Privacy Policy

Sibros Technologies, Inc.

Effective Date: January 5, 2024

Sibros Technologies, Inc. (“Sibros”, “we”, “us”, “our”) is committed to privacy and transparency about our data privacy practices. This Privacy Policy (“Policy”) describes how we collect, use, disclose, share, and otherwise process the personal data described in this Policy, as well as the rights and choices individuals have regarding their personal data. 

Scope

Except as otherwise noted below, this Policy applies to the personal data that Sibros collects and processes related to:

  • Users and visitors of websites owned and operated by us that link to this Policy, including www.sibros.tech (each a “Site” and together the “Sites”) and any downloadable software, mobile applications, and other products and services provided by us that display or include a link to this Policy (collectively, the “Services”); 
  • Current, former and prospective customers, vendors and partners;
  • Individuals who are subscribed to receive news, information and marketing communications from us;
  • Individuals who register for or participate in our webinars and/or other events; and
  • Individuals who participate in surveys, contests and research conducted by us, or otherwise engage with us related to our Services.

Additional or supplemental notices and disclosures (each an “additional notice”) may be provided and will apply to certain personal data collected and processed by us. Generally, we provide additional notices to clarify our privacy practices in specific circumstances and provide you with additional information about certain processing activities. To the extent there is a conflict with this Policy, the additional notice will control with respect to the personal data subject to that additional notice. 

Not Covered by this Policy

Customer Data

When a Software-as-a Service (“SaaS”) platform user (“Customer”) purchases and accesses the Sibros Deep Connected PlatformTM (“Platform”) or engages us to provide any other services relating to our Platform, we process and collect personal data on behalf of and under the instructions and privacy policies of the Customer. Those policies are typically set forth in a data processing agreement which governs the processing of personal data, and Sibros will only collect, use, retain and otherwise process such data on behalf of our Customers in accordance with our applicable contractual agreements. Each Customer is responsible for providing notice to and obtaining any required consent from their end-users related to our processing of personal data as part of our Platform.

Other Data

This Policy does not cover the personal data that we collect and process related to our employees, contractors, and applicants, or to any information that is exempt under applicable privacy laws.

Additional information and rights

For information about the privacy choices you have regarding your personal data, review the Section “Your Privacy Rights and Choices” below, as well as the Section “Additional information for Individuals in Certain Jurisdictions,” which includes additional jurisdiction-specific information about privacy rights for residents of certain jurisdictions, including residents in the European Economic Area (“EEA”) and the United Kingdom (“UK”). If you are a California resident, please see the Section “Additional information for California Residents” below for more information pursuant to California privacy laws, including the California Consumer Privacy Act (“CCPA”).

If you have questions about this Policy, please see the Section “Contacting Us” below.

Privacy Practices Overview

You can review information about our privacy practices and your privacy rights and choices below in the following sections:

Personal Data We Collect

We collect your personal data directly from you, automatically related to your use of the Services, and in some cases, from third parties (e.g., platform providers, payment processors, operators of certain third-party services that we use and social networks). The personal data we collect about you varies depending upon the circumstances, such as the Services used or your interaction with us. 

Information Collected Directly 

The personal data that we collect varies depending upon your use of our Services and our interactions with you but in general including the following:

  • Name and contact details: We collect name, company name, title, email address and contact information (including email address and phone number), preferences and other information from Customers and prospective customers.
  • Services and transaction-related data: When Customers purchase the use of our Platform, we collect certain personal data related to the Services and transaction, such as date, time and location a transaction took place, description and/or classification of the transaction, unique identification numbers, including IP address and your location derived from IP address, demographic information (e.g., date of birth, gender) as provided by you.
  • Customer Login: Login information we collect information to enable and authorize your log in to the Services, including name, username and password, email, phone number and other contact information, as applicable, similar login data related to our single sign on.
  • Communications, requests, and support: If you contact us by email, mail, phone, contact us forms or otherwise regarding the Services, we collect and maintain a record of your contact details, communications, and our responses. If you call us, we may also record calls and maintain logs and records of those calls. 
  • Events: We collect personal data related to your participation in our events as well as other requests that you submit to us related to our Services. For example, if you register for or attend an event that we host or sponsor, we may collect information related to your registration for and participation in such event.
  • User Generated Content: We collect the information you provide in any forum we may offer to the Sibros community, including for example via our social media channels. 

