Last updated January 01, 2020
Welcome to Vooks, provided and maintained by Vooks Inc., (referred to hereinafter as, “Vooks,” or “Company,” or “We,” or “Us,” or “Our”), an online educational platform that provides individuals, families and schools with an online streaming library of animated children’s books through Our website located at https://www.vooks.com (“Site”), Our Vooks application (“App”), and related device and products (“Products”) (collectively referred to as “Vooks Services”).
Your continued use of the Vooks Services thereafter shall constitute immediate acceptance of all revised, modified and/or amended terms to this Policy. However, You should review the most up-to-date version of the Policy from time-to-time on the Site. We will notify You of any material changes, amendments or modifications to the Policy through the Site, or through other communication. In the event You choose not to agree and accept the new, modified or amended Terms, You shall cease use of all the Vooks Services and provide Us with written notice.
This Policy constitute a binding agreement between You and Us. By accessing and/or using the Vooks Services, either through the Site or the App, You agree to the terms of this Policy.
A. Navigational Information: Navigational information refers to information about Your computer, device, VPN information, IP address, the date and time of the visit and how long You remained on Our websites, the referral URL (the site from which the visitor has come), the pages visited on Our websites and information about the device and browser (such as, browser type and version and operating system), browser history, and geographical location.
B. Personal Information: This refers to full name, email address, phone numbers, payment information, credit or debit card numbers, personal financial account information, driver's license numbers or similar personal identifiers, or any information that can be used to identify You or that We can link to You.
C. User Content: Content uploaded or submitted by Users such as feedback, information, updates, comments, text, images, photographs, videos, notes, sounds, data, posts and suggestions.
D. User Information: Information such as name, email address, username, passwords, census data, and payment information
1. WHAT INFORMATION DO WE COLLECT? We may, depending on Your use of the Services, collect the following “Data”:
a. Navigational Information and UDID. If You are visiting or using the Services, We may automatically collect Navigational Information, such as Your IP address, the date and time of the visit and how long You remained on Our Site, the referral URL, the pages visited on Our Site or App and information about the device and browser (such as, browser type and version and operating system). We may also collect visitor data through third party services such as Google Analytics, in order to better understand visitor behavior, demographics, locations, page views, time spent on the Site or App, and other metrics and analytics used to provide and improve the Vooks Services. In addition to the information We collect on Our Site, We may also collect Your city location, device model and version, device identifier (or “UDID”), and OS version. This information is primarily needed to maintain the security and operation of Our Services or Apps, and for Our internal analytics and reporting purpos
b. Personal Information: We collect Personal Information that You voluntarily provide to Us when (1) creating an account to use the Services through Our Site or App; (2) when You express an interest in obtaining information about Us or Our Services or Products; and (3) when participating in activities on the Services or otherwise contacting Us. The Personal Information We collect can include the following: Your full name, email address, phone numbers, payment information, credit or debit card numbers, personal financial account information, driver's license numbers or similar personal identifiers, or any information that can be used to identify You or that We can link to You. All Personal Information that You provide to Us must be true, complete and accurate, and You must notify Us of any changes to such Personal Information. The Personal Information provided for the Vooks Services is stored and managed on servers and third-party hosting services, including without limitation, Amazon Web Services, VHX/VIMEO, Stripe, Mailchimp, Justuno, Google Cloud, Mapbox.
d. User Content. We also keep a record of Our correspondence with You, including without limitation, any feedback and/or testimonials You have provided on any of the Vooks Services, information provided to Our customer service, and/or User Content.
e. Online Identifiers. Like many businesses, We also collect information through cookies and similar technologies. We collect devices, cookie identifiers, or others such as the ones used for analytics and marketing, and other similar data. Most Web browsers are set to accept cookies by default. If You prefer, You can usually choose to set Your browser to remove cookies and to reject cookies. If You choose to remove cookies or reject cookies, this could affect certain features or services of Our Services or Apps. To opt-out of interest-based advertising by advertisers on Our Services or Apps visit http://www.aboutads.info/choices/.
f. Mobile Device Data. We may automatically collect device information (such as Your mobile device ID, model and manufacturer), operating system, version information and IP address.
