Effective Date: May 1, 2020
Introduction and Scope
Acknowledgement and Consent
If you are a citizen or resident of the European Economic Area, United Kingdom, or Switzerland, the definition of personal information is defined under GDPR and you have certain rights; therefore, please see the section below entitled “GDPR”.
Personal Information does not include your Personal Information that has been deidentified, pseudonymized, anonymized, aggregated, and/or otherwise processed so as to be unidentifiable in such a way that the data can no longer be attributed to a specific individual (by reasonable means) without the use of additional information, and where such additional information is kept separate and under adequate security to prevent unauthorized re-identification of a specific individual such that one could not, using reasonable efforts, link such information back to a specific individual (collectively, all of the foregoing in this sentence being referred to as “De-Identified Personal Information”).
If you are applying for employment via our Website, we may obtain information from third parties about membership, licensing, accreditation, certification, professional, and/or employment as part of a background check, among other information, as part of the application process. See additional information about this below.
Individuals under the Age of 18
As noted in the Terms, we do not knowingly collect, solicit or maintain Personal Information from anyone under the age of 18 or knowingly allow such persons to register for our Services. If you are under 18, please do not send any Personal Information about yourself (such as your name, address, telephone number, or email address) to us. No one under age 18 should provide any Personal Information to us. In the event that we learn that we have collected Personal Information from a child under age 18 without verification of parental consent, we will use commercially reasonable efforts to delete that information from our database. Please contact us if you have any concerns.
Personal Information We Collect
We collect several categories of Personal Information from and about you as summarized in the following table:
|Category||Specific Items of Personal Information|
|Characteristics of protected classifications under other California or federal law||
|Internet or other electronic network activity||
|Professional or employment information||
|Inferences drawn from any of the above to create a profile of a consumer||
How We Collect Personal Information and from What Sources
Information You Provide to Us. The Personal Information we collect on or through our Website may include, but is not limited to:
- Information that you provide by filling in webforms on our Website. This includes information provided when creating an online account, purchasing our products or Services, subscribing to our e-newsletters or other communications, requesting information from us, submitting or posting material (where permitted) on our forums, or interacting with customer support or service, report a problem with our Website, products, or Services, or otherwise communicating with us.
- Records and copies of your correspondence (including email addresses), if you contact us
- Your responses to surveys that we might ask you to complete for research purposes
- Your search queries on the Website
- In stores (parent, subsidiary and affiliate brands)
- On mobile applications (parent, subsidiary and affiliate brands)
- When communicating with customer service/support
- Through participation in loyalty/rewards programs
- Third party websites and mobile applications (e.g., websites that share information with us or advertising partners regarding online activities)
- Data suppliers (e.g., companies that provide demographics and other information regarding consumers)
- Online advertising companies
- Fulfillment and delivery service providers
- Social media companies
- Survey providers
- Other service providers
- Responding to employment opportunities
Information We Collect Through Automatic Data Collection Technologies. As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:
- Details of your visits to our Website, including, but not limited to, traffic data, geolocation data, logs, and other communication data and the resources that you access and use on the Website.
- Information about your computer, mobile device, and internet connection, including your IP address, operating system, browser type, clickstream patterns, the URL of the most recent website you visited before coming to our Website, the amount of time you spent on our Website, and the pages you viewed while on our Website.
- We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services, or associate Personal Information with other information collected in this manner.
The information we collect automatically is statistical data and may include Personal Information, but we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including, but not limited to, by enabling us to: (a) estimate our audience/visitor size and usage patterns; (b) store information about your preferences, allowing us to customize and improve our Website; (c) speed up your searches; and/or, (d) recognize you when you return to our Website.
The technologies we use for this automatic data collection may include cookies, local storage cookies, web beacons, pixel tracking, GIF and/or IP address. Each of these is discussed below.
Cookies (or browser cookies)
A cookie is a small file placed on the hard drive of your computer or mobile device. It may contain certain data, including, but not limited to: the name of the server that has placed it there, an identifier in the form of a unique number, and, an expiration date (some cookies only). Cookies are managed by the web browser on your computer or mobile device (Internet Explorer, Firefox, Safari or Google Chrome).
Different types of cookies which have different purposes are used on our Website.
These cookies are essential to allow you to browse our Website and use its functions. Without them, services such as shopping baskets and electronic invoicing would not be able to work.
