Privacy Policy

Updated as of April 29, 2021


NineBx, Inc. (“Company”) values your privacy and is committed to maintaining your trust. We provide this Privacy Policy to inform you of our policies and procedures regarding the collection, use, and disclosure of personally identifiable information received from users of our mobile application, Sortifyd (“App”), website located at www.sortifyd.com (the “Website”), and all of the Company’s other products and/or services, interactive features, widgets, and/or other online services that post a link to this Privacy Policy, and all content offered as a part thereof (collectively referred to as the “Services”).

Use and Sharing of Personal Information

By means of this Privacy Policy, our Company would like to inform the general public of the nature, scope, and purpose of the Personal Information we collect, use and process.

Personal Information. You provide your personal information1, such as your name and e-mail address (“Personal Information” or “Personal Data”) when you register for an Account with the Company or otherwise use the Company’s App, Website, and/or Services. This information is voluntarily supplied by you, or supplied by an authorized third party

Processing of Personal Information. The processing of your Personal Information by the Company is always compliant with US-based privacy laws. For example, we may use and/or share your Personal Information:

To respond to your inquiries and your requests regarding our App, Website, and/or Services.
To send you information regarding our services and changes to our terms, conditions, and policies.
To complete your Account registration, process your payments, and communicate with you regarding your purchase of our Services
To send you marketing communication and newsletters about our App, Website, and/or Services. The Company likes to keep its users, personnel and other interested parties informed of Company developments of interest to them. If you do not wish to receive these notifications, please let us know by emailing support@sortifyd.com.
To personalize your experience on our App, Website, and/or Services.
To inform you and allow you to participate in our Company’s questionnaires, surveys, and/or promotions.
To collaborate with business affiliates, partners, vendors, or service providers to provide you with our App, Website, and/or Services.
In connection with our business purposes, as described above, including but not limited to data analysis, audits, fraud monitoring and prevention, developing or enhancing new and existing products and/or services, expanding our business activities, etc.

We will not use and/or share your Personal Information:

With anyone except for those persons that you authorize to share your Account and the Company’s authorized service providers2, business affiliates3, and business partners4, but strictly for business purposes; or unless we specifically inform you, and give you an opportunity to opt out of our sharing your Personal Information.
To run interest-based advertising campaigns that collect Personal Information such as email addresses, telephone numbers, and credit card numbers.
To use or associate Personal Information with remarketing lists, cookies, data feeds, or other anonymous identifiers.
To use or associate targeting information, such as demographics or location, with any Personal Information collected from the ad or its landing page.
To share any Personal Information with Google or third party companies through our remarketing tag or any product data feeds that might be associated with our ads
To send Google or third party companies precise location information without obtaining your consent.

Reservation of Rights. However, we reserve the right to disclose Personal Information that we believe, in our sole discretion, to be necessary or appropriate in the following circumstances:

As required by law, such as to comply with a subpoena, or similar legal process.
When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
To enforce our Terms of Use.
To allow us to pursue available remedies or limit the damage we may sustain.


(1) Personal Information. “Personal Information” may include, but is not limited to information that identifies you as an individual or relates to an identifiable person, such as name, postal address, telephone number, email address, etc. The Company does not collect any Personal Information from visitors that is not voluntarily provided. The Company only collects your Personal Information if you register for an account with the Company, when you use the Company’s App, Website, and/or Services, and/or when you send the Company communications in connection with your use of the App, Website, and/or Services.
(2) Authorized service providers are companies that perform certain services including, but not limited to, fulfilling orders, processing credit card payments, delivering packages, providing customer service and marketing assistance, performing business and sales analyses, supporting the functionality of the Services, and supporting contests, sweepstakes, surveys and other features we offer, on our behalf. These service providers may have access to your Personal Information, but to the extent necessary to perform or fulfill their business purpose. We do not permit them to share or use any of your Personal Information for any other purpose.
(3) Affiliate businesses are those businesses with whom we may affiliate to sell our products or Services. We may share information we collect, including Personal Information, with affiliated businesses. Sharing such information with our affiliates enables us to provide you with information about a variety of products and Services that might interest you. We instruct all affiliated businesses to comply with applicable privacy and security laws and, at a minimum, in any commercial e-mail they send to you, to give you the opportunity to choose not to receive such email messages in the future.
(4) Business partners are typically merchants offering the products, services, promotions, contests and/or sweepstakes in connection with or somehow related to our own products and Services. We will not share your Personal Information with business partners unless you choose to participate in their offer or program. When you choose to engage in a particular offer or program, you authorize us to share your email address and other Personal Information with the relevant business partner.

