Effective Date: July 19, 2020
We collect data to provide the products and services you request on the Site, ease your navigation on the Site, communicate with you, and improve your experience using the Site. Some of this information is provided by you directly to us, such as when you create an account. Some of the information is collected through your interactions with the Site or third party websites, and applications. We collect such data using technologies like cookies and other tracking technologies, error reports, and usage data collected when you interact with our Site. Some of the information is collected from your use of, and interactions with, us and others on social media including, but not limited to, Facebook®, Instagram®, Twitter®, LinkedIn®, and YouTube® (collectively “Social Media”).
The data we collect depends on the Site and features thereof that you use, and includes the following:
1.1 Personal Information.
When you visit the Site without creating an account, you can browse without submitting Personal Information about yourself. In general, we collect Personal Information that you submit to us in the process of creating or editing your account and user profile on the Site or that you submit to us voluntarily through your use of the Site. Information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household is “Personal Information.”
In particular, the Site has collected the following categories of Personal Information from users in the last twelve (12) months. We obtain these categories of Personal Information with the methods described in more detail below.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name.
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
A name, address, telephone number, bank account number, credit card number, debit card number, or any other financial information.
Some Personal Information included in this category may overlap with other categories.
C. Protected classification characteristics under California or federal law.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
D. Commercial information.
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric information.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
F. Internet or other similar network activity.
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
G. Geolocation data.
Physical location or movements.
H. Sensory data.
Audio, electronic, visual, thermal, olfactory, or similar information.
I. Professional or employment-related information.
Current or past job history or performance evaluations.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences drawn from other Personal Information.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Personal Information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
1.2 Automatically Collected Usage and Device Information.
Similar to other websites, we use tracking technologies to automatically collect certain technical information from your web browser, mobile, or other device when you visit our Site. This data may include, but is not limited to, your IP address, browser type and language, referring/exit pages and URLs, other browser history, platform type, number of clicks, landing pages, the pages you requested and viewed, the amount of time spent on particular pages, and the date and time of your visits. Our collection of this data, described in more detail below, allows us to provide more personalized high-quality services to you and to track usage of the Site.
- Types of Cookies:
There are two different types of cookies used:
- Session Cookies. Also called transient cookies, are cookies that are temporarily stored in your browser for the duration of a browser session, and they typically will store information in the form of a session identification without further information personally identifying you.
- Persistent Cookies. Also called permanent or stored cookies, are cookies that are stored on your hard drive until they expire (persistent cookies are set with expiration dates) or until you delete the cookie. Persistent cookies are used to collect identifying information, such as web surfing behavior or user preferences for a specific website.
We employ the following categories of Session Cookies and Persistent Cookies:
- Required Cookies
- Functionality Cookies
- Targeting/Advertising Cookies
These cookies are a mixture of first party cookies, which we set ourselves, and third-party cookies, which are set by other websites.
- Cookie Functions:
- Personalization. For example, your language preference is remembered.
- Session Management. To ensure that your session is routed to the correct system for the duration of your visit.
- Advertising. We can display advertising content depending on location, language, and your past browsing history.
- Required Cookies:
We use a number of cookies that are strictly necessary to allow you to access the Site, to move between pages, and to receive services that you have requested. The types of data collected may include:
- session identifier
- IP address, and information generated from anonymized IP addresses
- a computer host name
- geographic location
- time of visit
- webpage URL
- referring website
- security tokens (for authentication and information submission, like RFP forms)
The following is an example of a strictly necessary cookie that we use:
- Authentication Cookies. These provide an authentication method for secure log-in.
- Functionality Cookies:
We use functionality cookies to allow us to remember your preferences. For example, cookies save you the trouble of selecting your language or currency every time you access the Site, and they recall your customization preferences.
We utilize other cookies to analyze how our users use the Site and to monitor Site performance. This allows us to provide a high-quality experience by customizing our offering and quickly identifying and fixing any issues that arise. For example, we might use performance cookies to keep track of which pages are most popular, which method of linking between pages is most effective, and to determine why some pages are receiving error messages.
