have agreed to receive marketing communications from us, You can always opt out at any time.

10. Disclosure of Your Information

Except as provided in this Privacy Policy, Wicket will not disclose, transfer, sell, trade, rent, or otherwise provide your Personal Information to any third party.

We may disclose information that we collect about You or that You provide us, including Personal Information, to the following third-parties and in the following circumstances:

To our Clients.
To our subsidiaries and affiliates, for purposes consistent with this Privacy Policy.
To service providers, contractors, and other third parties we use to support our Facial Authentication Services and our business.
To a potential or actual buyer. assignee or other successor (including its related advisors and agents) in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Wicket’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information held by Wicket about users of our Website and Platform services is among the assets that may be or are actually transferred.
To fulfill the purpose for which You provide it.
For any other purpose disclosed by us when You provide the information.
To comply with any court order, law, ordinance, valid warrant, valid subpoena, or legal process, including to respond to any government or regulatory request.
To enforce our rights arising from any contracts entered between You and us, including for billing and collection, and/or
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Wicket, our customers, or others.

Please note that once we disclose your information in one of the above-listed circumstances, the information received by the other company is controlled by that company and becomes subject to the other company’s privacy practices.

11. Choices About How We Use and Disclose, Retain and Destroy Your Information

We strive to provide You with choices regarding the Personal Information You provide to us. Please note that You can always choose not to provide information, even though that means You might not be able to access or use our Site and Services. In addition, we have created mechanisms to provide You with the following control over your Personal Information as detailed below.

Opting Out of Facial Authentication Services. Your data and information are only included in our Facial Authentication Services Platform if You have actively opted in and shared your information with us. If You have provided the opt-in and are registered for our Facial Authentication Services Platform, but reconsider and wish to opt-out, You can easily do that at any time by emailing us at access-optout@wicketsoft.com. Once You opt-out, all your information, including your source photo, will be permanently deleted within one (1) week of You notifying Wicket directly or one week of a Client notifying Wicket if You choose to opt out by notifying the Client.
Tracking Technologies and Advertising on Website. You can set your browser to refuse all or some browser cookies, or to alert You when cookies are being sent. To learn how You can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If You disable or refuse cookies, please note that some parts of our Site and Services may then be inaccessible or not function properly.

12. Your Data Protection Rights

Wicket is dedicated to safeguarding the personal data of our customers and employees. In accordance with this commitment, we comply with the principles of the GDPR when collecting, utilizing, and handling personal data. This includes:

Adherence to principles of legality, fairness, and transparency
Limiting data collection to specific purposes
Minimizing the amount of data collected
Ensuring accuracy
Limiting data storage
Maintaining integrity and confidentiality
being accountable for data protection

In accordance with these principles You have certain data protection rights:

Accessing and Correcting Your Information. You can request access to or correction of any of the information You have provided to us, including Personal Information. We will use commercially reasonable efforts to honor your request. We may not accommodate a request to change your information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. We may charge a small fee to complete your request.
Erasing Your Information. You can also request that we erase your data under certain conditions, including by deleting your account or contacting us.
Transferring Your Information. You have the right to request that we transfer your information directly to You or to another organization under certain conditions.
Objecting to or Restricting Processing. You can object to our processing of your information, and You may request that we restrict the processing of your data in certain circumstances.

To exercise any of these rights or to inquire about these rights, please email us at security@wicketsoft.com.

If You are an EU or UK citizen you may submit a Subject Access Request (SAR) to gdpr@wicketsoft.com or use the following contact information.

