Effective Date: March 1, 2020
Last Updated: February 4, 2020
Table of Contents
- Definition of Personal Information
- NewYork Law
- CCPA Disclosures and Rights; Do Not Sell
- California Do Not Track Disclosure
- Do We Use “Cookies”?
- Third Party Links
- Contact Us
1. Definition of Personal Information
Personal Information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Other information excluded from the CCPA’s scope, such as:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
2. NewYork Privacy Rights
NewYork Privacy Right permits consumers who are NewYork residents, to request and obtain from us once a year, free of charge, information about the categories of personal information, if any, that we disclosed in the preceding calendar year to third parties for those third parties’ direct marketing purposes. Our disclosure requirements apply only if we share our consumers’ personal information with third parties for them to directly market their own products to those consumers, instead of assisting us with our own business. If you are a NewYork resident and would like to make such a request, contact us as provided in the “Contact Us” section below.
3. CCPA Disclosures and Rights; Do Not Sell
3.1 Personal Information We Collect
We may have collected Personal Information in the following categories from consumers within the last twelve (12) months. The categories and examples provided in the chart below are those defined in the CCPA. This does not mean that all examples of that category of Personal Information were in fact collected but reflects our good faith belief to the best of our knowledge that some of that information may have been collected about consumers. We will update this disclosure from time to time as appropriate.
|A. Identifiers.||A name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.|
|G. Geolocation data.||Physical location or movements.|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.|
|K. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.|
3.2 Sources of Personal Information.
We obtain the categories of Personal Information listed above from the following categories of sources:
- Directly from you. For example, during account registration from forms you complete, subscriptions you purchase or comments you provide on our Websites.
- Indirectly from you. For example, from observing your actions on our Website.
- From third parties. For example, third party social networking providers and advertising companies, our affiliates and service providers who provide services or information to us. If you do not want us to collect information from social networks, you should review and adjust your privacy settings on those networks as desired before linking or connecting them to our Websites.
- From publicly available sources. For example, online database searches.
3.3 Use and Disclosure (“Sale”) of Personal Information
We may have “sold” (as that term is defined in the CCPA) Personal Information in the following categories from consumers within the last twelve (12) months. Please note that the CCPA uses an expanded definition of the term, in which “sell” means:
“Selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for valuable consideration; or (B) sharing orally, in writing, or by electronic or other means, a consumer’s personal information with a third party, whether for valuable consideration or for no consideration, for the third party’s commercial purposes.”
When we disclose that we may have sold Personal Information, it means that we may have received some kind of benefit to our company in return for sharing Personal Information, but not necessarily received any money in exchange.
The categories below are those defined in the CCPA. This does not mean that all examples of that category of Personal Information were in fact “sold” but reflects our good faith belief to the best of our knowledge that some of that information may have been shared for value in return. We will update this disclosure from time to time as appropriate.
- Personal information categories listed in the California Customer Records statute.
- Protected classification characteristics under California or federal law.
- Commercial information.
- Internet or other similar network activity.
- Geolocation data.
- Sensory data.
- Professional or employment-related information.
- Non-public education information.
- Inferences drawn from other personal information.
3.4 Use of Personal Information for Business Purposes or Commercial Purposes.
We may use or disclose Personal Information we collect for “business purposes” or “commercial purposes” (as defined under the CCPA), which may include the following examples. The examples provided are illustrative and not intended to be exhaustive.
(a) Auditing Interactions with Consumers. For example: monitoring traffic to our Websites, counting ad impressions, and auditing legal and regulatory compliance.
(b) Security. For example, maintaining the safety, security, and integrity of our Website, products and Services, databases and other technology assets and our business, including preventing fraud, detecting security breaches and prosecuting violators, and responding to law enforcement requests and meeting requirements of applicable law, court order, or governmental regulations.
(c) Debugging/Repair. For example, identifying and repairing errors in our Websites’ functionality.
(d) Certain Short-term Uses. For example, ad customization that does not involve or contribute to profiling.
(e) Performing Services. For example, creating, maintaining, customizing and securing your account with us, processing your purchases, transactions, and payments, hosting our Websites, fulfilling subscription orders, managing databases, performing analyses, billing, and marketing services such as managing promotions and contests.
(f) Internal Research for Tech Development. For example, testing, research, analysis, and product development, including to develop and improve our Website, products, and Services.
(g) Quality and Safety Maintenance and Verification. For example, improving, upgrading or enhancing our products, Services or Websites, and verifying the quality or safety of our Websites or Services.
(h) Other Commercial Purposes. For example, as described to you when collecting your Personal Information such as for promotions or contests, or to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, in which Personal Information we hold is among the assets transferred.