General Data Protection Regulation

By way of this Privacy Policy, the Company informs users of its App, Website, and/or Services who are European Union (EU) data subjects of the rights to which they are entitled, and the recourse they may seek if they have any questions regarding the collection, use, and processing of their Personal Information. The processing of Personal Information that is voluntarily supplied by you, or supplied by an authorized third party, shall always be in line with the General Data Protection Regulation (“GDPR”), and in accordance with the country-specific data protection regulations applicable to the Company. Specifically,

Your Privacy Rights under the GDPR

The GDPR includes the following rights for EU data subjects who provide their information to the Company in connection with the App, Website, and/or Services:

The right to be informed about how we store, use, or share your data;
The right to access your data;
The right to rectify your data;
The right to have us erase your data;
The right to prevent us from processing your data;
The right to request copies of your data from us5 in a commonly-used and machine-readable format, free of charge, for the purposes of transfer to a third party, where technically feasible;
The right to object to use or sharing of your data; and
The right not to be subject to automated decision-making, including profiling.


(5) You may email us with requests at support@sortifyd.com.

Data Controller

The “data controller,” as defined under the GDPR, is the legal entity which determines the purposes and means of the processing of Personal Information provided in connection with your use of the App, Website, and/or Services. The Company is the “data controller,” but Apple or Google are the Payments Data Controllers, as the Company does not process any payments itself. The Company is responsible for collecting your consent, managing consent-revoking, enabling right to access, etc. as related to your Personal Information and Account access. If you wish to revoke consent for us to store, use, or share your Personal Information, you may contact us at support@sortifyd.com. Upon receipt of your email, we will terminate your Account under the provisions of the Terms of Use.

Data Processor

The GDPR defines “data processor” as the legal entity that processes your Personal Information. The Company is the “data processor.” The Company has not retained any third-party service provider to process your Personal Information. Any processing of Personal Information shall be done solely by the Company. The Company maintains records of any processing activities it performs, and is able to show how the Company complies with data protection principles under the GDPR. It has effective policies and procedures in place. If you have questions regarding the processing of your Personal Data, you may contact us at support@sortifyd.com.


The Company has reasonable internal policies and procedures in place to effectively detect, report, and investigate a data breach. The GDPR defines a Personal Information breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information.” The Company will notify you of a Personal Information breach where the Personal Information breaches are likely to present a risk to data subjects to data protection authorities (“DPAs”) without undue delay, and within 72 hours if feasible, after becoming aware of the breach; and communicate high-risk breaches to affected data subjects without undue delay. The Company will provide you with: (i) contact details of the Data Protection Officer (DPO) or other contact person, (ii) a description of the nature of the breach, (iii) likely consequences of the breach, (iv) measures the organization has taken or proposes to take to address the breach, and (v) advice on steps data subjects can take to protect themselves.

Data Protection Officer

The Company is not formally required to designate a Data Protection Officer (“DPO”) because it is not: (1) a public authority; (2) an organization that carries out regular and systematic monitoring of individuals on a large scale; or (3) an organization that carries out large scale processing of special categories of data, such as health information or information about criminal convictions. If you have any questions about how the Company protects your data, you may email support@sortifyd.com.

Data Retention/Erasure

We will retain your Personal Information, as defined herein, for as long as needed to provide the applicable Services, or for a minimum period of four (4) years. If, at any time after agreeing to this Privacy Policy, you:

(1) change your mind about receiving information from us;

(2) wish to revoke permission for us to retain and use your Personal Information;

(3) wish to object to processing of your Personal Information; or

(4) wish for us to erase a copy of your data, please uninstall the App from all devices, and make a request to the Company at support@sortifyd.com.

