Effective Date: October 29, 2021
Scope of this Policy
This Policy applies when you interact with us through our Services. It also applies anywhere it is linked. It does not apply to third-party websites, mobile applications, or services that may link to the Services or be linked to from the Services. Please review the privacy policies on those websites and applications directly to understand their privacy practices.
Information We Collect
We may collect information from you directly, from the devices you use to interact with us, and from third parties. We may combine information from the Services together and with other information we obtain from our business records.
Information you give us
You may provide the following information to us directly:
- Contact information: including name, email address, or telephone number.
- Content of communications: information contained in your communications to us, including emails.
- Other information: any other information you submit to us.
Information we collect automatically
- Device information: including IP address, device identifiers, and details about your web browser.
- Analytical information: including details about your interaction with our website, app, and electronic newsletters.
- Diagnostic information: including web traffic logs.
How We Use Your Information
We may use any of the information we collect for the following purposes.
- Service functionality: To provide you with our products and services, including to take steps to enter a contract for sale or for services, process payments, fulfill orders, send service communications (including renewal reminders), and conduct general business operations such as accounting, recordkeeping, and audits.
- Service improvement: To improve and grow our Services, including to develop new products and services and understand how our Services are being used, our customer base and purchasing trends, the effectiveness of our marketing.
- Security: To protect and secure our Services, assets, network, and business operations, and to detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal.
- Legal compliance: To comply with legal process, such as warrants, subpoenas, court orders, and lawful regulatory or law enforcement requests and to comply with applicable legal requirements.
How We Share Your Information
We may share any of the information we collect with the following recipients.
- Service providers: We engage vendors to perform specific business functions on our behalf, and they may receive information about you from us or collect it directly. These vendors are obligated by contract to use information that we share only for the purpose of providing these business function, which include:
- Auditing and accounting firms, such as firms that assist us in the creation of our financial records.
- Professional services consultants, such as firms that perform analytics, assist with improving our business, provide legal services, or supply project-based resources and assistance.
- Security vendors, such as entities that assist with security incident verification and response, service notifications, and fraud prevention.
- Information technology vendors, such as entities that assist with website design, hosting and maintenance; data and software storage; and network operation.
- Government entities: We may share information when we believe in good faith that we are lawfully authorized or required to do so to respond to lawful subpoenas, warrants, court orders, or other regulatory or law enforcement requests, or where necessary to protect our property or rights or the safety of our employees, our customers, or other individuals.
- Other businesses in the context of a commercial transaction: We may change our ownership or corporate organization while providing the Services. We may transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this policy.
We use a combination of physical, technical, and administrative safeguards to protect the information we collect through the Services. While we use these precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf.
Your Options and Rights Regarding Your Information.
Jurisdiction-specific rights: You may have certain rights with respect to your personal information depending on your location or residency. Please see “privacy disclosures for specific jurisdictions” below. Please contact us to exercise your rights.
Other Important Information
· Data retention: We may store information about you for as long as we have a legitimate business need for it.
· Cross-border data transfer: We may collect, process, and store your information in the United States and other countries. The laws in the United States regarding information may be different from the laws of your country. Any such transfers will comply with safeguards as required by relevant law.
· Information about children: The Services are intended for users age thirteen and older. We do not knowingly collect information from children. If we discover that we have inadvertently collected information from anyone younger than the age of 13, we will delete that information. Please contact us with any concerns.
Privacy Disclosures for Specific Jurisdictions
European Economic Area, United Kingdom, and Switzerland
We process “personal data,” as that term is defined in the European Union’s General Data Protection Regulation (“GDPR”).
Legal bases of processing: We may process any of the personal data we collect for the purposes described in “how we use information” (1) with your consent, which you may withdraw at any time; (2) as necessary to perform our agreement with you to provide Services; and (3) as necessary for our legitimate interests, so long as those interests do not override your fundamental rights and freedoms related to data privacy.
Your rights under the GDPR: Users that reside in the European Economic Area (“EEA”), U.K., or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you are a resident of the EEA, U.K., or Switzerland, you have the following rights.
