PRIVACY POLICY

[Last Modified: August 11, 2024]

 

       CONTACT INFORMATION AND DATA CONTROLLER INFORMATION:

Pristivo Ltd. is incorporated under the laws of the State of Israel, is the Data Controller of (as such term is defined under the GDPR or equivalent privacy legislation).

For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact our privacy team as follows:

By email: privacy@pristivo.com

By mail:  Tomer 12, Maccabim-Reut, Israel, 7179902

Telephone: +972-54-6642916

Data protection officer: privacy@pristivo.com

 

This privacy policy (“Privacy Policy” or “Policy”) governs the data processing practices of Pristivo Ltd. (“Company”, “we”, “us”, or “our”) when you engage with our Services that include the search product and landing pages directed from that product.

This Privacy Policy is hereby incorporated into our Terms of Service and any other terms of use governing the provision of our Services (“Terms”). Any capitalized terms used herein but not defined herein, shall have the meaning ascribed to it under the Terms of Service

This Privacy Policy applies to all users worldwide. If you are a resident of California, please refer to Section 12. Additional Privacy Information for California Residents for information about the categories of Personal Information we may collect and your rights under California privacy laws. If you are a resident of Colorado, Connecticut, Virginia, Texas, Florida, Washington, Oregon, or Utah, please refer to Section 13. Additional Privacy Information for Certain United States Residents, which includes additional information about privacy rights for residents of certain U.S. jurisdictions.

ACCEPTANCE OF THE TERMS: BY USING OUR SERVICES, YOU HEREBY AGREE TO THE TERMS OF THIS PRIVACY POLICY AND THE EULA AND TO THE ACCESS, COLLECTION, USE AND DISCLOSURE OF CERTAIN INFORMATION, AS DESCRIBED IN THIS PRIVACY POLICY AND IN THE THIRD PARTY'S POLICIES (AS DEFINED BELOW). IF YOU DO NOT AGREE TO THESE TERMS, PLEASE DO NOT ACCESS OR USE THE SERVICES.

Further, by using and accessing our Services, or by accepting this Privacy Policy and the Terms, you also consent to the following privacy policy of Yahoo, whose product might be offered to you as part of our service, available in the following link: https://info.yahoo.com/privacy/us/yahoo/search/details.html ("Third Party's Policies").

 

1.       POLICY AMENDMENTS:

We reserve the right to amend this Privacy Policy from time to time, at our sole discretion. The most recent version of the Privacy Policy will always be posted on the website and the update date will be reflected in the “Last Modified” heading. In the event of a material change we will make best efforts to send you a written notification. We will provide notice to you if these changes are material, and, where required by applicable law, we will obtain your consent. Any amendments to the Privacy Policy will become effective within 30 days upon the display of the modified Privacy Policy. We recommend you review this Privacy Policy periodically to ensure that you understand our most updated privacy practices.

 

2.       DATA SETS WE COLLECT AND FOR WHAT PURPOSE:

You can find here information regarding the data sets we collect, purposes for which we process your data as well as our lawful basis for processing, and how the data is technically processed. In general, we may collect two types of information from you, depending on your interaction with us:

 

Non-Personal Data

During your interaction with our Services, we may collect aggregated, non-personal non-identifiable information, which may be made available or gathered via your access to and use of the Services (“Non-Personal Data “). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data being collected may include your aggregated usage information and technical information transmitted by your device, such as: the type of browser or device you use, operating system type and version, language preference, time and date stamp, country location, etc.  

The Non-Personal Information which is being collected may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information as follows:

    Type of browser, including your default browser;

    Operating system your device uses;

    Language preference;

    The ways in which you use various features of the Services, your time of access and the domain name of the website from which you linked to the Services;

    We also may periodically collect usage statistics from users that describe the frequency of use of the Service;

    we may collect information about page views, impressions and clicks, as well as similar web usage information on our domains.

We may disclose or share Non-Personal Information with third parties as specified below and solely if applicable.

 

Personal Data

We may also collect from you, during your access or interaction with the Services, individually identifiable information, namely information that identifies an individual or may, with reasonable effort, be used to identify an individual (“Personal Data” or “Personal Information”). The types of Personal Data that we collect as well as the purpose for processing such data are specified in the table below.

To clarify, you can use the Services without providing us with any contact information. In addition, we collect you IP address through your use of the Product. Note that, while IP address is not considered personally identifiable information in many jurisdictions, there are jurisdictions (such as the EU), in which IP Address may be considered "Personal Information". Therefore, we treat the user's IP address as Personal Information, in accordance with applicable laws.