g. Push Notifications. We may request to send You push notifications regarding Your account or the mobile application. If You wish to opt-out from receiving these types of communications, You may turn them off in Your device’s settings.
h. INFORMATION ABOUT MINORS/CHILDREN. ALTHOUGH THE VOOKS SERVICES IS DESIGNED TO SUPPORT FAMILIES AND SCHOOLS WITH CHILDREN OF ALL AGES, WE NEVER COLLECT, SELL, SHARE, OR STORE INDIVIDUAL CHILD OR STUDENT DATA. THE ONLY INFORMATION WE COLLECT, STORE AND USE TO PROVIDE THE SERVICES IS THE PERSONAL INFORMATION OF THE ACCOUNT CREATOR, WHO MUST BE ABOVE THE AGE OF 18. INDIVIDUALS BELOW THE AGE OF 18 (“MINORS”) SHALL NOT BE ALLOWED TO CREATE A VOOKS ACCOUNT WITHOUT THE EXPRESS PERMISSION OF A LEGAL GUARDIAN OR PARENT. IF YOU BECOME AWARE THAT VOOKS HAS COLLECTED PERSONAL INFORMATION FROM A MINOR WITHOUT PARENTAL OR LEGAL GUARDIAN CONSENT, PLEASE LET US KNOW BY CONTACTING US AT firstname.lastname@example.org, SO WE CAN TAKE APPROPRIATE ACTION. TO PREVENT INADVERTENT DISCLOSURE OF PERSONAL INFORMATION WHILE USING THE VOOKS SERVICES, ASSIST IN EFFECTIVE USE OF INFORMATION, AND ENSURE APPROPRIATE USE OF THE VOOKS SERVICES, WE STRONGLY ENCOURAGE THE PARENT OR GUARDIAN OF ANY MINOR TO ACTIVELY GUIDE ANY INTERACTIONS WITH AND/OR USE OF THE VOOKS SERVICES.
i. STUDENT DATA. NO STUDENT DATA IS COLLECTED THROUGH THE USE OF THE SERVICES, HOWEVER, IN THE EVENT ANY STUDENT DATA IS INADVERTENTLY COLLECTED, ALL PARENTS OR LEGAL GUARDIANS SHALL HAVE THE RIGHT TO REQUEST THE STUDENT DATA BE DELETED, NOT USED, AMENDED, ANONYMIZED, DE-IDENTIFIED OR AGGREGATED.
2. HOW DO WE USE YOUR INFORMATION?
We process and use the Data described in Section 1 for purposes based on legitimate business interests, the fulfillment of Our legal obligations and contracts with You, compliance with Our legal obligations, and/or Your consent. Further, We use Personal Information collected via Our Services for a variety of business purposes described below. By accepting this Policy, You hereby agreed that We may use the Data We collect or receive:
a. To facilitate account creation and logon process. If you choose to link Your account with Us to a third-party account (such as Your Google or Facebook account), We use the information You allowed Us to collect from those third parties to facilitate account creation and logon process for the performance of the contract;
b. To send You marketing and promotional communications. We and/or Our third-party marketing partners may use the Data You send or give to Us for Our marketing purposes, if this is in accordance with Your marketing preferences. You can opt-out of Our marketing emails at any time;
c. To send administrative information and notices to You regarding Your account. We may use Your Data to send You product, service and new feature information and/or information about changes to Our terms, conditions, and policies;
d. Fulfill and manage Your orders, subscriptions, features, and other purchases or requests. We may use Your information to fulfill and manage Your orders, payments, returns, and refunds, if applicable, made through the Services or App;
e. Deliver targeted advertising to You unless You opt out from receiving such advertising. We may use Your information to develop and display content and advertising (and work with third parties who do so) tailored to Your interests and/or location and to measure its effectiveness;
f. Administer prize draws and competitions. We may use Your information to administer prize draws and competitions when You elect to participate in competitions;
g. Request feedback and to contact You about Your use of Our Services;
h. To protect Our Services from fraud monitoring and prevention;
i. To enforce Our terms, conditions and policies;
j. To respond to legal requests and prevent harm. If We receive a subpoena or other legal request, We may need to inspect the data We hold to determine how to respond;
k. To manage user accounts. We may use Your information for the purposes of managing Our account and keeping it in working order;
l. To deliver services to the user. We may use Your information to provide You with the requested service;
m. To respond to user inquiries/offer support to users. We may use Your information to respond to Your inquiries and solve any potential issues You might have with the use of Our Services;
n. For other business purposes. We may use Your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of Our promotional campaigns and to evaluate and improve Our Services or Apps, products, marketing and Your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not include Personal Information. We will not use identifiable Personal Information without Your consent;
o. For the purposes of development, research, and improvement of educational sites, services, or applications, as any other member of the public or party would be able to use de-identified data pursuant to 34 CFR 99.31(b);
p. To identify the school district or individual school name that is using Our Services as a way of marketing and advertising Our Services to more schools and educational institutions; and
q. We may post user testimonials and comments on Our App or Site upon written notice to You, which may contain User Information. You have the right to request removal of such testimonial and/or comment(s) upon receiving Our written notice.