Information We Collect from Third Parties 

We may also collect certain personal data from third parties, such as:

  • Customer Information: If you access or manage our Services on behalf of a Customer, then we may receive username, email addresses and other information from such Customer in order to grant you access to the Platform. We may also collect personal data from public sources or databases and other third-party sources, in order to provide and enhance our Services.
  • Customer and Prospective Customer Information: We may collect information about our Customers and prospective customers and the relevant business contacts for them from third party sources in order to validate or enhance our Customer records.
  • Third-party platforms: We may collect information from social networks or other platforms (such as Facebook, Twitter, LinkedIn or other third-party social network sites) that you may connect with or share information about us through. These third-party platforms and services control the personal data they collect and share about you. For information about how they may use and disclose your personal data, including any data you make public, please consult their respective privacy policies.

Information We Collect Automatically 

We may collect personal data about how you use our Services and your online interactions with us and others, including information we collect automatically (e.g., using cookies and pixel tags), as well as information we derive about you and your use of the Services. Such data includes:

  • Device and browser information: We use cookies, log files, pixel tags and other technologies to automatically collect information when you access or use our Sites and Services, such as your IP address, domain name, browser type, device type, device brand and model, screen dimensions, device ID, internet service provider, referring and exiting URLs, operating system, language, clickstream data, and similar device and usage information. We may also collect or derive location information about you, such as through your IP address.
  • Usage data: We collect Internet or other electronic network activity information related to your use of and activities on our Sites and Services, such as information regarding what pages you accessed and when, date and time of your visit, the links clicked, searches, features used, items viewed, and time spent within the Services, and other traffic-related data. We may also use pixels in HTML emails to understand your interactions with our emails, such as whether you read or open the emails we send to you.

For more information, see the Section “Cookies and Similar Technologies” below.

Legal Bases and Purposes of Use for Processing  Personal Data 

The purposes for which we may process and use personal data vary depending upon the circumstances. For information on how our Customers collect, use and share your personal data collected via our Services and Platform we provide to them, please refer to the Platform  User’s respective privacy policies, not this Policy.

Legal Bases 

Certain laws, including the General Data Protection Regulation (“GDPR”), require that we inform you of the legal bases for our processing of your personal data. Pursuant to these laws, we process personal data for the purposes outlined below:

  • Performance of contract: To enter into or carry out the performance of our contract with you. 
  • Compliance with laws: To comply with legal obligations and/or defense against legal claims, including those in the area of data protection, tax, and corporate compliance laws.
  • Our legitimate interests: To further of our legitimate business interests, where not overridden by your interests and fundamental rights, including but not limited to: entering into contracts and performance of contracts with Customers and other parties; customer relationship management and improving our Services; improving and developing our website and other services; marketing, promotional and analytic purposes; implementation and operation of technical support services for our business operations and customer support; fraud and threat detection and prevention, including any misuse of our Services or money laundering; conducting internal audits and investigations; conducting any merger, sale, transfer of assets, acquisition or restructuring of all or part of the business, bankruptcy, or similar event. 
  • With your consent: Where we rely on your consent, certain applicable laws such as the GDPR, give you the right to withdraw your consent at any time. You may withdraw your consent with effect for the future by contacting us using the details set out in the Section “Contacting Us” below. In some jurisdictions as permitted by applicable law, your use or continued use of the Services may create implied consent to the collection and processing of personal data as set out in this Policy.
  • Vital Interest: In addition, if ever required, we may process your personal data where necessary to protect the vital interests of any individual.