These cookies collect information on the use of our Website, such as which pages are consulted most often. This information enables us to optimize our Website and simplify browsing. Performance cookies also enable our affiliates and partners to find out whether you have accessed one of our Websites from their site and whether your visit has led to the use or purchase of a product or Service from our Website, including the references for the product or Service purchased. These cookies do not collect any information which could be used to identify you. All the information collected is aggregated, and therefore anonymous.
These cookies enable our Website to remember the choices you have made when browsing. For example, we can store your geographical location in a cookie so that the Website corresponding to your area is shown. We can also remember your preferences, such as the text size, font and other customizable aspects of the Website. Functionality cookies may also be able to keep track of the products or videos consulted to avoid repetition. The information collected by these cookies cannot be used to identify you and cannot monitor your browsing activity on sites which do not belong to us.
It is possible that you will come across third-party cookies on some pages of sites that are not under our control.
Local Storage Cookies. Certain features of our Website may use local stored objects (or Adobe Flash cookies) to collect and store information about your preferences and navigation to, from and on our Website. Local storage cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Pixel Tracking. In addition to using Cookies, the Website may employ “pixel tracking”, a common process which may be used in connection with advertisements on other sites. Pixel tracking involves the use of pixel tags that are not visible to the user and consist of a few lines of computer code. Pixel tracking measures the effectiveness of advertisements and compiles aggregate and specific usage statistics. A “pixel tag” is an invisible tag placed on certain pages of websites that is used to track an individual user’s activity. We may access these pixel tags to identify activity and interests that may allow us to better match our products, services, and offers with your interests and needs. For example, if you visit our Website from an advertisement on another website, the pixel tag will allow the advertiser to track that its advertisement brought you to the Website. If you visit our Website, and we link you to another website, we may also be able to determine that you were sent to and/or transacted with a third-party website. This data is collected for use in our marketing, research, and other activities.
GIF. We may use tiny images known as clear GIFs to track behavior of users, including statistics on who opens our emails.
IP Address. Our servers automatically record certain log file information reported from your browser when you access the Website. These server logs may include information such as which pages of the Website you visited, your internet protocol (“IP”) address, browser type, and other information on how you interact with the Website. These log files are generally deleted periodically.
Information We Collect from Third Parties
We may collect information that others provide about you when you use the Website, or obtain information from other sources and combine that with information we collect through the Website.
- Third Party Services. If you link, connect, or login to your account with a third party social media service (e.g., Facebook, Google, Instagram, Yelp, etc.), the third party service may send us information such as your registration and profile information from that service. This information varies and is controlled by that service or as authorized by you via your privacy settings at that service.
- Employment and Background Information. For job applicants in the United States, to the extent permitted by applicable laws, we may obtain reports from public records of criminal convictions or sex offender registrations. If someone has written a reference for you, it will be published on your public profile page.
- Other Sources. To the extent permitted by applicable law, we may receive additional information about you, such as demographic data or fraud detection information, from third party service providers and/or partners, and combine it with information we have about you. For example, we may receive background check results or fraud warnings from service providers like identity verification services for our fraud prevention and risk assessment efforts. We may receive information about you and your activities on and off the Website through partnerships, or about your experiences and interactions from our partner ad networks.
Some content or applications, including advertisements, on the Website are served by third parties, including advertisers, ad networks and servers, content providers and application providers. First-party or third-party cookies may be used alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website. A first-party cookie is a cookie set by the domain name that appears in the browser address bar. A third-party cookie is a cookie set by (and on) a domain name that is not the domain name that appears in the browser address bar. It might be set as part of a side resource load (image, JS, iframe, etc., from a different hostname) or an AJAX HTTP request to a third-party server. The information that first-party and third-party cookies collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services (i.e., tracking such activities). They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For more information on how to opt-out of third-party advertiser tracking mechanisms, please click here.
We use Google AdSense Advertising (or other search engine or display network advertising) on our website. Google’s advertising requirements and principles are set forth here. They are put in place to provide a positive experience for users. We have implemented the following: (a) Remarketing with Google AdSense and (b) Google Display Network Impression Reporting.
We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our Website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add-on.
How We Use Your Information
We use information that we collect about you or that you provide to us, including any Personal Information, for one or more of the following purposes:
- To present our Website and its contents to you.
- To provide you with information and respond to your questions on products or Services that you request from us and information on new products and services, discounts, special promotions or upcoming events, and features or offers that we believe will be of interest to you.