- Access and Portability: Obtain access to personal data we hold about you or request transmission of your data to a third party.
- Correction: Request that we rectify inaccurate or incomplete personal data we store about you.
- Erasure: Request that we erase personal data when such data is no longer necessary for the purpose for which it was collected, when you withdraw consent and no other legal basis for processing exists, or when you believe that your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
- Restriction of processing: Request that we restrict our processing of personal data if there is a dispute about the accuracy of the data, if the processing is unlawful, if the processing is no longer necessary for the purposes for which it was collected but is needed by you for the establishment, exercise or defense of legal claims, or if your request to object to processing is pending evaluation.
- Objection to processing: Object to processing of your personal data based on our legitimate interests or for direct marketing (including profiling). We will no longer process the data unless there are compelling legitimate grounds for our processing that override your interests, rights, and freedoms, or for the purpose of asserting, exercising, or defending legal claims.
Please contact us to exercise these rights.
Your California Privacy Rights; “Shine the Light” Law
California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year. Please contact us to obtain this information. We do not share your personal information with third parties for those third parties’ direct marketing purposes.
California Consumer Privacy Act
The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of information about them, as well as rights to know/access, delete, and limit sharing of personal information. You have the right to be free from discrimination based on your exercise of your CCPA rights. To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and your rights are described below.
Notice at Collection Regarding the Categories of Personal Information Collected
You have the right to receive notice of the categories of personal information we collect and the purposes for which we use personal information. The following table summarizes the categories of personal information we collect, the categories of sources of that information, and whether we disclose or sell that information to service providers or third parties, respectively. The categories we use to describe personal information are those enumerated in the CCPA. We collect this personal information for the purposes described in “How We Use Your Information.”
|We disclose to:
|We sell to:
|· Contact information or personal characteristics (name; email address; postal address; telephone number)
|Internet or Electronic Network Activity Information
· IP address
· Device identifier (e.g., MAC)
· Information provided in URL string (e.g., search keywords)
· Cookie or tracking pixel information
· Information about your interaction with our website, app, email correspondence, or products
· Browsing history
· Search history
· Diagnostic information (e.g., crash logs, performance data)
|You; our analytics partners
|· Coarse (information that describes location at ZIP code-level or less precision)
|Our analytics partners
|Content of Communications
· Contents of phone calls, emails, or text messages
Entities to whom we disclose information for business purposes are service providers, which are companies that we engage to conduct activities on our behalf. We restrict service providers from using personal information for any purpose that is not related to our engagement.
Entities to whom we “sell” information are third parties. Under the CCPA, a business “sells” personal information when it discloses personal information to a company for monetary or other benefit. A company may be considered a third party either because the purpose for its sharing of personal information is not for an enumerated business purpose under California law, or because its contract does not restrict it from using personal information for other purposes.
Your rights under the CCPA
- Opt out of sale of personal information: You have the right to opt out of our sale of your personal information to third parties; however, we do not sell your personal information. Please be aware that your right to opt out does not apply to our sharing of personal information with service providers.
- Know and request access to and deletion of personal information: You have the right to request access to personal information collected about you and information regarding the source of that personal information, the purposes for which we collect it, and the third parties and service providers with whom we share it. You also have the right to request in certain circumstances that we delete personal information that we have collected directly from you. Please contact us to exercise these rights.
Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to other companies who will sell or license their information to others. Currently, we do not engage in such sales. If you are a Nevada resident and would like more information about our data sharing practices, please contact us.
Contact information, submitting requests, and our response procedures
Making a request to exercise your rights
Submitting requests: You may submit a request to exercise your rights by making a request using the contact information above. If you are a California resident, you may authorize another individual or a business registered with the California Secretary of State, called an authorized agent, to make requests on your behalf. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Verification: We must verify your identity before responding to your request. We verify your identity by asking you to provide personal identifiers that we can match against information we may have collected from you previously. We may need to follow up with you to request more information to verify identity. We will not use personal information we collect in connection with verifying or responding to your request for any purpose other than responding to your request.