Purposes of Collection and Processing 

The purposes for which we collect, use, disclose and otherwise process personal data vary depending upon the circumstances. Generally, we collect, use and process your personal data for the below business and commercial purposes:

  • Providing the Services and related support: To provide and operate our Services and Sites ensuring that the Services function properly; communicate with you about your use of our Services or Sites;  provide troubleshooting and technical support; respond to your inquiries and fulfill your requests; and process users’ accounts.
  • Legal Bases: Performance of Contract; our Legitimate interests; With Your Consent.
  • Analyzing and improving our Services: To improve, analyze and manage the Services; conduct data analysis; develop new products; enhance, improve or modify our Services; identify usage trends, and determine the effectiveness of our Services.
  • Legal Bases: Performance of Contract; Our Legitimate Interests.
  • Diagnostics: To diagnose server problems and administer the Services via your IP Address (a number automatically assigned to the computer or device that you are using by your internet service provider)
  • Legal Bases: Performance of Contract; Our Legitimate Interests; With Your Consent.
  • Communicating with you: To respond to your inquiries and requests or otherwise communicate with you relating to our Services or business, such as to send administrative information to you. 
  • Legal Bases: Performance of Contract; Our Legitimate Interests; With Your Consent.
  • Personalizing content experiences: To tailor content we may send or display on the Sites; offer location customization and personalized help and instructions; and  otherwise personalize your experiences. 
  • Legal Bases: Our Legitimate Interests.
  • Marketing and promotional purposes: To send you communications that we believe may be of interest to you, including any communications for marketing purposes related to the Services for our business purposes, such as tracking conversion of prospective customers into actual customers.
  • Legal Bases: Our Legitimate Interests; With Your Consent.
  • Research and surveys: To administer surveys and questionnaires, such as for market research or member satisfaction purposes. 
  • Legal Bases: Our Legitimate Interests; With Your Consent.
  • Planning and managing events: For event planning and management, including registration, attendance, connecting you with other event attendees, and contacting you about relevant events and Services. 
  • Legal Bases: Our Legitimate Interests; With Your Consent.
  • Securing and protecting assets and rights: To protect the Services and our business operations, to prevent, detect and investigate fraud, misuse, harassment or other types of unlawful activities;  investigate, prevent or take action regarding situations involving potential threats to the safety or legal rights of any person or third party, or violations of this Policy and our applicable agreements and terms of use; and  allow us to pursue available remedies or limit the damages that we may sustain. 
  • Legal Bases: Compliance with Laws; Our Legitimate Interests.
  • Complying with legal obligations: To comply with the law or legal proceedings. For example, we may disclose information in response to subpoenas, court order, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements. 
  • Legal Bases: Compliance with Laws; Our Legitimate Interests.
  • In support of our general business operations: Related to the administration of our general business, operational, accounting, recordkeeping and legal functions. For example, as part of any merger, sale, transfer of assets, acquisition, financing and/or restructuring, bankruptcy or similar event, including related to due diligence conducted prior to such event, where permitted by law. 
  • Legal Bases: Compliance with Laws; Our Legitimate Interests.
  • Otherwise with Your Consent

Disclosure of Personal Data

We may disclose or make available the personal data we collect about you as follows:

  • Affiliates and Subsidiaries: To affiliates and subsidiaries for the purposes described in this Policy.
  • Customers: To our Customers for their users who access and manage the Platform and related services on their behalf, as well as authentication information collected and processed on behalf of Customers related to their use of our Platform as directed by the relevant Customer.
  • Vendors and Service Providers: To our service providers and vendors, who provide services on our behalf, such as email management providers, transaction and payment providers, auditors, advisors, consultants, legal counsel, hosting and storage providers.
  • Third party platforms, providers and networks: To third party platforms and providers that we use to provide or make available certain features or portions of the Sites and Services, or as necessary to respond to your requests.  We may also make certain information that includes personal data available to third parties in support of our marketing, analytics, advertising and campaign management (see the Section “Cookies, Analytics and Other Tracking Information” below for more information).
  • Legal compliance: To respond to a valid court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful.
  • Business transfers: To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) including related to due diligence conducted prior to such event, where permitted by law.
  • Protection of rights: To respond to claims asserted against us, to enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, to protect the rights, property or safety of Sibros, our affiliates, Customers, prospective customers and/or others, and/or as evidence in litigation in which we are involved.
  • Other users: Sibros may offer online resources that facilitate communications among the Sibros community and others. 
  • With your consent: To any other affiliated or third parties where you have consented or requested that we do so.

Cookies, Analytics, and Similar Technologies

Sibros and our third-party providers use cookies, clear GIFs/pixel tags, JavaScript, local storage, log files, and other mechanisms to automatically collect and record information about your browsing activities, and use of the Sites and Services. We may combine this “usage data” with other personal data we collect about you.

Cookie

A cookie is a small data file that is stored on your computer’s or mobile device’s memory. Some cookies help you navigate our Services, for example by setting a cookie to remember your login details. Cookies also help us better understand the effectiveness of our Services (for example, by tracking the way in which you respond to, select and interact with our Services and tracking the conversion of our prospective customers into actual customers). Other cookies collect information about how you use our Services, which highlights areas we can improve, including navigation.

For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org. To read about your choices with regard to Sibros’ and third parties’ uses of cookies in our Services, please see the subsection “Managing Your Cookie Preferences” below.

Pixels

Sibros and our service providers may also use “pixel tags,” “web beacons”, “clear GIFs” or similar means (individually or collectively “Pixel Tags”) to analyze usage patterns of consumers. A Pixel Tag is an electronic image, often a single pixel, which is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a web page or in a mobile application and may be associated with cookies on your hard drive. Some Pixel Tags are used to drop cookies on users’ devices. Pixel Tags allow us to count users who have visited certain websites and applications of our business customers, and pages within such websites and applications, and to help determine the effectiveness of marketing campaigns. We and our service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Advertising and Targeting 

Sibros works with third parties such as ad networks, channel partners, mobile ad networks, analytics and measurement services and others (“third-party ad companies”) to personalize content and display advertising on our Sites and Services, as well as to manage our advertising on third-party sites, mobile apps and online services. We and these third-party ad companies may use cookies, pixels, or similar technologies on visitors of our Sites and Services to collect activity information on our Services and third-party sites and services, as well as IP address, location information, device ID, cookie and advertising IDs, and other identifiers. We and these third party ad companies use this data to serve interest-based and more relevant advertisements and content on our Sites and on third-party sites and apps, and to evaluate the success of such ads and content. 

Industry Ad Choice Programs

 You can control how participating third-party ad companies use the information that they collect about your visits to our websites and use of our mobile applications, and those of third parties, in order to display more relevant targeted advertising to you. For more information and to opt out of receiving targeted ads from participating third-party ad networks go to:

  • U.S. Users: https://aboutads.info/choices (Digital Advertising Alliance). You can also download the DAA AppChoices tool in order to help control interest-based advertising on apps on your mobile device.
  • EU Users: https://youronlinechoices.eu (European Interactive Digital Advertising Alliance).

Opting out of participating ad networks does not opt you out of being served advertising. You may continue to receive generic or “contextual” ads on our Services. You may also continue to receive targeted ads on other websites, from companies that do not participate in the above programs.

Managing Your Cookie Preferences 

You can review and manage your cookie preferences for our Sites and opt out of most cookies, including targeting cookies and tags on our Sites, by editing your browser options as explained below. Cookie preferences are browser and device specific, which means that you need to set the preference for each browser and device you use to access our Sites; in addition, if you delete or block cookies, you may need to reapply these preferences. Further, opting out of cookies and advertising as discussed below does not mean that you will no longer receive advertising content from us. You may continue to receive generic or “contextual” ads from us, they may just be less relevant to you.