- To provide you with the products, services, or information that you have requested.
- To provide you with notices about your account, including expiration and renewal notices.
- To notify you about information regarding or changes to our Website, our policies, terms, or any products or Services we offer or provide, or regarding your account
- To process your account application and any changes to your account information.
- To process Personal Information or other information that you submit through to us.
- To allow you to participate in interactive features on our Website.
- To contact you regarding a sweepstakes, contest or promotion in which you have participated.
- To provide statistics about the usage levels of the Website and other related information to reputable third parties, but these statistics will not include information which will allow you to be identified.
- To notify you of data privacy incidents or provide you with legally required information.
- To fulfill any other purpose for which you provide Personal Information.
- In any other way we may describe and for which we obtain your consent when you provide the information and you give your consent.
We use the information we collect about you to deliver the services we offer, and to operate and improve our Website. Our services may include a Short Message Service (“SMS”) which may deliver up to 2 messages per day to your wireless device and the display of personalized content and advertising. We may use your information to contact you about Website updates, conduct surveys, or informational and service-related communications, including important security updates. You may remove your information by replying “STOP” to the SMS text message you received or by sending “STOP” via SMS to short code 855-223-3401. Alternatively, you may submit your request by email to us, including the email address and phone number you registered with us.
Social Media Plugins
We integrate social media application program interfaces or plug-ins (“Plug-ins”) from social networks, including Facebook, Google+, LinkedIn, Xing, Twitter, Instagram, Tumblr, Pinterest and/or possibly other companies, into the Website. In order to register as a user with us, you may have the option to sign in using your Facebook or other social media site login.
For example, when you visit our Website, the plugin creates a direct connection between your browser and the Facebook server. This allows Facebook to receive information about your visit to our Website with your IP address. If you click the Facebook “Like” button while you are logged on to your Facebook account, you can link the contents of our Website to your Facebook profile. This allows Facebook to assign your visit to our Website to your user account. Please note that as provider of the Website, we receive no notification about the contents of the transmitted data or their use by Facebook. If you do not want Facebook to assign your visit to our Website to your Facebook user account, please log out of your Facebook user account.
How We Share Your Personal Information
We may or do disclose your Personal Information, in whole or in part, to the following types of third parties, and for one or more the following purposes:
|Who We May Disclose Personal Information to and for What Purpose|
|Data storage or hosting providers for the secure storage and transmission of your data|
|Database and software service providers for the management and tracking of your data|
|Identity management providers for authentication purposes|
Disclosures to Service Providers: We may share your Personal Information with third parties for the purpose of providing or improving the Services to you. We may share your Personal Information with third party service providers which perform services on our behalf (“Service Providers”). This includes, without limitation, Service Providers which provide services relating to: outbound and/or inbound communications, analyze data, credit checks, screening checks, collection services, marketing assistance, managing customer information, creating, hosting, and/or providing customer or support services on our behalf, fulfilling orders, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analyzing data, providing search results and links (including paid listings and links), and processing credit card payments. These Service Providers may have access to your Personal Information in order to provide these services to us or on our behalf. If we engage Service Providers for any of the foregoing, use of your Personal Information will be bound by obligations of confidentiality and their use of Personal Information will be restricted to providing their services to us. We may store Personal Information in locations outside our direct control (for instance, on servers or databases located or co-located with hosting Service Providers).
We will attempt to notify you about these requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon us, our users, our Website, or our Services. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that user about the request after the fact if we determine in good faith that we are no longer legally prohibited from doing so and that no risk scenarios described in this paragraph apply.
Disclosures to Marketing Partners:
We do not disclose or share your Personal Information with any third parties for which we receive any monetary or other valuable consideration. In other words, we do not sell your Personal Information, period.
Disclosure of De-Identified Personal Information: We may share De-Identified Personal Information with third parties for any purpose. De-Identified Personal Information or non-Personal Information may be aggregated for system administration and to monitor usage of the Website. It may be utilized to measure the number of visits to our Website, average time spent, number of pages viewed and to monitor various other Website statistics. This monitoring helps us evaluate how visitors use and navigate our Website so we can improve the content. We may share De-Identified Personal Information or anonymous information (including, but not limited to, anonymous usage data, referring/exit pages and URLs, IP address, platform types, number of clicks, etc.) with interested third parties in any way we choose and for any purpose. We may disclose, sell, rent, etc., your De-Identified Personal Information to third parties and we may receive valuable consideration for doing so.