If you request erasure of your Personal Information, we may retain some of your Personal Information only for legitimate business interests, such as fraud detection, prevention, and enhancing the safety of our App, Website, and/or Services; and to comply with our legal obligations, specifically our tax, legal reporting, and auditing obligations.

Our Response to Your Requests

If you make any requests regarding your Personal Information, we will not charge you for compliance with the request. The Company will respond and comply within one month. The Company reserves the right to refuse or charge for requests that are manifestly unfounded or excessive. If we refuse your request, we will tell you why we are refusing your request. You have the right to complain to the relevant supervisory authority and to a judicial remedy, but you must do so within one month of our refusal.


Without prejudice to any other administrative or judicial remedy, every EU data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement of the data subject considers that the processing of Personal Information relating to him or her infringes this Regulation.

Data Protection Impact Assessment (DPIA)

The Company is not required to undergo a DPIA because data processing is not likely to result in a high risk to data subjects, such as in cases where: (1) new technology is being deployed; (2) profiling operations may significantly affect individuals; or (3) processing is on a large scale and involves special categories of data.

Legitimate Business Interest under the GDPR

Our use of your Personal Information is based on the legitimate business grounds that:

The use is necessary in order to fulfill our commitments to you under our Terms of Use or other agreements with you or is necessary to administer your account – for example, in order to enable access to our App, Website, and/or Services on your device or charge you for our Services;
The use is necessary for compliance with a legal obligation;
The use is necessary in order to protect your vital interests or those of another person or entity;
We have a legitimate interest in using your information – for example, to provide and update our App, Website, and/or Services, to improve our App, Website, and/or Services so that we can offer you an even better user experience, to safeguard our App, Website, and/or Services, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our App, Website, and/or Services, and to personalize your experience; and/or
You have given us your consent.

Your California Privacy Rights

By way of this Privacy Policy, the Company informs users of its App, Website, and/or Services who are California residents of the rights to which they are entitled, and the recourse they may seek if they have any questions regarding the collection, use, and processing of their Personal Information. The processing of Personal Information that is voluntarily supplied by you, or supplied by an authorized third party, shall always be in line with the foregoing California privacy laws applicable to the Company. Specifically:

California “Shine the Light” Law

Under California Civil Code Section 1798.83, California customers are entitled to request information relating to whether a business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. This code section applies to businesses with 20 or more full or part-time employees.

You may request and obtain from us once a year, free of charge, certain information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of Personal Information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to support@sortifyd.com.

California Consumer Privacy Act

This law applies to any business that has more than $25 million in revenue, or buys or sells the personal information of 50,000 or more consumers, or derives 50 percent or more of its annual revenue from selling consumers’ personal information, and that does any amount of business in the State of California. Our Company does not need to comply with the California Consumer Privacy Act, but does so as a courtesy to California residents.

If you are a California resident, the processing of certain personal data about you may be subject to the California Consumer Privacy Act (“CCPA”) and other applicable California state privacy laws. Beginning January 1, 2020, the CCPA gives you certain rights with respect to the processing of your personal data (known as “personal information”, as described under the CCPA).


Under the CCPA, you may have a right to request information about our collection, use, and disclosure of your personal information over the prior 12 months, and ask that we provide you with the following information:

Categories of and specific pieces of personal information we have collected about you.
Categories of and specific pieces of personal information we have collected about you.
Purposes for collecting, using, or selling personal information.
Categories of third parties with which we share personal information.
Categories of personal information disclosed about you for a business purpose.
If applicable, categories of personal information sold about you and the categories of third parties to which the personal information was sold, by category or categories of personal information for each third party to which the personal information was sold.


You may also have a right to request that we delete personal information, subject to certain exceptions.


In the preceding 12 months, we may have disclosed certain personal information to the categories of recipients listed in this Privacy Policy for one or more business purposes, also listed in this Privacy Policy.

If you are a California resident and would like to make a verifiable request for information about the personal information we have collected from or about you or would like to submit a request for deletion of such personal information, please submit your request in writing to support@sortifyd.com.