3. WHEN WILL INFORMATION BE SHARED?
a. We Never Sell Your Data. Most importantly, Vooks does not sell, share, license, or otherwise share Your Personal Information or any personally identifiable information with any entity or person, except as expressly described in this Policy or when We have a legal basis to do so, for instance with Your prior written consent or a court order.
b. Service Providers and Affiliates.
ii. Vooks and its affiliated entities may share information with third-party data controllers, law enforcement agencies and potential transaction partners where Vooks and its affiliated entities have a legal basis to do so.
c. By Law or Protected Right.
i. We may disclose part or all User Information, User Content and/or Personal Information collected through the Vooks Services, if (1) required by law; (2) if We believe that disclosure is necessary to comply with the law; (3) to enforce Our intellectual property rights; (4) to protect the rights, property or safety of Us and Our employees or agents; and (5) if necessary to defend against third-party claims. We may also disclose Data collected on the App or Site when requested to comply with a court order, investigation, subpoena or governmental request. We will notify You of such use, either by a notification on the Site or by email to You.
d. Business Transfers.
e. Vendors, Consultants and Third-Party Service Providers.
4. WHO WILL YOUR INFORMATION BE SHARED WITH?
We may share and disclose Your Data with the following third parties, vendors, contractors and affiliates solely for the purposes of providing and improving the Services.
a. Advertising, Direct Marketing, and Lead Generation such as LinkedIn, Twitter, Youtube, Google AdSense, Facebook Audience Network, and Pinterest;
b. Affiliate Marketing Programs such as Amazon Affiliates;
c. Communicate and Chat with Users such as Zendesk and MailChimp;
d. Data Backup and Security such as Google Business;
e. Functionality and Infrastructure Optimization such as Amazon Web Service, VHX/Vimeo;
f. Invoice and Billing such as Apple Pay, Google Wallet, Stripe, and Amazon Payments;
g. Web and Mobile Analytics such as Facebook Ads conversion tracking, Facebook Analytics, Google Ads, Google Analytics, AppsFlyer, JustUno, Monkedia, Segment and Zerobounce; and
h. Website Hosting such as Squarespace and VHX/Vimeo.
You have the right to revoke Your consent to Us sharing Your Data. You can exercise this right by contacting Us at email@example.com.
5. HOW LONG DO WE KEEP YOUR INFORMATION?
a. We will only keep Your Personal Information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). When We have no ongoing legitimate business need to process Your Data, We will either delete, de-identify it or anonymize it. If this is not possible (for example, because Your Data has been stored in backup archives), then We will securely store Your Data and isolate it from any further processing until deletion is possible.
b. If You have elected to receive marketing communications from Us, We retain information about Your marketing preferences for a reasonable period of time from the date You last expressed interest in Our content or Services, such as when You last opened an email from Us or ceased using Your Account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
6. HOW DO WE KEEP YOUR INFORMATION SAFE?
a. We are committed to protecting Your Data and We implement appropriate administrative, technical, and physical safeguards designed to safeguard the information that We collect. For instance, Vooks encrypts all data when in transit. However, no information system can be 100% secure. This means that We cannot guarantee the absolute security of Your Data. Moreover, We are not responsible for the security of information You transmit to Us over networks that We do not control, including the internet and wireless networks, or the data that is stored on Your device. Although We will do Our best to protect Your Personal Information, transmission of Personal Information to and from Our Services or Apps is at Your own risk. You should only access the services within a secure environment.
b. Secure Sockets Layer (SSL) technology protects Data on Our Site using both server authentication and data encryption, ensuring that user data is safe, secure, and available only to authorized persons.
c. Our computer systems are hosted in a secure data center environment that uses a firewall, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders.