Your Consent to Disclosure/Transfer/Sale of Your Personal Information: You consent to our disclosure of your Personal Information and other information to a potential or actual buyer of our company or other successor for the purpose of considering a merger, divestiture, restructuring, reorganization, dissolution, change in control, or sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or other court proceeding, in which Personal Information held by us is among the assets transferred. You agree to and do hereby consent to (and shall not object to) our assignment, conveyance, transfer, and/or license (whether by contract, merger or operation of law) of any or all of our rights to your Personal Information and your consents, in whole or in part, and other information, with or without notice to you and without your further consent.
Data Transfer/Access Outside of the United States
We have our headquarters in the United States. The Personal Information we or our service providers collect may be stored and processed in servers within or outside of the United States and wherever we and our service providers have facilities around the globe, and certain information may be accessible by persons or companies outside of the United States who provide services for us. As such, we and our service providers may transfer your Personal Information to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take reasonable steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it. If you are located in the UK, European Economic Area (“EEA”), or Switzerland, we provide adequate protection for the transfer of Personal Information to countries outside of the UK, EEA, or Switzerland through a series of intercompany agreements based on the Standard Contractual Clauses. We may also need to transfer your information to other group companies or service providers in countries outside the EEA. This may happen if our servers or suppliers and service providers are based outside the UK, EEA, or Switzerland, or if you use our services and products while visiting countries outside this area.
If you are a resident of a country other than the United States, you acknowledge and consent to our collecting, transmitting, and storing your Personal Information out of the country in which you reside.
We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration and disclosure. Your Personal Information is contained behind secured networks and a firewall and is only accessible by our personnel and by a limited number of service providers who have special access rights to our systems, and who are required to keep the information confidential. Our Website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our Website safer.
The safety and security of your information also depends on you. You should maintain good internet security practices. Where you have password-protected access to an account or certain parts of the Website or Services, you are responsible for keeping this password confidential. You should not share your password with anyone. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or mobile device and browser by signing off after you have finished accessing your account. If your email account or Facebook account is compromised this could allow access to your account with us if you have given us those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. If you think that any of your accounts have been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. The information you share in public areas may be viewed by other users. We will never email you to ask for your password or other account login information. If you receive such an email, please send it to us so we can investigate.
You hereby releases and forever discharge us and our affiliates, subsidiaries, officers, directors, employees, and agents, and their respective successors and assigns, and you will indemnify, defend and hold us harmless, from and against any liability, claim, or cost (including attorneys’ fees), arising directly or indirectly from any failure by you to maintain the security of your email or other accounts that directly or indirectly results in an unauthorized third party having access to such email or accounts or causes us to transfer funds based on instructions purporting to have originated from you (i.e., “wire transfer fraud” or “business email compromise” events).
Unfortunately, the transmission of information via the internet is not completely secure. Although we do use security measures designed to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to us or which we obtain. Any transmission of Personal Information is at your own risk. Unauthorized entry or use, or hardware or software failure, and other factors, may compromise the security of user information at any time. We are not responsible for circumvention of any privacy settings or security measures contained on the Website or used with our Services.
The time periods for which we retain your Personal Information depend on the purposes for which we use it. We will keep your Personal Information for as long as your account is active, or for as long as we have another business purpose to do so (such as, but not limited to, for business, tax, or legal purposes) and, thereafter, for no longer than is required or permitted by law, or our records retention policy, reasonably necessary for internal reporting and reconciliation purposes, or to provide you with feedback or information you might request. This period of retention is subject to our review and alteration.
We may retain De-Identified Personal Information for as long as we deem appropriate.
You can delete your account or request that we delete your account by contacting us.
We retain your information after you request such deletion for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights or for certain business requirements. We may retain De-Identified Personal Information for as long as we deem appropriate. For example, if we process your payments, we will retain this data for longer periods of time as required for tax or accounting purposes. Additional examples of specific reasons we would retain some data for longer periods of time include:
- Our contractual and business relationships with you.
- Security, fraud and abuse prevention – i.e., to protect you, other people, and us from fraud, abuse, and unauthorized access.
- Financial recordkeeping – when you make a payment to us we are often required to retain this information for long period of time for purposes of accounting, dispute investigation and resolution, and compliance with tax, anti-money laundering, and other financial regulations.
- Complying with legal or regulatory requirements – to meet any applicable law, regulation, legal process, or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations.
