Last modified: January 9, 2023
This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing the personal data we may collect from you or that you may provide when you visit our website(s) or other digital properties, communications, or forms that link or refer to this notice (our “Website“). This Policy also describes our data collection, use, protection and disclosure practices for customers that we provide our services to under a Master Services Agreement (“MSA”), or similar agreement. For purposes of this Policy, Website visitors shall be referred to as “Site Visitors” and customers that we provide services to under an MSA shall be referred to as “Customers.”
This Policy applies to the personal data collected through our Website, regardless of the country where you are located.
The Website may include links to third-party websites, plug-ins, services, social networks, or applications. Clicking on those links or enabling those connections may allow the third party to collect or share data about you. We do not control these third-party websites, and we encourage you to read the privacy notice of every website you visit.
Data We May Collect About You
We collect and use different types of data from and about you including:
- Personal data that we could reasonably use to directly or indirectly identify you, such as your name, postal address, email address, telephone number, username or other similar identifier, or any other identifier we may use to contact you online or offline (“personal data“).
- Non-personal data that does not directly or indirectly reveal your identity or directly relate to an identified individual, such as demographic information, statistics, or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific Website feature.
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, device name, country, time zone setting, language preferences, browser plug-in types and versions, or operating system and platform. Like many businesses, we also collect information through cookies and similar technologies.
- Non-personal details about your Website interactions, including the full Uniform Resource Locators (URLs), clickstream information to, through, and from our Website (including date and time), products viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods used to browse away from the page.
- We may obtain information about you from other sources, such as public databases, joint marketing partners, as well as from other third parties. Examples of the information we receive from other sources include: social media profile information; marketing leads and search results and links, including paid listings (such as sponsored links).
If we combine or connect non-personal, demographic, or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal data.
How We Collect Data About You
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us information about you by filling in forms or by corresponding with us by phone, email, or otherwise. This includes information you provide when you create an account, subscribe to our service, participate in discussion boards or other social media functions on our Website, enter a competition, promotion or survey, contact our customer service, and when you report a problem with our Website.
- Automated technologies or interactions. As you interact with our Website, we may automatically collect technical data about your equipment, browsing actions and patterns as specified above. We collect this information by using cookies, server logs, and other similar technologies (see Cookies and Automatic Data Collection Technologies).
- Third parties or publicly available sources. We may receive information about you if you visit other websites employing our cookies or from third parties including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, data brokers, or aggregators.
- User contributions. You also may provide information for us to publish or display (“post”) on public Website areas or transmit to other Website users or third parties (collectively, “User Contributions”). You submit User Contributions for posting and transmission to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of any Website users with whom you choose to share your User Contributions. Therefore, we cannot and do not guarantee that unauthorized persons will not view your User Contributions.
Cookies and Automatic Data Collection Technologies
- Estimate our audience size and usage patterns.
- Store your preferences so we may customize our Website according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Website.
Certain features of our Website may use Flash cookies (local stored objects) instead of browser cookies to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies and browser cookies use different management tools and you must manage their settings separately. For information about managing your Flash cookie privacy and security settings, see Your Personal Data Use Choices.
Our Website pages and emails may contain web beacons (small transparent embedded images or objects, also known as clear gifs, pixel tags, and single-pixel gifs that permit us, for example, to count website page visitors or email readers, or to compile other similar statistics such as recording Website content popularity or verifying system and server integrity.
We do not control how these third-party tracking technologies operate or how they may use the collected data. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Your Personal Data Use Choices.
How We Use Your Personal Data
We use your personal data to provide you with products, offer and provide you services, communicate with you, deliver advertising and marketing, fulfill business obligations, or to conduct other business operations, such as using data to improve and personalize your experiences. Examples of how we may use the personal data we collect include to:
- Present our Website and provide you with the information, products, services, and support that you request from us.
- Meet our obligations and enforce our rights arising from any contracts with Customers and Site Visitors, including for billing or collections, or comply with legal requirements.
- Fulfill the purposes for which you provided the data or that were described when it was collected.
- Notify you about changes to our Website, products, or services.
- Ensure that we present our Website content in the most effective manner for you and for your computer.
- Administer our Website and conduct internal operations, including for troubleshooting, data analysis, testing, research, statistical, and survey purposes.
- Improve our Website, products or services, marketing, or customer relationships and experiences.
- Enable your participation in our Website’s interactive, social media, or other similar features.
- Protect our Website, employees, or operations.
- Measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you;
- Make suggestions and recommendations to you and other users of our Website about goods or services that may interest you or them.
- To respond to user inquiries/offer support to users; we may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.
We may use non-personal data for any business purpose.
Disclosure of Your Personal Data
We may share your personal data:
- With your consent.
- To fulfill the purpose for which you provide it.
- With any member of our corporate group, which means our subsidiaries, our ultimate holding company and its subsidiaries, and our affiliates.
- With business partners, suppliers, service providers, sub-contractors, and other third parties we use to support our business (such as analytics and search engine providers that assist us with Website improvement and optimization). We contractually require these third parties to keep that personal data confidential and use it only for the contracted purposes.