Our EU Representative
Under Article 27 of the GDPR, we have appointed an EU Representative to act as our data protection agent. Our nominated EU Representative is:

Instant EU GDPR Representative Ltd.
Adam Brogden
contact@gdprlocal.com
Tel +35315549700

Office 2, 12A Lower Main Street, Lucan Co.
Dublin K78 X5P8 Ireland
Our UK Representative
Under Article 27 of the UK Data Privacy Act, we have appointed a UK Representative to act as our data protection agent. Our nominated UK Representative is:

GDPR Local Ltd.
Adam Brogden
contact@gdprlocal.com
Tel +44 1772 217800

1st Floor Front Suite 27-29 North Street, Brighton
England

If You are an EU/UK citizen and You believe we are violating your rights, You can file a complaint with your local supervisory authority. If You are a resident of the United Kingdom, You can lodge a complaint with the UK Information Commissioner’s Office:

https://ico.org.uk/for-the-public

13. Data Controller and Processors

When we collect information from you, we may be doing so on our own behalf (in which case we will be considered a “controller” of your data), or on behalf of an Wicket Client who is using our Facial Authentication Services in connection with access to an venue, event, or facility and manage access-related activities (in which case, the Client will be the “controller” and Wicket will be considered a “processor” of your data). In either case, Wicket may collect and use your Personal Information as described in this Privacy Policy. We use trusted third parties as our sub-processors for technical and organizational purposes, including for payments and email marketing. We use reasonable efforts to make sure our sub-processors are GDPR-compliant, via the use of Data Processing Agreements (DPA) and other means.

14. Storage, Retention, and Transfer of Your Information

We may store data or other information that we collect about you, including Personal Information, in our databases and servers maintained by us, our affiliates, agents or service providers (sub-processors). If You access or use our Website and Platform services outside of the United States, information that we collect about You may be transferred to servers inside the United States, which may involve the transfer of information out of countries located in the European Economic Area (EEA) and other parts of the world unless otherwise prohibited by applicable law or agreed by Wicket and you. All transfers of data from the EEA to the US are governed by GDPR-compliant signed DPAs. By allowing Wicket to collect information about you, You consent to such transfer and processing of such information without restriction. We may also store some information locally on your computer or other devices. For example, we may store information as local cache so that You can open the Site and view its content faster.

In the event we store your data or information while operating as a “controller”, we will retain it only for the length of time needed to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we store your data or information while operating as a “processor” for our Client, it will be retained in accordance with this Privacy Policy, and no longer than 90 days after termination of our contract with our Client. In addition, application settings within our Platform allow our Client (the controller) to enforce the purging of your data on a predetermined schedule, which is determined by the Client. The purging schedule is based on your most recent use of our Facial Authentication Services.

15. Data Security & Storage

We understand that the security of your Personal Information is important. We have implemented reasonable technical and physical measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information You provide to us is stored on our secure servers behind firewalls at rest and in transit. The safety and security of your information also depends on you. Where we have given You (or where You have chosen) a password for access and use of certain parts of our Site and Services, You are responsible for keeping this password confidential. We ask You not to share your password with anyone.

All Personal Information collected will be protected from disclosure using a reasonable and appropriate standard of care recognized within the industry and to the same degree as Wicket’s confidential and sensitive information.

Unfortunately, the transmission of information via the internet is not completely secure; however, we implement additional generally accepted industry standards to protect your Personal Information; however, we cannot guarantee the security of your Personal Information transmitted to our website. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures.

16. Privacy Rights for US States

If You are a California resident, the California Consumer Privacy Act of 2018, as amended on January 1, 2023, (“CCPA”) may grant You the following rights:

16.a. California

California Consumer Privacy Act (“CCPA”). The CCPA (as amended by the California Privacy Rights Act) gives California residents enhanced rights with respect to their Personal information that is collected by businesses. The CCPA also provides that California consumers can opt out of the “sale” or “sharing” of their Personal Information for certain purposes. Please note, however, that Wicket does not sell or share your Personal Information.

In accordance with the CCPA, the follow disclosures provide additional information about (1) the categories of Personal Information we collect; (2) the sources from which we collect Personal Information; (3) the purposes for collecting and disclosing Personal Information; and (4) the categories of third parties to whom each category of Personal Information is disclosed for a “business” purpose. Nothing in this section limits our ability to collect, use or disclose Personal Information as described elsewhere in this Privacy Policy for US residents.