Nonetheless, if we combine Personal Information with Non-Personal Information, the combined information will be treated as Personal Information for as long as it remains combined.

We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person's health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).

The table below details the processing of Personal Data we collect, the purpose, lawful basis, and processing operations:

 

DATA SETS

PURPOSE AND OPERATIONS

LAWFUL BASIS UNDER THE GDPR

END USERS

Contact Information:

If you voluntarily contact us for support or other inquiries, you may be required to provide us with certain information such as your name, email address, etc.

We process such data to provide you with the support you requested or to respond to your inquiry.

The correspondence with you may be processed and stored by us in order to improve our customer service and in the event, we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable).

We process such information based on our legitimate interest. Unless you are contacting us for support, in which providing support is part of our contractual obligations to you.

Online Identifiers and usage data:

When you access our Service, we collect certain online identifiers such as: IP address, cookie ID, agent ID, unique identifiers (“Online Identifiers”).

We use tools, pixels and cookies, provided by third party analytic and marketing providers which collect online behavior data, insights and segments on website visitors. This data includes your click stream data, which sites your visited, which pages you viewed on our website, the website you directed from to our Services, search queries you inserted to our Services  and etc. (“Usage Data”). The Usage Data is usually connected to an Online Identifier.

we process such data to provide you our Services and to enable the operation of the Services and for security and fraud prevention purposes (i.e., to prevent or to be able to address any errors or technical issues in our Services).

We use the Online Identifiers, advertising ID, for tracking and provide you with personalized ads.

Where we collect such data for operation and security, we process your data based on our legitimate interest.

Where we use the Online Identifiers for personalized ads and tracking it will be based on your consent where required by law.

Location:

Based on the IP address or other information we may obtain such as zip code, we can approximately know your location.

We use this information for language preference and contextual advertisement ads based on your general location. We may further use this data in order to provide you with personalized ads.

Our legitimate interest. Where we collect such data for analytic and advertising purposes, we process the data based on your consent.

PARTNERS

Account Information:

In order to use our Service, you will be required to create an account or be designated with an account, from which you may use the Service and review the reports. The account information includes you Contact Information, billing information, access logs and usage data (such as the time and date the account was accessed the duration).

We will use this data in order to create you an account, provide you with account management, support and to provide the Services as well as  to send you needed information related to our Services and which related to our business engagement (e.g., send you a welcome message, notify you regarding any updates to our Services, send applicable invoices, etc.) and additional occasional communications and updates related to the Services, as well as promotional and marketing emails (“Direct Marketing”).

 

We may also use the information to authenticate you.

We process such data for the purpose of performing our contract with you, to provide the Services and to designate your account.

Payment Information:
In order to use the Services, you may be requested to provide customary billing information, such as name, and billing address. We will collect the transaction information, however we do not collect any payment method information (i.e., credit card) as we use the following third-party payment processors.

Will process this information to be able to provide our Services and process your payment.

We process this information for the purpose of performing our contract with you.

 

 

Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of Personal Data to third-party countries, as further detailed in the “International Data Transfer” Section below, is based on the same lawful basis as stipulated in the table above.

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.

We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services as detailed above. If we combine Personal Data with Non-Personal Data, the combined information will be treated as Personal Data or for as long as it remains combined.

 

3.       HOW WE COLLECT YOUR INFORMATION:

Depending on the nature of your interaction with the Services, we may collect information as follows:

 

4.       COOKIES AND SIMILAR TECHNOLOGIES:

We and our trusted partners use cookies and other technologies (e.g. web beacons, pixels, etc.) in our related Services, including when you visit our site or access our Services. Like many other vendors, we gather some information automatically, such as your usage data, by ourselves or by using third party service and store it in log files

A "cookie" is a small piece of information that a website assigns to your device while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include improving the Services, allowing you to navigate between pages efficiently, enable automatic activation of certain features, remembering your preferences and other information that is used on the webpages that you visit, making the interaction between you and our Services quicker and easier and customize and improve the Services. You can find more information about cookies at www.allaboutcookies.org. You may disable and remove some cookies through your device or browser settings. However, if you choose to disable cookies, some features of our Services may not operate properly and your online experience may be limited. You may control how your browser responds to cookies by adjusting the privacy and security settings of your web browser.

 

Our Service Providers may also use cookies, scripts or web beacons for the purpose of tracking and analyzing your use, this information does not include Personal Information. To learn more how Google uses data from our use of Google Analytics Cookie we recommend you review Google's policies located at: www.google.com/policies/privacy/partners . We also encourage you to review the Google Analytics' currently available opt-outs for the web tool available at: https://tools.google.com/dlpage/gaoptout/.