7. REGULATORY DATA COMPLIANCE AND LOCAL EDUCATION AGENCY (LEA) PRACTICES.
a. Regulations and Data Compliance. VOOKS IS CONSIDERED A SCHOOL OFFICIAL WITH A LEGITIMATE EDUCATIONAL INTEREST AND THEY ARE A PART OF THE CALIFORNIA STUDENT PRIVACY ALLIANCE WHICH ENSURES THAT WE ARE COMPLIANT WITH THE FOLLOWING REGULATIONS AND ACTS: THE FEDERAL EDUCATIONAL AND PRIVACY RIGHTS ACT ("FERPA") AT 12 U.S.C. 1232G, CHILDREN'S ONLINE PRIVACY PROTECTION ACT ("COPPA"), 15 U.S.C. 6501-6502; PROTECTION OF PUPIL RIGHTS AMENDMENT ("PPRA") 20 U.S.C. 1232 H; AND AB 1584, FOUND AT CALIFORNIA EDUCATION CODE SECTION 49073.1 AND THE STUDENT ONLINE PERSONAL INFORMATION PROTECTION ACT (SOMETIMES REFERRED TO AS EITHER "SB 1177" OR "SOPIPA") FOUND AT CALIFORNIA BUSINESS AND PROFESSIONS CODE SECTION 22584, AND THE INDIVIDUALS WITH DISABILITIES EDUCATION ACT (“IDEA”), 20 U.S.C. §§ 1400 ET. SEQ., 34 C.F.R. PART 300.
b. STUDENT DATA OR PUPIL RECORDS. NO STUDENT DATA OR PUPIL RECORDS ARE COLLECTED THROUGH THE USE OF THE SERVICES. HOWEVER, IN THE EVENT ANY STUDENT DATA IS COLLECTED, ALL PARENTS OR LEGAL GUARDIANS SHALL HAVE THE RIGHT TO REQUEST THE STUDENT DATA BE DELETED, NOT USED, AMENDED, ANONYMIZED, DE-IDENTIFIED OR AGGREGATED.
c. LEA Property. If any student data or any other pupil records are transmitted to Vooks pursuant to an agreement between Vooks and the LEA, such data is and will continue to be the property of and under the control of the LEA. All rights, including all intellectual property rights in and to any student data or any other pupil records shall remain the exclusive property of the LEA.
d. Use of Data. Vooks will not and does not use any data or information collected through the use of the Services for any purpose other than providing Our users the Services and internal business and analytics. We will never share or sell data collected, unless required to do so by law, subpoena, legal proceeding or court order.
e. Third Parties. All of Our third-party affiliates, subcontractors, employees and agents are required to maintain the same confidentiality and are bound by the terms of this Policy.
f. De-identified Data. De-identified information may be used for the purposes of development and improvement of Our Site, Vooks Services and App.
g. Marketing. Vooks will not use any individual data or account user for marketing or advertising purposes, unless We have Your written consent to do so. We may, however, identify the school district or individual school name that is using Our Services as a way of marketing and advertising Our Services to more schools and educational institutions. Further, We will not use or sell individual identifiable information or data to (a) market or advertise to students or families/guardians; (b) inform, influence, or enable marketing, targeted advertising, or other commercial efforts; (c) develop a profile of a student, family member/guardian or group, for any commercial purpose other than providing the Services. We may however, use the email address that You give Us to customize Our marketing to You.
h. Technical Safeguards:
i. Unique password requirements and limited employee access;
ii. Destruction, deletion or de-identification of Data;
iii. Industry standard security protocols;
iv. Employee training on how to handle sensitive data, breach notice and procedures;
v. Secure Technology (SSL), server authentication and Data encryption and use of firewall to host data;
vi. Designated security coordinator on the Vooks team;
vii. Sub-processors and third-parties are bound to same security practice obligations;
vii. Backups; and
viii. Periodic audits.