The following is an example of a functionality cookie that we use:
- Google Analytics: Refer to Section 2 (Third Party Analytics Providers) for more details.
- Facebook Pixel: Refer to Section 2 (Third Party Analytics Providers) for more details.
- Targeting/Advertising Cookies:
The types of data used include online identifiers, including cookie identifiers, IP addresses and device identifiers, imprecise location data (based on your IP address) or precise location data (if you have set your system to allow transmission of geolocation information), and client identifiers.
Types of targeting enacted based on cookies include:
- Demographics. Target advertisements based on how well products and services trend with users in certain locations, ages, genders, and device types.
- In-market. Show advertisements to users who have been searching for products and like-services.
- Custom intent audiences. Choose words or phrases related to the people that are most likely to engage with sites and make purchases by using “custom intent audiences.”
- Similar audiences. Target users with interests related to those on remarketing lists.
- Remarketing. Target users that have already interacted with our advertisements or the Site.
We do not control the information collected by such third party partners or advertiser in connection with the Site or the further use of information we may provide to them for the aforementioned services, and they do not process such data on our behalf. Only the data protection policies of those third parties as the respective controllers of such data will apply to their processing of such data.
- Cookie Consent:
You can prevent or restrict the storage of cookies on your hard disk by setting your browser not to accept cookies or to request your permission before setting cookies. Once cookies have been set, you can delete them at any time. Please refer to your browser’s operating instructions to find out how this works. If you do not accept cookies, this can lead to restrictions in the use of the Site.
- Data Retention and Deletion:
Log files are deleted after [x] days. Session cookies expire and are deleted at the end of your browser session. Persistent cookies may be set to expire from 30 days to 1 year depending on the function of the cookie. After expiry of those periods information will be deleted or made anonymous.
B. Pixels (aka web beacons/web bugs/java script).
We may use pixels to automatically record certain technical information about your interactions when you visit the Site or otherwise engage with us, to help deliver cookies on our Site, or count users who have visited the Site. We may also include web beacons in our promotional e-mail messages or newsletters to determine whether you open or act on them for statistical purposes. “Pixels” are tiny graphics (about the size of a period at the end of a sentence) with unique identifiers used to track certain online actions, movements and related information of Site users. Unlike cookies, which are stored on a user’s computer hard drive, pixels are embedded invisibly on web pages or in HTML-based emails. The data we receive through pixels allows us to effectively promote the Site to various populations of users, and to optimize external advertisements about the Site that appear on third-party websites.
1.3 Information from Other Sources.
We may obtain both personal and non-personal information about you from business partners, contractors, suppliers, and other third parties and add it to your account information or other information we have collected. We, and the third parties we engage, may combine information we collect from you over time, and across the Site, with information obtained from other sources. This helps us improve the information’s overall accuracy and completeness, and also helps us better tailor our interactions with you.
1.4 Location Information.
We collect precise geolocation data from you or your device, as well as your address information, e.g., billing address, when you set up your account and order our services. We also collect and use information about your general location (e.g., your state of residence) and can infer your approximate location based on your IP address in order to track our general Site usage or to tailor any pertinent aspects of your user experience to the region where you are located.
1.5 User Contributions.
You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Site or transmitted to other users of the Site or third parties, including, for example, third party websites and services like Social Media that are integrated into or linked to the Site (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. We cannot control the actions of other users of the Site or third parties with whom you may choose to share your User Contributions. Such third parties may have their own policies and terms that apply to your User Contributions, and we are not responsible for any third party’s policies or terms. We cannot and do not guarantee that unauthorized persons will not view your User Contributions.
1.6 Social Media.
We may use or disclose the Personal Information identified above for one or more of the following business purposes (“Business Purpose”):
- To fulfill or meet the reason you provided the information (e.g., to send you products and service information).
- To personalize and develop our Site and the products and services we provide to you, and improve our offerings.
- To provide certain features or functionalities on the Site.
- For marketing and promotions, including to check your eligibility for competitions and to contact you in the event that you win, and to administer our rewards program.