Third-Party Analytics 

We may use third-party analytics tools (such as Google Analytics) to evaluate use of our Services. We use these tools to help us understand use of, and to improve, our Services, performance, ad campaigns, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons, to perform their services. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/partners/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Do Not Track (DNT)

We do not respond to Do Not Track (DNT) signals at this time. You may, however, disable certain tracking mechanisms in the cookie preference settings of your web browser and opt out of certain third-party ad cookies on our Sites as described in this Policy.

Retention

We will retain your personal data for the period necessary to fulfill the purposes outlined in this Policy for which the personal data was collected, unless a longer retention period is required or permitted by law. For example, we may maintain your personal data for an additional period of time where necessary to comply with our legal obligations or to establish, exercise or defend our legal rights (including to respond to actual or potential legal claims.

Security

We have taken reasonable steps to implement physical, technical and organizational measures, procedures and practices designed to help protect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed by us. Despite our efforts to keep your information secure, no website or Internet transmission is completely secure and we cannot guarantee that unauthorized parties will not gain access to your personal data.

Children’s Information

Our Services are not intended for, nor directed to, individuals under the age of 18 and we do not knowingly collect personal data from individuals in this age group. By using or accessing the Services or providing us with your information, you represent that you are at least 18 years old. If you believe we have inadvertently collected personal data about a child, please contact us and we will take steps to delete this data.

Your Privacy Rights and Choices

In this section we describe the choices you have regarding our collection, use and handling of your personal data for which Sibros is a data controller or business. Please note that if you have a request related to personal data we collect and process on behalf of a Customer, you should contact that Customer directly. If you submit your request to us, we will attempt to forward it to the relevant Customer so that they may respond to you directly.

Access, Deletion and Correction 

Subject to applicable law, you may submit a request to us to access, correct or delete personal data by contacting us as set out in the section “Contacting Us” below. We may ask you for additional information so that we can confirm your identity or process your request, and we will process your request in accordance with applicable privacy/data protection laws. 

Direct Marketing 

You may at all times opt-out from receiving electronic commercial communications from us. If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out of receiving these marketing-related emails by following the instructions in the communication you received from us. For example, you may unsubscribe from email marketing by clicking on the unsubscribe link within the email message that you receive from us. Please also note that if you opt-out of receiving marketing-related communications from us, we may still send you administrative and transactional messages relating to the Services from time to time, to the extent permitted by applicable laws. In addition, where required under applicable law, we will obtain your prior consent to direct marketing.

Additional Information for Certain Jurisdictions 

We provide additional information, as required under certain privacy laws, including the rights certain individuals have in certain jurisdictions: 

International Data Transfers

  • If you are located in the EEA/UK, or Switzerland, please see the Section “Additional Information for Individuals in the EEA, UK and Switzerland” below.
  • If you are a California resident, please see the Section “Additional Information for California Residents” below.

You may deactivate your account by changing your preferences in the user settings page of the Services.

Sibros is headquartered in the United States. If you are located outside the United States, such as in the European Economic Area (EEA) or the United Kingdom (UK) or Switzerland, and you submit personal data to us, that data will be transferred to the United States and we may process and store information in any country where we have facilities and/or employees, or in which we engage service providers. Data protection laws in the United States may not be considered equivalent to the data protection laws that exist in your jurisdiction. We will take steps to ensure that your personal data is subject to appropriate safeguards, including, where required, by implementing appropriate adequacy measures, such as the relevant set of EU standard contractual clauses (as approved by the European Commission) for the transfer of personal data to processors established in third countries, and where relevant the UK Addendum (as approved by the ICO). The current form for the standard contractual clauses can be found at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). 