Collection of Other Information

Personally Non-Identifiable Information: We may collect personally non-identifiable information, including but not limited to demographic data, age, education level, profession, geographic location or gender, from you on our App, Website, and/or Services. This information is not, by itself, sufficient to identify or contact you. The Company may store such information, or it may be included in databases owned and maintained by partners, affiliates, agents, or service providers of the Company. The Company may use such information and pool it with other information to track data related to growing the business, such as the total number of visitors to our App, Website, and/or users of our Services, and the domain names of our visitors’ Internet service providers.

Location-Based Information: Our App, Website, and/or Services may use location-based services in order to locate you so we may verify your location, deliver you relevant content based on your location as well as to share your location with our vendors as part of the location-based services we offer. We may, from time to time provide settings in the App, Website, and/or Services that permit you to disable location-based services. Changing setting options may not result in immediate changes to the settings, which are subject to our operations and maintenance schedules. Users should carefully consider the use of such settings to improve information display options and to ensure the settings are properly set and functioning in the manner desired. Notwithstanding the availability of privacy preference settings, you should be aware that these settings are for convenience only, do not employ complex data security protection and may not be error free. However, please note that we will only directly provide third parties we work with access to your exact location information if you first give us permission to do so. You should consider the risks involved in disclosing your location information to other people.

Passively Collected Information: Your visit to our App, Website, and/or Services may allow us to obtain certain additional, personally non-identifiable information that is collected passively using various technologies. This information includes but is not limited to, for example, IP addresses, browser and/or device types, date and time of page views, location information associated with your IP address, domain names, your interactions to an ad delivered by us or our ad technology partners and other anonymous statistical data involving your use of the App, Website, and/or Services. This information cannot presently be used to specifically identify you.

Aggregated Personal Data: The Company may analyze your Personal Information provided through the App, Website, and/or Services, in aggregate form. This aggregate information does not identify you personally. We own and may share this aggregate data with our partners, affiliates, agents, or service providers for business purposes. We may also disclose aggregated statistics to explain our Services to current and prospective business partners, and to other third parties for other lawful, business-related purposes.

Customer Credit Card Information: The Company uses a third party, Google or Apple, to keep a protected copy of your credit card number. The Company does not possess or store your credit card number. By utilizing the Services, you authorize the Company to bill you for Services rendered through its third-party payment processors, Google and Apple.

Push Notifications/Alerts

We may send push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings within our mobile apps or your device settings or by uninstalling our apps from your device. However, this will limit certain features or functions of our provision of Services to you

Uninstalling the App

Users can stop all collection of information, including Personal Information, by the App by uninstalling the App on their devices.


We may, either directly or through third party companies and individuals we engage to provide services to us, also:

Track your use of our App, Website, and/or Services for purposes of our own customer support, analytics, research, product development, fraud prevention, risk assessment, regulatory compliance, investigation, etc.
Track your use of the App, Website, and/or Services to enable you to use and access the App, Website, and/or Services, and pay for your activities on the same.
Track your behavior on our own App, Website, and/or Services to market and advertise our services to you on our platforms and third party platforms. You may learn more about how to opt out of receiving advertisements by visiting the Network Advertising Initiative http://www.networkadvertising.org/choices/ and/or the Digital Advertising Alliance http://www.aboutads.info/choices/. Please note that even if you choose to opt-out of receiving targeted advertising, you may still receive advertising on the App, Website, and/or Services, more generally. The advertising will simply not be targeted or specific to your interests.

Tracking Technologies on our Website

The Company may use the foregoing technologies to track your activity on our Website:

Cookies: When you visit our Website or otherwise interact with the Service, we may send one or more “cookies” to your computer or other devices. Cookies are alphanumeric identifiers stored on your computer through your web browser and are used by most websites to help personalize your web experience. Some cookies may facilitate additional site features for enhanced performance and functionality such as remembering preferences, allowing social interactions, analyzing usage for site optimization, providing custom content, allowing third parties to provide social sharing tools, and serving images or videos from third party websites. Some features on this site will not function if you do not allow cookies. We may link the information we store in cookies to any Personal Information that you submit while visiting our Website.