 

The specific Cookies we currently use within our Services, are detailed in the table below:

COOKIE NAME

PURPOSE

RPIVACY

Google Analytic

Performance Cookies (Analytics)

https://policies.google.com/privacy

Hotjar

https://www.hotjar.com/legal/policies/privacy/

Google Ads

Marketing Cookies

https://policies.google.com/privacy

Taboola

https://www.taboola.com/policies/privacy-policy

Facebook

https://www.facebook.com/privacy/policy/

Yahoo Ads

https://info.yahoo.com/privacy/us/yahoo/search/details.html

 

5.       DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH:

We share your data with third parties, including the advertisers or service providers that help us provide our Services. You can find here information about the categories of such third-party recipients. In addition, we may disclose your personal information to third parties when you consent to a particular disclosure of your personal information. Please note that once we share your information with third party, that information becomes subject to the other third party's privacy practices.

CATEGORY OF RECIPIENT

DATA THAT WILL BE SHARED

PURPOSE OF SHARING

Advertisers

Online Identifiers and Usage Data

We share this data with our advertising partners, so they will be able to place ads that best suit such user.

Service providers

 

 

All types of Personal Data

We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes, conducting customer relationship management, and providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services.

Compelled disclosure

Subject to your request

We may share Personal Data, in the event you request us to do so. In such event, the provisions of your Personal Data will be subject to such third parties' policies and practices only.
we will share your information, solely to the extent needed to comply with any applicable law or permitted by it, regulation, legal process or governmental request (e.g., pursuant to law enforcement inquiries, subpoenas or court orders), or when we believe, in good faith, it is required in order to enforce our policies (including our policies and agreements) including investigations of potential violations thereof or to detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues. In addition, we will share your information, solely to the extent needed to establish or exercise our rights to defend against legal claims or to prevent harm to the rights, property or safety of us, our users, yourself or any third party or for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.

Enforcement Of Our Rights and Security Detections. 

All types of Personal Data

We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required.

Any Acquirer of Our Business

All types of Personal Data

We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy. We may also disclose your information to our corporate affiliates in order to help provide, understand, and improve the Services and our affiliates' services, this means we may also internally combine information we have on you.

 

When we share information with third parties, we ensure they only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).

 

6.       USER RIGHTS AND OPT-OUT OPTIONS:

We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.

In the table below you can review your rights depending on your interaction with us, how you can exercise them, and appeal a decision we take in this regard, any specification per geo-location or territory are available below the table:

Right to be informed, right to know

You have the right to be provided with information regarding our Personal Data collection and privacy practices. All is detailed under this Privacy Policy.

Right to access

You have the right to know which Personal Data we specifically hold about you, and receive a copy of such or access it.

Right to correction

You have the right to correct inaccuracies in your Personal Data, taking into account the nature and purposes of each processing activity.

Right to be forgotten, right to deletion

You have the right to request the erasure of certain Personal Data if specific conditions are satisfied. This right is not absolute. Depending on your territory, we may reject your request under certain circumstances, including where we must retain the data in order to comply with legal obligations or defend against legal claims, other legitimate interests such as record keeping with regards to our engagements, completing transactions, providing a service that you requested, taking actions reasonably anticipated within the context of our ongoing business relationship with you, fulfilling the terms of a written warranty, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, or prosecuting those responsible for such activities; debugging products to identify and repair errors that impair existing intended functionality; exercising free speech, ensuring the right of another consumer to exercise their free speech rights, or exercising another right provided for by law; engaging in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.

 

Right to portability

You have the right to obtain the Personal Data in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. We will select the format in which we provide your copy.

Right to opt out under the EU, and specifically in the US the right to opt out from:

(i) selling Personal Data;

(ii) right to opt out from targeted advertising; and

(iii) right to opt out from profiling and automated decision making

Cookies: When you no longer wish for cookies to track your behavior on our website for analytic and marketing purpose, change your preferences through the cookie settings.

Sale of Personal Data for targeted advertising, monetary gain or profiling, or share or sale of personal information for analytic or marketing: If and to the extent applicable, you have the right to opt out of the sale of your Personal Data, for the purposes of targeted advertising, sale to a third party for monetary gain, analytic, etc.

You are able to install privacy-controls in the browser's settings to automatically signal the opt-out preference to all websites you visit (like the “Global Privacy Control”). We honor the Global Privacy Control, where applicable, subject to your jurisdiction, as a valid request to opt-out of the sharing of information linked to your browser.

Note you may have the right to authorize another person acting on your behalf to opt out (including by technical tools and opt out signals). 