- Direct communications with us – if you have directly communicated with us, through a customer support channel, feedback form, or a bug report, we may retain reasonable records of those communications.
Even if you delete your account, keep in mind that the deletion by our Service Providers may not be immediate and that the deleted information may persist in backup copies for a reasonable period of time. We may retain De-Identified Personal Information for as long as we deem appropriate.
What Information You Can Access, Change, or Delete
Through your user account settings page, you may access and, in some cases, edit, or delete certain information you’ve provided to us, such as name and password, email address, address, user profile information, etc. The information that you can view, update, and delete may change as the Services or our practices change. If you have any questions about viewing or updating information we have on file about you, please contact us.
Privacy Notice for California Residents
The following in this section applies only to California residents.
California Online Privacy Protection Act (“CalOPPA”; Calif. Bus. & Prof. Code § 22575-22578, available here):
CalOPPA applies only to companies which collect Personal Information of California residents.
How We Respond to Do Not Track Signals.
We honor Do Not Track signals, and we do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place.
Visitors can visit our Website anonymously by adjusting the settings in your browser.
Third-Party Behavioral Tracking. We do not allow third-party behavioral tracking of Personal Information, though we may use De-Identified Personal Information to track users’ click or browsing patterns.
California Consumer Privacy Act of 2018 (“CCPA”, available here): If you are a California resident (occasionally referred to as “Consumer”), California law provides you with additional rights regarding our use of your Personal Information.
This “Privacy Notice for California Residents” section does not apply (at least until January 1, 2021) to the Personal Information of California residents that we collect:
- which is reflecting a written or verbal communication or a transaction between us and you, where you are acting as an employee, owner, director, officer, or contractor of a company or government agency and whose communications or transaction with us occurs solely within the context of our conducting due diligence regarding, or providing or receiving a product or service to or from such company or government agency; or,
- in the course of your acting as a job applicant to or an employee of our company to the extent that your Personal Information is collected and used by us solely within the context of your role or former role as a job applicant to, an employee of our company.
California residents have the right to (a) access a copy of their Personal Information held by us, (b) request deletion of their Personal Information held by us, and (c) opt-out of the sale of their Personal Information (but which is inapplicable to us because we do not sell your Personal Information). These rights can be exercised by completing and submitting the webform available here.
No Sale of Personal Information
WE DO NOT SELL (AS THAT TERM IS DEFINED IN THE CCPA) YOUR PERSONAL INFORMATION, PERIOD.
Right To Access to Specific Information
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable Consumer request, we will disclose to you:
- The categories of Personal Information we collected about you.
- The categories of sources for the Personal Information we collected about you.
- Our business or commercial purpose for collecting that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information we collected about you (also called a data portability request).
- If we disclosed your Personal Information for a business purpose, a list disclosing disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
Deletion Request Right
You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable Consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies (as described below).
As permitted by CCPA we may delete your Personal Information by (a) permanently and completely erasing the Personal Information on our existing systems with the exception of archived or back-up systems; (b) de-identifying the Personal Information; or, (c) aggregating the Personal Information.
We may deny your deletion request if retaining the information is necessary for us or our Service Provider(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal, regulatory or law enforcement obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable Consumer request to us by: sending an email to us at firstname.lastname@example.org Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable Consumer request related to your Personal Information. You may also make a verifiable Consumer request on behalf of your minor child. You may only make a verifiable Consumer request for access or data portability twice within a 12-month period. The verifiable Consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; and,
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable Consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable Consumer request to verify the requestor’s identity or authority to make the request.
Email Verification Method: Upon receiving a data access or deletion request from you we will send an email to you at the email address we have for you on file. The email will ask you to respond to verify you as the Consumer making the request. Upon receipt of your verification we will match your information to that which is in our file. Upon verification of your identity we will proceed to process your request (subject to the exceptions stated above).
Webform Verification Method: When you submit a request using our webform (available here) we will match the information you submitted with the information we have for you on file. Upon verification of your identity we will proceed to process your request (subject to the exceptions stated above). We may not be able to comply with your request if (a) we are unable to verify your request, (b) if we are unable to match you with information in our database, or (c) if an exception under the law exists exempting us from complying with your request.