We may use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies enable us to track and target the interest of our users to enhance the experience on our site.

Functional cookies, persistent and session type, store information to enable core site functionality, such as Live Chat and user ID remembrance.

Analytics cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our site and our marketing campaigns.

Advertising cookies may be set through our Website by our advertising partners. Data may be collected by these companies that enable them to serve up advertisements on other sites that are relevant to your interests.

If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to automatically decline cookies, or be given the choice of declining or accepting the transfer to your computer of a particular cookie (or cookies) from a particular site. You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html .

If you reject cookies, you may still use our site, but some features on the site will not function properly.

Web Beacons: Web beacons are electronic files that signal when a webpage, advertisement, video, other content, an email or newsletter has been viewed. They are usually invisible to you. We may use web beacons alone or in conjunction with cookies to compile information about our Service. Web beacons may be used to track email open rates, web page visits or form submissions. In some cases, we tie the information gathered by web beacons to your Personal Information to gauge the effectiveness of certain communications and our marketing campaigns.

Log Files: A Log File is a file that records either events that occur in an operating system or other software runs, or messages between different users of a communication software. Log file information is automatically reported by your browser or mobile application each time you access the Website or our Services. Along with cookies and web beacons, log files help provide additional functionality to the Website and Services and help us analyze Website and Services usage more accurately. We and our third party tracking-utility partners may use log files on our Website to gather automatically gather and store information including, but not limited to, internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data, for business purposes.

Embedded Scripts: An embedded script is programming code that is designed to collect information about your interactions with the Service, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are connected to the Service, and is deactivated or deleted thereafter.
Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plugins, system fonts and other data, for purposes of identification.

Do Not Track: Your browser setting may allow you to automatically transmit a “Do Not Track” signal to websites and online service you visit. The Company’s Website does not respond to “Do Not Track” signals or other mechanisms from a visitor’s browser. If, in the future, we create a program or protocol to respond to such web browser “Do Not Track” signals, we will inform you of the details of that protocol in this Privacy Policy. To find out more about “Do Not Track,” please visit https://www.allaboutdnt.com.


We analyze trends, administer the site, track users’ movements around the App, Website, and/or Services and gather demographic information about our user base. We and our third party tracking-utility partners use log files to automatically gather certain information, including but not limited to internet protocol (“IP”) addresses, browser and device types, internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data, for analytics purposes.

Google Analytics: As previously mentioned, we and our third party tracking-utility partners use log files on our Website to automatically gather certain information, including but not limited to internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data, for analytics purposes. On this Website, the Company has integrated the component of Google Analytics. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of the Google Analytics component is to analyze the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our Website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.

Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyze the use of our website. With each call-up to one of the individual pages of this Internet site, which is operated by the controller and into which a Google Analytics component was integrated, the Internet browser on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online advertising and the settlement of commissions to Google. During the course of this technical procedure, the enterprise Google gains knowledge of Personal Information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.

The cookie is used to store Personal Information, such as the access time, the location from which the access was made, and the frequency of visits of our Website by the data subject. With each visit to our Internet site, such Personal Information, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. These Personal Information are stored by Google in the United States of America. Google may pass these Personal Information collected through the technical procedure to third parties.

The data subject may, as stated above, prevent the setting of cookies through our Website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.

In addition, the data subject has the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of this Website, as well as the processing of this data by Google and the chance to preclude any such. For this purpose, the data subject must download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics through a JavaScript, that any data and information about the visits of Internet pages may not be transmitted to Google Analytics. The installation of the browser add-ons is considered an objection by Google. If the information technology system of the data subject is later deleted, formatted, or newly installed, then the data subject must reinstall the browser add-ons to disable Google Analytics. If the browser add-on was uninstalled by the data subject or any other person who is attributable to their sphere of competence, or is disabled, it is possible to execute the reinstallation or reactivation of the browser add-ons.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy and under http://www.google.com/analytics/terms/us.html . Google Analytics is further explained under the following Link: https://www.google.com/analytics .

Mixpanel We use Mixpanel, a service that provides marketing analysis of the App.