In the previous 12 months we have collected and disclosed for business purposes the following categories of Personal Information:

Category	Examples	Collected	Categories of Third Parties to Whom We Disclose for a Business Purpose	Sold or Shared
A. Identifiers	Name, postal address, e-mail address, IP address.	Yes. Please refer to Sections 6 and 7 of this Privacy Policy for details.	Vendors and Service Providers	No
B. Personal information categories listed in the California Customer Records statute	Name, telephone number, credit card and debit card information or other financial information	Yes for non-financial information. No credit or debit card information is collected. Please refer to Sections 6 and 7 of this Privacy Policy for details.	Vendors and Service Providers	No
C. Protected classification characteristics under California or federal law	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, gender, sexual orientation, veteran or military status, genetic information (including familial genetic information).	Yes only for Age. No for every other category. Please refer to Sections 6 and 7 of this Privacy Policy for details.	Vendors and Service Providers	No
D. Commercial information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	No	N/A	No
E. Biometric information	Genetic, physiological, biological or behavioral characteristics.	Yes	Vendors and Service Providers	No
F. Internet or other similar network activity	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	Yes. Please refer to Sections 6 and 7 of this Privacy Policy for details.	N/A	No
G. Geolocation data	Physical location or movements.	No	N/A	No
H. Sensory data	Audio, electronic, visual, thermal, olfactory, or similar information.	Yes only for Visual (photos). Please refer to Sections 6 and 7 of this Privacy Policy for details	Vendors and Service Providers	No
I. Professional or employment-related information	Current or past job history or performance evaluations.	No	N/A	No
J. Non-public education information collected by certain federally funded institutions	Education records directly related to a student maintained by an educational institution or party acting on its behalf.	No	N/A	No
K. Inferences drawn from other personal information	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	No	N/A	No
L. Sensitive Information	Government identifiers (social security, driver’s license, state identification card, or passport number) Complete account access credentials (user names, account numbers, or card numbers combined with required access/security code or password) Precise geolocation Racial or ethnic origin Religious or philosophical beliefs Union membership Genetic data Mail, email, or text messages contents not directed to us Unique identifying biometric information Health, sex life, or sexual orientation information	Yes only for Unique identifying biometric information.No for every other category. Please refer to Sections 6 and 7 of this Privacy Policy for details.	Vendors and Service Providers	No

The CCPA grants California consumers the following rights:

Information. You can request information about how we have collected, used and shared your Personal Information during the past 12 months, including: (1) the categories of Personal Information we’ve collected; (2) the categories of sources from which we got the information; (3) the business purposes for sharing Personal Information; and (4) the categories of third parties with whom we’ve shared Personal Information.
Access. You can request a copy of the Personal Information that we maintain about you.
Deletion. You can ask to delete the Personal Information that we maintain about you.
Opt out. You can opt out of automated decision-making or the sale or sharing of your Personal Information. However, we do not conduct automated decision-making or sell or share Personal Information for purposes of the CCPA.
"Sensitive" Personal Information. The right to limit use and disclosure of Sensitive Personal Information.

To exercise any of these CCPA rights you may call us at (800) 390-9009 or email: access-optoutcalifornia@wicketsoft.com. The email subject line and/or the content of your request should refer to the phrase “Your California Privacy Rights,” and include your name and email address. We will confirm receipt of your request within 10 business days. We will endeavor to provide the requested information or delete your Personal Information within 45 days of receipt of your request, but we can use up to an additional 45 days if we let you know that additional time is needed. Requests sent via written mail or facsimile will not be accepted.

Please note, the CCPA may limit Your rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to You.

Verification of your Identity. To verify your identity prior to responding to your requests, we may ask You to confirm the information that we have on file about You or your interactions with us. The verifiable request must: (1) provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; and (2) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. If we ask for additional Personal Information to verify your identity, we will only use it to verify your identity or your authority to make the request on behalf of another consumer. You may only make a verifiable request for access or data portability twice within a 12-month period. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to You.