- To create, maintain, customize, and secure your account with us.
- To provide you with support, to communicate with you and respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your experience and to deliver content and product and service offerings, products, and services relevant to your interests, including offers and advertisements through third-party sites, and via email (with your consent, where required by law).
- To help maintain the safety, security, and integrity of our Site, services, databases, other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our Site and services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- To prevent illegal activity, fraud, and abuse.
- As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our users is among the assets transferred or liquidated.
4.2 Account-Related Emails.
When you create an account with us and provide us with your email we may, subject to applicable law, use your email address to send you service-related notices (including any notices required by law, in lieu of communication by postal mail), updates, news, and marketing messages. For example, when you register, you will receive a welcome email. If the Site or our services are temporarily unavailable, we may also send you an email.
Email communications you receive from us will generally provide an unsubscribe link or instructions allowing you to opt out of receiving future emails or to change your contact preferences. If you have an account with us, you can also change your contact preferences by updating your contact information within your account settings. Please remember that even if you opt out of receiving marketing e-mails, we may still send you important service information related to your account and the Site. If you correspond with us by email, we may retain the content of your email messages, your email address, and our responses.
4.4 Non-Personally Identifiable Information.
We may use non-personally identifiable information, such as anonymized and/or aggregated website usage data, in any manner that does not identify individual users for the purpose of improving the operation and management of the Site, including to develop new features, functionality, and services, to conduct internal research, to better understand Site usage patterns, to resolve disputes, to troubleshoot problems, to fulfill user requests, or for security and compliance purposes. Any non-personally identifiable information that is combined with Personal Information will be treated by us as Personal Information.
4.5 Payment Processors.
If you purchase or pay for products or services via the Site, the transaction may be handled by our service providers or third party vendor(s) responsible for processing your payment (“Payment Processors”). These entities have their own privacy policies and those terms will apply to you. Please be sure to review them at the links provided during payment processing.
When we disclose Personal Information for a Business Purpose, we enter into a contract that describes the purpose and requires the recipient to keep that Personal Information confidential and use only for performance of the contract, and not for any other purpose. We share or make your information available, including any Personal Information, in the circumstances described below.
5.1 Disclosures of Personal Information in the Last Twelve Months.
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a Business Purpose, as more fully described in Section 4:
- Category A: Identifiers.
- Category B: California Customer Records personal information categories.
- Category C: Protected classification characteristics under California or federal law.
- Category D: Commercial information.
- Category F: Internet or other similar network activity.
- Category G: Geolocation data.
- Category K: Inferences drawn from other personal information.
We disclose your Personal Information for a Business Purpose to the following categories of third parties:
- Social Media.
- Analytics Providers.
- Payment Processors.
- Other third party marketing service providers.
5.2 Legal Requirements.
We reserve the right to disclose all information collected via the Site, internally, to affiliates, or to third parties, for any lawful purpose or to prevent harm to us or others. For example, and without limitation, in our discretion, we may disclose information to government regulators, law enforcement authorities or alleged victims of identity theft. We will notify you in the event of a government or legal request for your information unless otherwise prohibited by law.
5.3 Organizational Transitions.
You can choose not to provide Personal Information. You may always decline to provide your Personal Information to us. Registering for an account is not required to access some of our online content. If you decide to register, you can choose to provide information that does not reasonably identify you to others by selecting a username which is not related to your actual name. You can also decline to provide any optional information in your account. If you choose not to provide certain Personal Information to us, some of your experiences may be affected (e.g., we cannot take a reservation without your name and contact information).
6.1 You May Decline Other Requests.
6.2 Right to Access Specific Information and Data Portability Right.
You may have the right under the CCPA to request that we disclose certain information to you about our collection and use of your Personal Information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of Personal Information that we have collected about you.
- The categories of sources for the Personal Information that we have collected about you.
- Our business or commercial purpose for collecting or making available that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information that we have collected about you (also called a data portability request).
- If we disclosed your Personal Information for a Business Purpose, the Business Purpose for which such Personal Information was disclosed, and the Personal Information categories that each category of recipient obtained.