In any event, please keep in mind that opt-out tools are limited to the browser or device you use because they work off your browser ID and device ID and, accordingly, you will need to opt-out on each browser and device you use. Your browser may save some information in its cookies and cache to maintain your privacy preferences. Clearing these may remove opt-out preferences, requiring you to opt-out again.

Right to appeal or complaint

If we decline to take action on your request, we shall so inform you without undue delay as required under applicable laws. The notification will include a justification for declining to take action and instructions on how you may appeal, if applicable. Under the EU you have the right to lodge a complaint with the supervisor authority or the Information Commissioner in the UK. Additional information for the appeal procedure under certain state laws, please see section “Jurisdiction-specific Notices.

Non-discrimination

Such discrimination may include denying a service, providing a different level or quality of service, or charging different prices. We do not discriminate our customers or users.

 

You may exercise any or your right above by sending us your request to [[email protected]].

 

7.       DATA RETENTION:

We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.

Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges; or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion. Please note that unless you instruct us otherwise (as detailed below) we retain the Non-Personal Information we collected for as long as needed to provide the Services and to comply with our legal obligations, resolve disputes and enforce our agreements. Further, we retain the Personal Information, we collected for as long as legally permissible, in accordance with applicable laws.

 

8.       SECURITY MEASURES:

We work hard to protect the Personal Data we process from unauthorized access, alteration, disclosure, or destruction. We have implemented physical, technical, and administrative security measures for the Services that comply with applicable laws and industry, such as encryption using SSL, we minimize the amount of data that we store on our servers, restricting access to Personal Data to our employees, contractors, and agents, etc. Note that we cannot be held responsible for unauthorized or unintended access beyond our control, and we make no warranty, express, implied, or otherwise, that we will always be able to prevent such access.

Please contact us at [email protected] if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

We may adopt what we believe is appropriate data collection, storage and processing practices and security

 

9.   INTERNATIONAL DATA TRANSFER:  

In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area ("EEA") is transferred outside of the EEA to a country that has not received an adequacy decision from the European Commission, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union. Thus, we will obtain contractual commitments or assurances from the data importer to protect your Personal Information, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well-recognized certification schemes.

 

10.   ELIGIBILITY AND CHILDREN PRIVACY:

The Services are not intended for use by children (the phrase "child" shall mean an individual that is under the age defined by applicable law, which concerning the EEA is under the age of 16, and with respect to the US, under the age of 13), and we do not knowingly process children's information. We will discard any information we receive from a user that is considered a "child" immediately upon discovering that such a user shared information with us. Please contact us at: [email protected] if you have reason to believe that a child has shared any information with us.

 

11.   JURISDICTION SPECIFIC NOTICES:

A.      ADDITIONAL NOTICE TO CALIFORNIA RESIDENTS

This section applies only to California residents, pursuant to the California Privacy Act of 2018 (“CCPA”) effective November 2020, and as amended by the California Privacy Rights Act, effective January 1, 2023.

This section does not address or apply to our handling of publicly available information or to Personal Information that is otherwise exempt under the CCPA.

     Categories of Personal Information Collected and Disclosed. While our processing of Personal Information varies based upon our relationship and interactions with you, the table below identifies the categories of Personal Information we may collect about you (and may have collected in the prior 12 months), as defined by the CCPA, as well as the categories of third parties to whom we disclosed Personal Information for a business or commercial purpose.

Categories of personal information

Do we collect this data?

Categories of Third-Party Disclosures

  1. Identifiers

Yes: Online Identifier; Internet Protocol address

  • Affiliates
  • Advisors and agents
  • Advertising networks
  • Data Analytics providers
  • Social networks
  • Regulators, government entities, and law enforcement (if required to do so by law or court order)
  • Others as required by law

F. Internet or other similar network activity.

Yes: information on a consumer’s interaction with a website

  • Affiliates
  • Advisors and agents
  • Advertising networks
  • Regulators, government entities, and law enforcement (if required to do so by law or court order)
  • Others as required by law

G. Geolocation Data

Yes: approximate location derived from IP address

  • Affiliates
  • Advisors and agents
  • Regulators, government entities, and law enforcement (if required to do so by law or court order)
  • Others as required by law

Sources of Personal Information. We generally collect Personal Information from the following categories of sources: directly and indirectly from you; affiliates; business partners; vendors and service providers; operations systems and platforms, and marketing and data analytics providers.