Authorized Agents. California residents can empower an “authorized agent” to submit requests on their behalf. If You do so, we may require the agent to present a signed written permission to act on your behalf for this purpose. In addition, You may still be asked to provide independent verification of your identity and confirm that You have provided permission to submit your request.

Other California Rights

As provided by California Civil Code 1798.83 (“Shine The Light Act”), if you are a California resident, you have the right to receive (a) information identifying any third party company(ies) to whom we have disclosed your Personal Information to third parties for their marketing purposes to in the past 12 months, if any; and (b) a description of the categories of Personal Information disclosed. To obtain such information, please email your request to: security@wicketsoft.com with “Shine The Light Privacy Rights Request” in the subject line.

For California residents under the age of 18 and registered users, California law (Business and Professionals Code § 22581) provides that you can request the removal of content or information you posted on our website. Any such request should be sent to us at: security@wicketsoft.com along with a description of the posted content or other information to be removed. Be advised, however, that other applicable law may not permit us to completely or comprehensively remove your deleted content or for other reasons as set forth in this California law.

16.b. Other States and Privacy Rights

Recent other US State consumer privacy laws may provide their residents with similar rights regarding our use of their Personal Information, such as:

Confirm whether we collect and process their Personal Information
Access and delete certain Personal Information
Data portability
Correct inaccuracies in their retained Personal Information
Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects, and
Opt-out of selling or sharing Personal Data processing for online advertising and sales.

To the extent applicable, we will honor these requests. Please send an email to: security@wicketsoft.com or call us at: (800) 390-9009.

For all verifiable requests under applicable State law, we will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact us at security@wicketsoft.com.

We will endeavor to respond to a verifiable consumer request within forty-five (45) days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

As of the Effective Date of this Privacy Policy listed above, the following US States have enacted consumer privacy laws applicable to their residents:

State Privacy Law	Effective Date
Colorado Privacy Act	July 1, 2023
Connecticut Data Privacy Act	July 1, 2023
Delaware Personal Data Privacy Act	January 1, 2025
Iowa Consumer Data Protection Act	January 1, 2025
Montana Consumer Data Privacy Act	October 1, 2024
Oregon Consumer Privacy Act	July 1, 2024
Tennessee Information Protection Act	July 1, 2024
Texas Data Privacy and Security Act	July 1, 2024
Utah Consumer Privacy Act	December 31. 2023
Virginia Consumer Data Protection Act	January 1, 2023

Wicket will comply as applicable with additional US State privacy laws as they become effective.

In addition, Nevada law (SB 220) requires website operators to provide a way for Nevada consumers to opt out of the sale of certain information that the website operator may collect about them. Wicket does not sell your Personal Information to third parties as defined in Nevada law and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law.

16.c. Illinois Biometric Law

For Illinois residents, in accordance with the Illinois Biometric Information Privacy Act (BIPA), Wicket will retain your biometric data per Section 14 of this Privacy Policy and only until the occurrence of the first of the following: a) The initial purpose for collecting or obtaining such biometric data has been satisfied; or b) Three years following your last interaction with Wicket.

16.d. Texas Biometric Law

For Texas residents, in compliance with the Texas Capture or Use of Biometric Identifier Act (CUBI), Wicket will retain your biometric data per Section 14 of this Privacy Policy and only until the initial purpose for collecting or obtaining such biometric data has been satisfied. Your biometric data will be permanently deleted within one year after such time. Wicket will not sell, lease, or disclose your biometric data to any third party.

17. Contact Information

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

Wicket, LLC
1 Broadway, 14th Floor
Cambridge, MA 02142

Email address: security@wicketsoft.com

FACIAL AUTHENTICATION

Event Entry

Payments

Access Control

WHO WE SERVE

Sports

Live Events

Secure Facilities

College Sports

Aviation

Healthcare

LEARN

Who We Are

Wicket News

Press Coverage

RESOURCES

Security & Privacy

Case Studies

Partners

Blog

Careers