i. Disposition of Data. If any personally identifiable data is collected through the use of the Services, We will ensure that it is destroyed, returned, or modified to make it unreadable or indecipherable, at the end of Your use of the Services, unless required to be retained and maintained in original form pursuant to law enforcement, legal proceeding, court order or subpoena. Vooks shall dispose or delete all personally identifiable data obtained through the Services, including the account holder or teacher’s information, when it is no longer needed for the purpose for which it was obtained and transfer said data to LEA or LEA’s designee within sixty (60) days of the date of termination and according to a schedule and procedure as they may reasonably agree. Disposition shall include (1) the shredding of any hard copies of any student data or pupil records; (2) erasing; or (3) otherwise modifying the Personal Information in those records to make it unreadable or indecipherable.
j. Parent Access. Vooks shall establish reasonable procedures by which a parent, legal guardian, or eligible student may review personally identifiable information on the pupil’s records, correct erroneous information, and procedures for the transfer of pupil-generated content to a personal account, consistent with the functionality of services. Provider shall cooperate and respond within ten (10) days to the LEA’s request for personally identifiable information in a pupil’s records held by Vooks to view or correct as necessary. In the event that a parent of a pupil or other individual contacts Vooks to review any of the student data accessed pursuant to the Services, Vooks shall refer the parent or individual to the LEA, who will follow the necessary and proper procedures regarding the requested information.
k. Data Breach: Vooks shall comply with all applicable federal and state laws that require notification to individuals, entities, state agencies, or federal agencies in the event of a data breach. When Vooks reasonably suspects and/or becomes aware of a disclosure or security breach concerning any Data, We shall notify the LEA or affected individual immediately and mitigate the damage of such security breach to the greatest extent possible. Vooks further agrees that it will provide the notification directly to LEA or the individual, and will fully cooperate, and assist as specifically requested. In the event of an actual data breach or the unauthorized access or disclosure of any sensitive or personal data, We will notify You in writing as soon as possible outlining the following information:
i. What happened (date of breach is possible, or estimated date of incident, or the date range within which the breached occurred);
ii. What information was involved (list the type of Personal Information);
iii. What We are doing to help resolve or mitigate the issue (and if there was any delay in providing this notice due to law enforcement investigation);
iv. What You can do to help Us;
v. How You can get more information or contact Us;
vi. Information about what We have done to protect individuals whose information has been breached;
vii. Advice on steps that the person whose information has been breached may take to protect himself or herself; and
viii. Information about the steps We have taken to cure the breach and the estimated timeframe for such cure.
8. GLOBAL DIGITAL PRIVACY REGULATIONS (GDPR) COMPLIANCE
a. Our legal basis for collecting and using information described herein will depend on the User Information and Data concerned, and the specific context in which We collect it. However, We will normally collect Personal Information and Data from You only where We have Your consent to do so, where We need the Personal Information and/or Data to perform a contract with You, or where the processing is in Our legitimate interests is not outweighed by Your data protection interests or fundamental rights and freedoms. In some cases, We may also have a legal obligation to collect and maintain Personal Information and/or Data from You.
b. If We ask You to provide Personal Information and/or Data to comply with a legal requirement or to perform a contract with You, We will make this clear at the relevant time and advise You whether the provision of Your Personal Information and/or Data is mandatory or not (as well as of the possible consequences if You do not provide Your Personal Information and/or Data). Similarly, if We collect and use Your Personal Information and/or Data in reliance on Our legitimate interests (or those of any third party), We will make clear to You at the relevant time what those legitimate interests are.
c. Processing shall be lawful only if and to the extent that at least one of the following applies:
i. The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
ii. Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
iii. Processing is necessary for compliance with a legal obligation to which the controller is subject;
iv. Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
v. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
vi. Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
9. WHAT ARE YOUR PRIVACY RIGHTS?
a. You have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of Your Personal Information, (ii) to request rectification or erasure; (iii) to restrict the processing of Your Personal Information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the sharing of Your Personal Information. To make such a request, please contact Us at firstname.lastname@example.org. We will consider and act upon any request in accordance with applicable data protection laws.