Third-Party Services, Applications and Websites

This Policy does not cover, and we are not responsible for, the privacy, data or other practices of any third parties (except as required by applicable law), including any third parties operating any site or service to which our Services link to. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates. These third parties collect your data according to their own privacy policies.

Changes to this Privacy Policy

This Policy is current as of the Last Updated date set forth above.  We reserve the right to make changes to our Privacy Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Sites. If we make any changes to this Policy that materially affect our practices with regard to the personal data we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Sites or notifying you electronically. Where required by applicable law, we will obtain your consent to the updated Policy.

Contacting Us

For any questions about this Privacy Policy or Sibros’ privacy practices, please contact us by email at [email protected].

Additional Information for Users in Certain Jurisdictions

Residents of certain jurisdictions have additional rights under applicable privacy laws, as described in this section.  

Individuals in the EEA, UK and Switzerland

The data controller of your personal data is the Sibros entity you interact with or otherwise have a business relationship. 

Your Additional Privacy Rights 

If you are located in the European Economic Area, the United Kingdom or Switzerland, subject to the requirements and conditions set out under applicable law, you have the rights set out below in regard to our processing of your personal data where we are the data controller for such data. Please remember, if you want to make a request with respect to Customer personal data, i.e., the data our Customers provide to us so that we can provide them our Services, please contact the relevant Customer directly with your request, not us.

  • Right of access: The right to ask whether we process your personal data; ask for a copy of that information; get other information about your personal data such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can lodge a complaint, where we got your information from and whether we have carried out any profiling, to the extent that such information has not already been provided to you in this Policy.
  • Right to rectify and complete personal data: The right to ask us to rectify inaccurate information about you. We may seek to verify the accuracy of the data and your identity before rectifying it.
  • Right of deletion: The right to ask us to delete your personal data, under certain circumstances as set out under applicable law. 
  • Right of restriction: The right to ask us to restrict your personal data, but only where: its accuracy is contested, to allow us to verify its accuracy; the processing is unlawful, but you do not want it erased; it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; you have exercised the right to object, and verification of overriding grounds is pending. Please note that we may continue to use your personal data following a request for restriction, where: we have your consent; to establish, exercise or defend legal claims; or to protect the rights of another natural or legal person.
  • Right to object to our use of your personal data for direct marketing purposes: The right to request that we change the way in which we contact you for marketing purposes. You can request that we not transfer your personal data to unaffiliated third parties for the purposes of direct marketing or any other purposes.
  • Right to object for other purposes: The right to object at any time to any processing of your personal data which has our legitimate interests as its legal basis. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms. 
  • Right not to be subject to automated decision-making: The right not to be subject to a decision when it is based on automatic processing if it produces a legal effect or similarly significantly affects you, unless it is necessary for entering into or performing a contract between us. We do not currently engage in automated decision-making.
  • Right to (data) portability: The right to ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another data controller, but only where our processing is based on your consent and the processing is carried out by automated means.
  • Right to withdraw consent: The right to withdraw your consent in respect of any processing of personal data which is based upon a consent which you have previously provided.
  • Right to obtain a copy of safeguards: The right to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside the EEA, UK or Switzerland. We may redact data transfer agreements to protect commercial terms.

Submitting a Request 

To exercise any of the above listed rights, please email us with your request at [email protected]. We will handle your request in accordance with applicable law. When you make a request, we may ask you for additional information in order to verify your identity to protect your privacy and security.

Sibros commits to resolving complaints about our collection or use of your personal data. You have a right to lodge a complaint with a competent supervisory authority situated in a member state of your habitual residence, place of work, or place of alleged infringement if you have concerns about how we are processing your personal data. We ask that you please attempt to resolve any issue with us first, although you have a right to contact your supervisory authority at any time. You can find the relevant supervisory authority name and contact details here for individuals located in the EEA, here for individuals located in the United Kingdom and here for individuals located in Switzerland.