3.5 Disclosing Personal Information to Other Parties
We may disclose your Personal Information to the following categories of other parties for a business purpose or commercial purpose, as those terms are defined in the CCPA:
- Our affiliates
- Service providers
- Advertisers, advertising technology companies, analytics companies and other third parties with whom we have business relationships
- Government regulators
- Our legal advisors and parties involved in a legal process
- To an entity involved in the sale of our business
- Third parties to whom you or your agents authorize us to disclose your Personal Information in connection with products or Services we provide to you
3.6 Your CCPA Privacy Rights and Choices
The CCPA provides California residents with specific rights regarding their Personal Information as described below.
(a) Right to Know about Personal Information Collected or “Sold”
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. After we receive and confirm your verifiable consumer request, we will disclose to you within the time required by the CCPA, the relevant information, which may include:
- The categories of Personal Information we collected about you.
- The categories of sources for the Personal Information we collected about you.
- Our business or commercial purpose for collecting or selling that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information we collected about you (also called a data portability request).
- If we sold your Personal Information, or disclosed your Personal Information for a business purpose, two separate lists disclosing:
- sales, identifying the Personal Information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
(b) Right to Request Deletion of Personal Information
You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions, including if we need the Personal Information for a reason related to our business, such as:
- providing goods or Services to you;
- detecting and resolving issues related to security or functionality;
- complying with legal obligations;
- conducting research in the public interest;
- exercising free speech or ensuring another’s exercise of free speech; or
- using the information for internal purposes that a consumer might reasonably expect.
After we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records within the time period required by the CCPA, unless an exception applies.
3.6.1 Exercising Your Rights
To exercise the rights described above, please submit a verifiable consumer request to us through the web form link provided below in Contact Us.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: providing your email and phone verification, known customer information, and/or account sign-up authentication or other information needed to verify your identity depending on the sensitivity of the Personal Information in question.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
3.6.2 Response Timing and Format
We use good faith efforts to respond to a verifiable consumer request within forty-five (45) days after its receipt. If we need more time (up to 90 days), we will inform you of the reason and the needed extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by email.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. If we cannot comply with any portion of a request, the response we provide will also explain why, if applicable. For data portability requests, we will select a commercially reasonable format to provide your Personal Information that is commonly useable and should allow you to transmit the information from one entity to another entity without hindrance, but we do not guarantee that all formats are useable in all media. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
3.6.3 Non-Discrimination for the Exercise of CCPA Privacy Rights
We will not discriminate against you for exercising any of your CCPA rights. In particular, we will not:
- Deny you goods or services
- Charge you different prices for goods or services, whether through denying benefits or imposing penalties
- Provide you with a different level or quality of goods or services
- Threaten you with any of the above
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
We currently do not offer any financial incentive, benefit, or price differences in return for the disclosure, deletion, or sale of Personal Information. However, in general, our business model is based on providing a certain amount of monthly free content to readers, after which we may require that additional content access must be paid for. On some of our Websites and apps, this content may be paid for either through the delivery of advertisements, or through subscriptions. On those Websites and apps, consumers who use ad-blocking technology will be notified of the option to turn off the ad blocking or to pay for a subscription to access the content. On some other Websites and apps, content must be paid for after a certain number of monthly free articles, whether advertising is present or not.
3.7 Do Not Sell My Personal Information.
The CCPA requires businesses to provide a web page where consumers can opt out of the ”sale” of their Personal Information. The link to our Do Not Sell web form is located here.
In addition, you may opt out of certain interest-based advertising by using the following resources:
(a) You may opt-out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices.
(c) You may opt-out of having your activity on our Websites and Services made available to Google Analytics by installing the Google Analytics opt-out add-on for your web browser by visiting: tools.google.com/dlpage/gaoptout for your web browser.
4. California Do Not Track Disclosures
5. Do we use “Cookies”?
Yes. Cookies and similar technologies are small files that a website or its service provider transfers to a computer’s hard drive through a Web browser (if the user allows) that enables the website’s or service provider’s systems to recognize the user’s browser and capture and remember certain information.
We use commercially reasonable procedures and various technical, administrative and physical safeguards to help protect the confidentiality of Personal Information. However, no data transmitted over the Internet or stored or maintained by us or our third-party service providers can be 100% secure given the reality of communication via technology systems. Therefore, although we believe the measures implemented by us are commercially reasonable and reduce the likelihood of security problems to a level appropriate to the type of data involved, we do not promise or guarantee, and you should not expect, that your Personal Information or private communications sent to us over those systems will always remain private or secure. We are not responsible for the circumvention of any privacy settings or security features.
If you believe that your Personal Information has been accessed or acquired by an unauthorized person, please promptly Contact Us so that necessary measures can quickly be taken.
7. Third Party Links
These Websites are not intended for use by children under the age of 13.
If you have reason to believe that a child under the age of 16 has provided Personal Information to us through a Website without the appropriate consent, please contact us as provided in the Contact Us section below with sufficient detail to enable us to delete that information from our databases.
10. Contact Us
To fill out a Data Information or Deletion Request, click here
Do Not Sell My Personal Information: click here
Call us at 1 (844) 777-44444
Email us at firstname.lastname@example.org