b. If We are relying on Your consent to process Your Personal Information, You have the right to withdraw Your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.
c. If You are resident in the European Economic Area and You believe We are unlawfully processing Your Personal Information, You also have the right to complain to Your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
d. If You would like to opt-out of or unsubscribe from receiving direct marketing communications, You can also use the unsubscribe link contained in the message You have received. However, You cannot opt out of receiving transactional emails related to Your account with Us or Services, unless You delete Your account. Where We process Your Data on the basis of Our or a third party's legitimate interest, You may object to such processing at any time by contacting Us at the address below. Our affiliates and partners are solely responsible for their own marketing emails and other communications directed to You. We cannot unsubscribe You from Our partners’ communications. You may, however, unsubscribe from Our communications regarding Our partners’ by clicking on the "unsubscribe" link located on the bottom of their emails, or by contacting them directly. You can also use this address to lodge a complaint. If You are not satisfied about the manner in which Vooks handles Your complaint, You may also lodge a complaint with Your local data protection authority.
f. If You would at any time like to review or change the information in Your account or terminate Your account, You can:
i. Log into Your account settings and update Your user account; or
ii. Contact Us using the contact information provided.
g. Opting out of email marketing: You can unsubscribe from Our marketing email list at any time by clicking on the unsubscribe link in the emails that We send or by contacting Us using the details provided below. You will then be removed from the marketing email list, however, We will still need to send You service-related emails that are necessary for the administration and use of Your account. To otherwise opt-out, You may:
i. Note Your preferences when You register an account with the site; or
ii. Contact Us using the contact information provided.
10. DATA BREACH
A privacy breach occurs when there is unauthorized access to or collection, use, disclosure or disposal of Personal Information. You will be notified about data breaches when Vooks believes You are likely to be at risk of serious harm. For example, a data breach may be likely to result in serious financial harm or harm to Your mental or physical well-being. In the event that Vooks becomes aware of a security breach which has resulted or may result in unauthorized access, use or disclosure of Personal Information, Vooks will promptly investigate the matter and notify the applicable supervisory authority not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
11. CONTROLS FOR DO-NOT-TRACK FEATURES
12. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
a. Shine The Light Law. California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits Our users who are California residents to request and obtain from Us, once a year and free of charge, information about categories of Personal Information (if any) We disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which We shared Personal Information in the immediately preceding calendar year. If You are a California resident and would like to make such a request, please submit Your request in writing to Us using the contact information provided below.
b. California Disclosures. If you are a California resident, you have certain additional rights with regard to your data under the California Consumer Privacy Act of 2018 ("CCPA") and other state laws, as further described below.
c. Personally Identifiable Information Collected. We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personally Identifiable Information"). In particular, We have collected the following categories of Personally Identifiable Information from Our users within the last twelve months, for the purposes described in Section 2 above:
i. Identifiers, including your name, address, IP address, and email address;
ii. Personal information from categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), including your name, address, telephone number, and credit card information;
iii. Commercial information, including records of the products You used or purchased, and Your purchasing history or tendencies; and
iv. Internet activity, including information about Your interaction with Our website and application.
d. Personally Identifiable Information does not include publicly available information from government records, de-identified or aggregated consumer information, or other information excluded from the CCPA's scope. We will not collect additional categories or use the Personally Identifiable Information We collected for materially different, unrelated, or incompatible purposes without providing You notice.
e. Sale of Personally Identifiable Information. In the preceding twelve months, We have not sold any of Our users Personally Identifiable Information.
f. Your Rights and Choices.
i. Pursuant to the CCPA, You have the following rights regarding Your Personally Identifiable Information: (1) Right to Notice; (2) Right to Access/Right to Request; (3) Right to Know; (4) Right to Delete; (5) Right to Opt-Out; (6) Right to Not Be Discriminated Against, and (7) Right to Notice of Financial Incentive.
ii. Upon a verified request, We will provide You with this information. You have the right to request that Your Personally Identifiable Information be deleted, anonymized, or not processed or shared. You can exercise these data rights by logging into Your account on Our Site or by emailing Us at email@example.com.