California Residents

In this subsection, we provide additional information for California residents regarding our collection, use and disclosure of their personal information (as such term is defined under the California Consumer Privacy Act (“CCPA”), as well as their privacy rights under California privacy laws, as required under California privacy laws including the CCPA. This subsection does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the CCPA. 

Categories of Personal Information Collected and Disclosed

While our collection, use and disclosure of personal information varies based upon our relationship and interactions with you, the table below generally describes the categories of personal information (as defined by the CCPA) that we have collected about California residents, as well as the categories of third parties to whom we may disclose this information for a business or commercial purpose. In addition to the third parties listed in the table below, we disclose your personal information to our service providers, who process the information on our behalf, other third parties as required by law, or otherwise with your consent.

Categories of Personal Information Collected Categories of Third Party Disclosures  
Identifiers Direct identifiers, such as name, alias, user ID, username, account number or unique personal identifier; email address, phone number, address and other contact information; IP address and other online identifiers; SSN, driver’s license number, passport number, tax ID and other government identifiers.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
  • Data analytics providers
  • Social networks
  • Internet service providers, operating systems and platforms
  • Customers
Customer Records Personal information, such as [name, account name, user ID, contact information, education and employment information, SSN and government identifiers, account number, and financial or payment information)] that individuals provide us in order to purchase or obtain our products and services. For example, this may include information collected when a user registers for an account, purchases or orders our products and services, or enters into an agreement with us related to our products and services.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
  • Customers
Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
  • Data analytics providers
  • Social networks
  • Internet service providers, operating systems and platforms
  • Customers
Internet and electronic network activity information Browsing history, clickstream data, search history, and information regarding interactions with an internet website, application, or advertisement, including other usage data related to your use of any of our Services or other online services.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
  • Data analytics providers
  • Social networks
  • Internet service providers, operating systems and platforms
  • Customers
Geolocation data Location information about a particular individual or device.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
  • Data analytics providers
  • Social networks
  • Internet service providers, operating systems and platforms
  • Customers
Sensory Data Audio, electronic, visual, thermal, olfactory, or similar information, such as CCTV footage (e.g., collected from visitors to our premises), photographs and images (e.g., that you provide us) and call recordings (e.g., of customer support calls).
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Customers
Professional information Professional and employment-related information such as current and former employer(s) and position(s), business contact information and professional memberships.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Customers
Education Information Information about an individual’s educational history, such as the schools attended, degrees you were awarded, and associated dates.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Customers
Profiles and inferences Inferences drawn from other personal information that we collect to create a profile reflecting an individual’s preferences, characteristics, predispositions, behavior, attitudes, intelligence, abilities or aptitudes.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
  • Data analytics providers
  • Customers
Protected classifications In limited cases, information that is considered a protected classification under California/federal law, such as your gender, date of birth, or disability status.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries
  • Advertising networks
Sensitive personal information In limited circumstances, Social Security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication.
  • Advisors and agents
  • Regulators, government entities and law enforcement
  • Affiliates and subsidiaries

Sales and Sharing of Personal Information 

California privacy laws define a "sale" as disclosing or making available to a third-party personal information in exchange for monetary or other valuable consideration, and “sharing” broadly includes disclosing or making available personal information to a third party for purposes of cross-context behavioral advertising.  While we do not disclose personal information to third parties in exchange for monetary compensation, we may “sell” or “share” (as defined by the CCPA) identifiers and Internet and electronic network activity information to/with third-party advertising networks, analytics providers, and social networks. We do so in order to improve and evaluate our advertising campaigns and better reach customers and prospective customers with more relevant ads and content.  We do not sell or share sensitive personal information, nor do we sell or share any personal information about individuals who we know are under sixteen (16) years old.   