- If applicable, (1) the categories of your Personal Information that we have made available for valuable consideration; (2) the categories of third parties to whom such Personal Information was made available; and (3) the category or categories of Personal Information that we have made available to each category of third parties.
6.3 Right to Delete.
You may have the right under the CCPA to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) or vendor(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation or legal order.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
6.4 Right to Opt-Out.
If you are 16 years of age or older, you may have the right under the CCPA to direct us not to make your Personal Information available for valuable consideration at any time (the “right to opt-out”). We do not make available the Personal Information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in, may opt-out at any time.
To exercise the right to opt-out or right to opt-in, you (or your authorized representative) may submit a request to us by sending us an e-mail at email@example.com. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize certain information sharing practices. However, you may change your mind and opt back in at any time by sending us an e-mail at firstname.lastname@example.org. We will use Personal Information provided in an opt-out request only to review and comply with the request.
6.5 Exercising Your Rights.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:
Calling us at (424) 317-7209
Sending us an e-mail at email@example.com
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make such a request for access or data portability twice within a twelve (12) month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
6.7 Online Tracking Choices.
Some web browsers incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have the user’s online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about that browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operations, including the Site, do not respond to DNT signals.
We use certain physical, managerial, and technical safeguards designed to preserve the security of your information that we maintain in connection with your use of the Site. For example, we encrypt all data with secure sockets layer (SSL) or similar technologies when we transmit your data. This, however, does not guarantee that your information may not be accessed, disclosed, altered, or destroyed by any breach of our physical, technical or managerial safeguards. In the event that any of your Personal Information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and will notify you, as appropriate, in accordance with pertinent laws and regulations.
We or our third party hosting providers store Personal Information in operating environments that are safeguarded against public or unauthorized access and protected from internal access with physical and technical security measures. While these measures are helpful to safeguard your Personal Information after we receive it, no transmission of data over the internet is 100% secure.
Please be aware that we are headquartered in the United States. The Site is governed by United States law. If you are using any of our products or services from outside of the United States, your information may be transferred to, stored, and processed in the United States where our servers may be located. The United States might not offer the same level of privacy protection as the country where you reside or are a citizen. BY USING THE SITE, COMMUNICATING WITH US VIA MAIL, EMAIL OR TELEPHONE, OR OTHERWISE PROVIDING INFORMATION TO US, YOU CONSENT TO THE TRANSFER TO, AND PROCESSING OF, YOUR INFORMATION IN THE UNITED STATES.
Residents of the European Economic Area (“EEA”) may be entitled to rights under the GDPR. If you qualify, these rights are summarized below.
If you request to exercise your rights under the GDPR, we may require verification of your identity before we respond to any such request. If you are entitled to these rights, you may exercise your rights with respect to the Personal Information that we collect and store:
- the right to withdraw consent to data processing at any time;
- the right of access to your Personal Information;
- the right to request a copy of your Personal Information;
- the right to correct any inaccuracies in your Personal Information;
- the right to erase your Personal Information;
- the right to data portability, meaning to request a transfer of your Personal Information from us to any other person or entity as chosen by you;
- the right to request restriction of the processing of your Personal Information; and
- the right to object to processing of your Personal Information.
You may exercise these rights free of charge. These rights will be exercisable subject to limitations as provided for by the GDPR. Any requests to exercise the above-listed rights may be made to: firstname.lastname@example.org. If you are an EEA resident, you have the right to lodge a complaint with a Data Protection Authority about how we process your Personal Information at the following website: https://edpb.europa.eu/about-edpb/board/members_en.
California Civil Code § 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed Personal Information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to email@example.com.
While the Site is not intended for anyone under the age of 18, if you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: firstname.lastname@example.org. When requesting removal, you must specify the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you do not follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your information from the Site not ensure complete or comprehensive removal of that information from our systems or the systems of our service providers. We are not required to delete information posted by you; our obligations under California law are satisfied so long as we anonymize the information or render it invisible to other users and the public.
Phone: (424) 317-7209