Purposes of Collection, Use, and Disclosure. As described above, we may collect, use, disclose and otherwise process the above personal information for the following business or commercial purposes and as otherwise directed or consented to by you:

Sales and Sharing of Personal Information. CCPA defines a "sale" as disclosing or making Personal Information available to a third party in exchange for monetary or other valuable consideration. CCPA also defines “sharing” as disclosing or making available Personal Information to a third party for purposes of cross-context behavioral advertising.

While we do not disclose Personal Information to third parties in exchange for monetary compensation, we may “sell” or “share” (as such terms are defined under the CCPA) the following categories of Personal Information in the following limited circumstances:

California Consumer Rights

California law grants consumers certain rights and imposes restrictions on particular business practices as set forth below. California consumers have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.

Incentives and Discrimination

The CCPA prohibits discrimination against California consumers for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California consumers related to their personal information.

Discrimination: if consumers exercise their rights under CCPA, businesses may not discriminate against them including by denying or providing a different level or quality of goods or services or charging or suggesting that a business will charge different prices or rates or impose penalties, unless doing so is reasonably related to the value provided to the consumer by the consumer’s data.

California’s Shine-The-Light Law

Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain personal information are entitled to request and obtain from us, free of charge, information about the personal information (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to [email protected]. In your request, please attest to the fact that you are a California resident. Your right to obtain information regarding any of your personal information we have shared with third parties for their own marketing use was included here solely in order to satisfy legal and regulatory notice requirements, we do not share any of your personal information with third parties for their own marketing use.

12.   JURISDICTION-SPECIFIC NOTICES

Information provided below supplements the information contained in this Privacy Policy and applies solely to consumers who reside in each applicable state. These additional disclosures are intended to provide you with additional information with regard to our handling of your Personal Data and certain consumer rights. Any disclosures regarding users’ rights and choices, the personal data or personal information processed, collected, used, shared or sold are all disclosed in the Privacy Policy, this section solely states additional rights, such as rights to appeal, which are specific per applicable state.

 

B.      Supplemental Information for Colorado Residents

Under the Colorado Privacy Act (“CPA”), Colorado residents acting in an individual or household context (and not in a commercial, employment context or as a job applicant) or someone on their behalf, are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of a verifiable Consumer Request (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at [email protected] and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

C.      Supplemental Information for Connecticut Residents

Under the Connecticut Data Privacy Act (“CDPA”), Connecticut residents acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity) or someone on their behalf, are allowed to exercise certain rights regarding their Personal Data. We shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests and we inform you of such extension within the initial 45 days response period, together with the reason for the extension. If we decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at [email protected] and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

D.      Additional Information for Florida Residents

Under the Florida Digital Bill of Rights (“FDBR”), Florida residents acting in an individual or household context (and not in a commercial or employment context) are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of your request. We reserve the right to extend the response time by an additional 15 days when reasonably necessary and provided consumer notification of the extension is made within the original 45-day timeframe. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at [email protected], specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

E.       Additional Information for Montana Residents

 * Effective October 2024

Under the Montana Consumer Data Privacy Act (“MTCDPA”), Montana residents acting in an individual or household context (and not in a commercial or employment context) are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of your request. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the original 45-day timeframe. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us a [email protected], specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Montana Attorney General at: https://app.doj.mt.gov/apps/oscar/complaintstart.aspx.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to once annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

F.       Additional Information for Orogen Residents

Under the Oregon Consumer Data Privacy Act (“OCDPA”), Oregon residents acting in an individual or household context (and not in a commercial or employment context) are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of your request. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the original 45-day timeframe. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at [email protected], specifying you wish to appeal. Within 45 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Oregon Attorney General at: [email protected].

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to once annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

G.      Additional Information for Texas Residents

Under the Texas Data Privacy and Security Act (“TDPSA”), Texas residents acting in an individual or household context (and not in a commercial or employment context) are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of your request. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the original 45-day timeframe. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at [email protected], specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Texas Attorney General at: https://consumerprotection.texasattorneygeneral.gov/consumercomplaintportal/s/flow/TCP_Complaint_Input_Data_Privacy.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

H.      Supplemental Information for Virginia Residents

Under the Virginia Consumer Data Protection Act (“VCDPA”) Virginia residents acting in an individual or household context (and not in a commercial or employment context) or someone on their behalf, are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of a verifiable Consumer Request (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at [email protected] and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request we will not be able to grant your request.

I.        Additional Information for Utah Residents

Under the Utah Consumer Privacy Act (“UCPA”), Utah residents acting in an individual or household context (and not in a commercial or employment context) are allowed to exercise certain rights regarding their Personal Data.

We will respond to your request within 45 days after receipt of your request (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, we will provide with the reasoning for our refusal.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.