Sources of Personal Information

In general, as described in the Section “Personal Data We Collect” above we collect personal information from you directly, automatically, and from the following categories of third party sources: 

  • Customers
  • Advertising networks
  • Data analytics providers
  • Social networks
  • Internet service providers
  • Operating systems and platforms
  • Publicly available data
  • Data brokers

Purposes of Collection, Use and Disclosure  

As described in more detail in the Section “ Legal Bases and Purposes of Use for Processing Personal Data” above, we use, disclose and otherwise process the above personal information for the following business or commercial purposes and as otherwise directed or consented to by you: 

  • Providing the Services and related support
  • Analyzing and improving our Services
  • Diagnostics
  • Communicating with you
  • Personalizing content experiences
  • Marketing and promotional purposes
  • Research and surveys
  • Planning and managing events
  • Securing and protecting assets and rights
  • Complying with legal obligations
  • In support of our general business operations
  • Otherwise with your consent

Notwithstanding the above, we only use and disclose sensitive personal information as reasonably necessary (i) to perform our services requested by you, (ii) to help ensure security and integrity, including to prevent, detect, and investigate security incidents, (iii) to detect, prevent and respond to malicious, fraudulent, deceptive, or illegal conduct, (iv) to verify or maintain the quality and safety of our services, (v) for compliance with our legal obligations, (vi) to our service providers who perform services on our behalf, and (vii) for purposes other than inferring characteristics about you. We do not use or disclose your sensitive personal information other than as authorized pursuant to section 7027 of the CCPA regulations (Cal. Code. Regs., tit. 11, § 7027 (2022)).

Retention  

We retain the personal information we collect only as reasonably necessary for the purposes described above or otherwise disclosed to you at the time of collection. For example, we will retain your account data for as long as you have an active account with us, transactional data for as long as necessary to comply with our tax, accounting and recordkeeping obligations, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, and comply with legal obligations.

California Residents’ Rights  

The California Consumer Privacy Act (CCPA) provides certain California residents with the additional rights listed below. The rights below apply in the event that we process your personal information in the capacity of a business, on our own behalf. In the event that we process your information on behalf of a Customer, i.e. as a service provider, we encourage you to make your request directly with the relevant Customer, but will direct your request to the relevant Customer if possible based on the information you provided to us.

Under the CCPA, California residents have the following rights (subject to certain limitations):

  • Opt out of sales and sharing: The right to opt-out of our sale and sharing of their personal information.
  • Limit uses and disclosure of sensitive personal information: The right to limit our use or disclosure of sensitive personal information to those authorized by the CCPA. 
  • Deletion: The right to the deletion of their personal information that we have collected, subject to certain exceptions.
  • Know/Access: The right to know what personal information we have collected about the them, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about them.
  • Correction: The right to correct inaccurate personal information that we maintain about them. 
  • Non-discrimination: The right not to be subject to discriminatory treatment for exercising their rights under the CCPA.  

Submitting CCPA Requests  

  • Request to know/access, correct, delete and limit. California residents may submit CCPA requests to access/know, correct and delete their personal information maintained by us online by submitting a request via our Data Subject Request Form. You may only make a verifiable consumer access request twice within a 12-month period.

    We will take steps to verify your request by (i) sending you a confirmation and (ii) matching the information provided by you with the information we have in our records.  You must complete all required fields on our Data Subject Request Form (or otherwise provide us with this information via email to verify your request. We will process your request based upon the personal information in our records that is linked or reasonably linkable to the information provided in your request. In some cases, we may request additional information in order to verify your request or where necessary to process your request. If we are unable to adequately verify a request, we will notify the requestor. Authorized agents may initiate a request on behalf of another individual by submitting a request via our our Data Subject Request Form or emailing us at [email protected]; authorized agents will be required to provide proof of their authorization and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent. 
  • Requests to Opt Out. California residents may exercise their right to opt out of a sale or sharing of their personal information online by adjusting their preferences via our cookie preference manager.  We will apply your opt out based upon the personal information in our records that is linked or reasonably linkable to the information provided in your request.