MixPanel is owned by Mixpanel Inc., a corporation which is incorporated under the laws of the State of Delaware, USA. The Operator of MixPanel is MixPanel Inc., 405 Howard Street, 2nd Floor, San Francisco, CA 94105, USA.

Mixpanel analyzes how visitors arrive at and use the App, and provides us with statistical reports on activity vis a vis the App. The information generated by the cookies or other technologies about your use of the Services (including IP address) (the “Analytics Services Information”) is transmitted to Mixpanel and potentially stored on servers in the United States. Mixpanel will use the Analytics Services Information to compile reports on the activity on the App for us.

Further information on Mixpanel’s use of the Analytics Services Information is governed by the Mixpanel Terms of Use and the Mixpanel Privacy Policy (http://mixpanel.com/privacy). You may refuse the transmission of your Analytics Service Information by opting out on http://mixpanel.com/optout , however please note that you will delete the opt out cookie when you delete your Cookies in your browser settings. Please note that we cannot control the use of your Analytics Service Information by Mixpanel.


The Children’s Online Privacy Protection Act of 1998 (COPPA) and its accompanying FTC regulation protect the privacy of American children aged 13 and under, who are using the Internet. The GDPR sets the age at which an EU child can give their own consent in order to process their Personal Data at 16 years of age.




(3) IF UNDER 16 YEARS OF AGE, YOU WERE INVITED TO USE OUR APP, WEBSITE, AND/OR SERVICES BY YOUR PARENT OR LEGAL GUARDIAN. In this case, the Company shall make reasonable efforts to verify in such cases that consent is given or authorized by the holder of parental responsibility over anyone under 16 years of age, taking into consideration available technology.

IF YOU OBJECT TO ANYTHING IN THIS PRIVACY POLICY, YOU ARE NOT PERMITTED TO USE THE SERVICES. If you accept this Privacy Policy and use the Services on behalf of a company, organization, third-party individual, or other legal entity, you represent and warrant to the Company that you have full power and authority to do so.

Links to Other Websites

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, such as Google, Apple, Facebook, or Twitter. This Privacy Policy applies only to this Website and the Company’s Services. It does not apply to any third-party sites, such as the ones described above; and the inclusion of a link to said sites does not imply endorsement by us or by our affiliates.

We are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, such as Apple, Google, Facebook, Twitter or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to those other organizations through or in connection with your use of the Company’s Website, App, and/or Services.


We maintain reasonable and appropriate, although not infallible, security precautions:

Encryption: With the App, all your data, whether at rest or in transit, is fully encrypted and cannot be read by anyone other than you. Your data is encrypted and decrypted only at the device level, and only on your authorized device, so only you can see it. Your data is secured using military-grade AES 256-bit encryption with PBKDF2 key derivation with 20,000 iterations. This makes it effectively impossible for anyone to decrypt your data without knowledge of your Master Password.

Master Password: Only you have the key to your data. All encryption and decryption of data requires knowledge of the Master Password which only you as the user know. For your security, the Master Password is never stored on our servers and is never transmitted over the internet.

Multi-factor authentication: In addition to confirming your Master Password, the App’s security requires you to authenticate any new device you use with a time-based one-time password (OTP) that is sent to your registered email.

Lock: For added security, the App is locked whenever it is pushed to the background on your device. Unlocking it requires you to enter a 6-digit Personal Passcode for the App that you create at Sign Up. For your convenience, you can enable Face or Touch ID so you do not have to key in this passcode every time, pursuant to your Terms of Service and Privacy Policy with your applicable phone manufacturer.

Cloud Storage: When using the App, all Personal Information will be stored locally on authenticated user devices. In addition, the Personal Information you provide to the Company is replicated and hosted on servers in the US. Users from other countries acknowledge that they will be transferring their Personal Information into the US when using our App, Website, and/or Services. The Company’s servers are currently hosted on Amazon Web Services (AWS). AWS complies with the US-EU Safe Harbor Principles and, with the US-EU Safe Harbor Onward Transfer Principles, and acts as our Company’s agent with regard to data privacy. For more details of AWS’s privacy and security processes, please visit http://aws.amazon.com/privacy and http://aws.amazon.com/security . By using the service, you consent to your Personal Information being transferred to our servers as set out in this Privacy Policy.