Response Timing and Format
We will confirm receipt of your request within ten (10) days of receiving it. We will respond to a verifiable Consumer request within forty-five (45) days of its receipt. If we require more time (up to an additional forty-five (45) days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable Consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable Consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Please note that this right does not apply to business-to-business customers, employment applicants, or independent contractors to us, or if the disclosure of Personal Information is for purposes consistent with the California resident’s reasonable expectations, when considering the submission’s circumstances.
We will not discriminate against you simply for your exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including by refusing to gran discounts or other benefits, or imposing penalties;
- Provide you a different level or quality of goods or services; or,
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
We may not be able to comply with your request if (a) we are unable to verify your request, (b) if we are unable to match you with information in our database, or (c) if an exception under the law exists exempting us from complying with your request.
Privacy Rights Notice For Nevada Residents Only
Under Nevada privacy law, Nevada residents have a right to submit a verified request directing certain operators of Internet websites and online services not to sell their personal information. We do not “sell” (as that term is defined under the Nevada law) Personal Information of Nevada residents.
Notices; Opting Out
By providing us with your email address (including by “following,” “liking,” linking your account to our Service or other services, etc., on a third party website or network), you consent to our using the email address to send you Service-related notices by email, including any notices required by law, in lieu of communication by postal mail. You also agree that we may send you notifications of activity regarding our Website, our products or Services, and your account, to the email address you give us, in accordance with any applicable privacy settings. We may use your email address to send you other messages or content, such as, but not limited to, newsletters, additions or changes to features of the Products, or special offers. If you do not want to receive such email messages, you may opt out by emailing us your opt-out request or by clicking “unsubscribe” at the bottom of our e-newsletter. Opting out may prevent you from receiving email messages regarding updates, improvements, special features, announcements, or offers. You may not opt out of Service-related emails. You can add, update, or delete information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your account by emailing us. It is your responsibility to maintain your current email address with us.
Privacy Outside of the United States
If you are a citizen or resident of the UK, European Economic Area (“EEA”), Switzerland, or other regions with laws governing data collection and use that may differ from the laws in the United States, please note that we may transfer your information to a country or jurisdiction that does not have the same data protection laws as your jurisdiction. We may do so to process your information by staff operating outside the these countries who works for us or for one of our service providers.
GDPR: The Follow Provisions Apply Only to Citizens and Residents of the United Kingdom, EEA, and Switzerland
Our Legal Basis for Processing Personal Data (UK, EEA and Swiss Visitors Only)
If you are a visitor using our Website from the UK, EEA or Switzerland, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we need the Personal Data to perform Services for you for which you have contracted with us, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.
If you are subject to GDPR, your rights include the following:
- The right to access – Upon request, we will confirm any processing of your Personal Information and, and provide you with a copy of that Personal Information in an acceptable machine-readable format.
- The right to rectification – You have the right to have us correct any inaccurate Personal Information or to have us complete any incomplete Personal Information.
- The right to erasure – You may ask us to delete or remove your Personal Information and we will do so in some circumstances, such as where we no longer need it (we may not delete your data when other interests outweigh your right to deletion).
- The right to restrict processing – You have the right to ask us to suppress the processing of your Personal Information but we may still store your Personal Information. See below for more information.
- The right to object to processing – You have the right to object to your Personal Information used in the following manners: (a) processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); (b) direct marketing (including profiling); and, (c) processing for purposes of scientific/historical research and statistics. See below for more information.
- The right to data portability – You have the right to obtain your Personal Information from us that you consented to give us or that is necessary to perform fulfillment of member benefits with you. We will give you your Personal Information in a structured, commonly used and machine-readable format.
- The right to complaint to a supervisory authority – You have the right to file a complaint with a supervisory authority, in particular in the European member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of Personal Information relating to you infringes upon your rights.
- The right to withdraw consent – We rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on your prior consent.
Collecting Personal Information. In connection with our recruiting and job application process, you may provide Personal Information to us. We ask for certain data, including (unless prohibited by applicable law) educational and employment background, contact information and preferences, job qualifications, and jobs for which you would like to submit an application. You also may choose to provide us additional information, such as your CV, resume, and/or transcripts; employment references and related information; and compensation requests. In addition, we may collect information from third parties, for example, in connection with a background, employment, and/or employment reference check (as permitted by applicable law).
Sensitive Personal Information. We do not request or require sensitive Personal Information concerning religion, health, sexual orientation, or political affiliation in connection with recruiting. If you have a disability and would like us to consider any accommodation, you may provide that information during the recruiting process.