iii. Access to Specific Information and Data Portability Rights. You have the right to request that We disclose certain information to You about Our collection and use of Your Personally Identifiable Information over the past twelve months. Once We receive and confirm Your verifiable consumer request, We will disclose to You:
1. The categories of Personally Identifiable Information we collected about You;
2. The categories of sources for the Personally Identifiable Information We collected about You;
3. Our business or commercial purpose for collecting or selling that Personally Identifiable Information;
4. The categories of third parties with whom We share that Personally Identifiable Information;
5. The specific pieces of Personally Identifiable Information We collected about You (also called a data portability request);
6. If We disclosed Your Personally Identifiable Information for a business purpose, the Personally Identifiable Information categories that each category of recipient obtained.
iv. Deletion request rights. You have the right to request that We delete any of Your Personally Identifiable Information that We collected from You and retained, subject to certain exceptions. Once We receive and confirm Your verifiable consumer request, We will delete or de-identify or anonymize (and direct Our service providers to do the same) Your Personally Identifiable Information from Our records, unless an exception applies.
We may deny Your deletion request if retaining the information is necessary for Us or Our service providers to:
1. Complete the transaction for which We collected the Personally Identifiable Information, provide a good or service that You requested, take actions reasonably anticipated within the context of Our ongoing business relationship with You, or otherwise perform our contract with You;
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
3. Debug to identify and repair errors that impair existing intended functionality;
4. Exercise free speech, ensure the right of another user to exercise their free speech rights, or exercise another right provided for by law;
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
6. Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with Us; or
7. Comply with a legal obligation, court order or similar judicial request.
G. How to Exercise Your Rights. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Us by contacting us through email via firstname.lastname@example.org. Only You or a person registered with the California Secretary of State that You authorize to act on Your behalf, may make a verifiable consumer request related to Your Personally Identifiable Information. You may also make a verifiable consumer request on behalf of Your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must (i) provide sufficient information that allows Us to reasonably verify You are the person about whom We collected Personally Identifiable Information or an authorized representative, and (ii) describe Your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it. We will not be able to respond to Your request or provide You with Personally Identifiable Information if We cannot verify Your identity or authority to make the request and confirm the Personally Identifiable Information relates to You. Making a verifiable consumer request does not require You to create an account with Us. We will only use Personally Identifiable Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
H. Response Timing and Format. We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If We require more time (up to 90 days total), We will inform You of the reason and extension period in writing. If You have an account with Us, We will deliver Our response to that account by machine-readable and common electronic means. If You do not have an account with Us, We will deliver Our response by email electronically, at Your option. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable. For data portability requests, We will select a format to provide Your Personally Identifiable Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to Your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell You why We made that decision and provide You with a cost estimate before completing Your request.
I. Non-Discrimination. We will not discriminate against You for exercising any of Your CCPA rights. Unless permitted by the CCPA, We will not (i) deny You goods or services; (ii) charge You different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (iii) provide You a different level or quality of goods or services; or (iv) suggest that You may receive a different price or rate for goods or services or a different level or quality of goods or services. However, deletion of Your Personally Identifiable Information may hinder the performance of the Services.
13. YOUR RESPONSIBILITIES AND CONSENTS.
b. Our servers are based in the United States, so Your Data will be primarily processed by Us in the United States. You consent to the transfer and processing of Your Data in the United States, in the country You are located in, or the EEA/EU by Us and by Our partners and affiliates;
c. You consent and agree that We may transfer Your Data to data processors located in countries which do not have data protection laws that provide the same level of protection that exists in countries in the European Economic Area. Your consent is voluntary, and You may revoke Your consent by opting out at any time, as described above. Please note that if You opt-out, We may no longer be able to provide You with Our Services;
d. You consent to Us sharing Your Data with relevant persons working for service providers and third party affiliates who assist Us to provide Our Service; and
14. HOW CAN YOU CONTACT US ABOUT THIS POLICY?
If You have questions or comments about this policy, You may email Us at email@example.com or by post to:
2066 NW IRVING ST
PORTLAND, OR 97209