The Company cannot guarantee that transmission or storage of your Personal Information over the internet is 100% secure, and cannot guarantee absolutely security. In addition, the manner in which you use or share the App, Website, and/or Services may affect the security of your Personal Information and your Master Password. We cannot guarantee that hackers or unauthorized personnel will not gain access to your Personal Information, despite our reasonable efforts. You should note that in using the App, Website, and/or Services, your information will travel through third-party infrastructures which are not under our control. Please feel free to raise any questions, concerns or specific directions you may have regarding the privacy and security of your information to support@sortifyd.com .

Public Forum on our Website

Our App, Website, and/or Services offer publicly accessible message boards, blogs, and community forums to which you may contribute. You may submit ideas, photographs, user profiles, writings, music, video, audio recordings, computer graphics, pictures, data, questions, comments, suggestions or other content, including Personal Information (collectively, “User Content”), such as on profiles, blogs and message boards. We or others may store, display, reproduce, publish, distribute or otherwise use User Content online or offline in any media or format (currently existing or hereafter developed), and may or may not attribute it to you.

Please think carefully before deciding what information you share, including Personal Information, in connection with your User Content. Please note that the Company does not control who will have access to the information that you choose to make public, and cannot ensure that parties who have access to such publicly available information will respect your privacy or keep it secure. Our promises regarding handling of your Personal Information under this Privacy Policy do not apply to any information that you disclose publicly, share with others or otherwise upload onto the publicly available positions of our App, Website, and/or Services. We are not responsible for the accuracy, use, or misuse of any User Content that you disclose or receive from third parties through the App, Website, and/or Services.

To request removal of your Personal Information from our blog or community forum, contact us at support@sortifyd.com. In some cases, we may not be able to remove your Personal Information, especially if it was already re-posted by another user. If this is the case, we will let you know if we are unable to do so and why in response to your request.


If you choose to use our referral service to tell a friend about our App, Website, and/or Services by email, we will ask for your friend’s email address, and send your friend a one-time email inviting them to visit our App or Website, and inform them of our Services. We will only store your friend’s email address for the sole purpose of sending this one-time message and tracking the success of the referral program. Your friend may contact us at support@sortifyd.com to request that we remove this information from our database at any time.

If you submit any Personal Information relating to other people to us or to our service providers in connection with our Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

Testimonials, Ratings and Reviews

If you submit testimonials, ratings, or reviews of the Services directly on our App and/or Website, any Personal Information you include will be displayed on the App and/or Website. We may also partner with third-party service providers to collect and display ratings and review content on our App or Website. If you provide our third-party service providers with your Personal Information in the process of submitting your rating and review, the content and Personal Information collected by a third party will be posted on our App or Website, absent your express instruction not to do so. If you want your testimonial, rating, or review removed from our App or Website at any time, please contact us at support@sortifyd.com.


This Privacy Policy may be updated from time to time for any reason, at our sole discretion. We will notify you of any material changes to our Privacy Policy by posting the new Privacy Policy on our App and Website, and emailing you a copy of the updated Privacy Policy. You are advised to consult this Privacy Policy regularly for any changes. By continuing to use our App, Website, and/or Services, you agree to the changes. You must stop using the App, Website, and/or Services if you do not agree to the changes.

Incorporation into Terms of Service

By using or accessing the App, Website and/or Services, you are accepting the practices described in this Privacy Policy, and you are consenting to our processing of your information as set forth in this Privacy Policy now and as amended by us. This Privacy Policy is incorporated into, and considered a part of, the Company’s Terms of Use.

Opt-Out Policy

If, at any time after registering, you change your mind about receiving information from us or about the use of information volunteered by you, or if you prefer that we do not share your Personal Information with third parties for marketing purposes, please contact us at support@sortifyd.com.

Contact Us

If you have any questions or concerns relating to our use of your Personal Information, please email support@sortifyd.com.  Additionally, you may reach us by postal mail at:

NineBx, Inc.
500 Franklin Street.
Columbus, IN 47201