- With third parties to market their products or services to you if you have consented to/not opted out of these disclosures. We contractually require these third parties to keep that personal data confidential and use it only for the contracted purposes. For more information, see Your Personal Data Use Choices.
- With advertisers and advertising networks that require the data to select and serve relevant ads to you and others. We do not disclose data about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.]
- Where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
- For any other purposes that we disclose when you provide the data.
We may also disclose your personal data to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- To a buyer or other successor in the event of merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, where one of the transferred assets is the personal data we hold.
- To comply with any court order, law, or legal process, including responding to any government or regulatory request.
- To protect the rights, property, or safety of our business, our employees, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of cybersecurity, fraud protection, and credit risk reduction.
We may share non-personal data without restriction.
Consent to Personal Data Transfer
We are based in the United States. We may process, store, and transfer the personal data we collect, in and to a country outside your own, with different privacy laws that may or may not be as comprehensive as your own, including Canada, Argentina, and Brazil.
If you are based in the European Economic Area, the European Commission has not approved an adequate level of protection for the transfer of data to the countries named above. As a result, we have, in accordance with European Union law, entered into a special agreement with our subsidiaries, affiliates and service providers in those countries in order to maintain adequate level of data protection in situations when the processing may occur overseas. The above-mentioned agreements are based on the standard contractual clauses approved by the European Commission, the use of which is governed by Article 46 GDPR. You can find more information at the following link: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
- Site Visitors can find a list of our subprocessors at www.caylent.com/subprocessors.
- Customers can find a list of our subprocessors at www.caylent.com/subprocessors, and can obtain a copy of our Data Processing Agreement www.caylent.com/dpa.
By submitting your personal data or engaging with our Websites, or as a Customer, you consent to this transfer, storing, or processing.
Your Personal Data Use Choices
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
- Promotional Offers from the Company. If you do not want us to use your email address/contact information to promote our own products and services, or third parties’ products or services, you can opt-out by checking the relevant box located on the form where we collect your data (the order form/registration form) or at any other time by logging into the Website and checking or unchecking the relevant boxes to adjust your account profile’s user preferences, or by sending us an email with your request to firstname.lastname@example.org. You may also opt-out of further marketing communications by replying to any promotional email we have sent you or following the opt-out links on that message. This opt out does not apply to information provided to the Company as a result of a product or service purchase, or other transactions.
- Third-Party Advertising. If you do not want us to share your personal data with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by checking the relevant box located on the form where we collect your data. You can also always opt-out by logging into the Website and checking or unchecking the relevant boxes to adjust your account profile’s user preferences, or by sending us an email stating your request to email@example.com.
- Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by checking the relevant box located on the form where we collect your data. You can also always adjust your user advertising preferences in your account profile by checking or unchecking the relevant boxes, or by sending an email stating your request to firstname.lastname@example.org.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates, or include plug-ins enabling third-party features. If you follow a link to any third-party website or engage a third-party plug-in, please note that these third parties have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third parties.
Accessing and Correcting Your Personal Data
You can access, review, and change your personal data by logging into the Website and visiting your account profile page.
You may also send us an email at email@example.com to request access to, correct, or delete personal data that you have provided to us. We cannot delete your personal data except by also deleting your user account. We may not accommodate a request to change or delete information if we believe the change or deletion would violate any law or legal requirement or negatively impact the information’s accuracy.
The security of your personal data is very important to us. We use physical, electronic, and administrative safeguards designed to protect your personal data from loss, misuse, and unauthorized access, use, alteration, or disclosure. We store all personal data you provide to us behind firewalls on servers employing security protections. We encrypt any payment transactions.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to take care when providing information in public areas of the Website like message boards, which any Website visitor can view.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website. Any transmission of personal data is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on the Website.
Children’s Online Privacy
We do not direct our Website to minors and we do not knowingly collect personal data from children under 18, or as defined by local legal requirements. If we learn we have mistakenly or unintentionally collected or received personal data from a child without appropriate consent, we will delete it. If you believe we mistakenly or unintentionally collected any information from or about a child, please contact us at firstname.lastname@example.org.
Our data protection officer is Lisa Cohrs, General Counsel.
Our corporate headquarters are located at 4521 Campus Drive, #344, Irvine, California, USA 92612.
If you need to access this Policy in an alternative format due to having a disability, please contact email@example.com.
Privacy Notice for California Residents
Where noted in this Policy, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B personal information“) from some of its requirements.
Information We Collect
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information“). Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||YES|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||NO|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||NO|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.||YES|
|G. Geolocation data.||Physical location or movements.||YES|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||NO|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences drawn from other personal information.||Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO|
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you purchase.
- Indirectly from you. For example, from observing your actions on our Website.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To provide, support, personalize, and develop our Website, products, and services.
- To create, maintain, customize, and secure your account with us.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
- To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our [Website users/consumers] is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, Company has disclosed personal information for a business purpose to the categories of third parties indicated at www.caylent.com/subprocessors.
We do not sell personal information.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
We do not provide a right to know or data portability disclosure for B2B personal information.
Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
We do not provide these deletion rights for B2B personal information.
Exercising Your Rights to Know or Delete
To exercise your rights to know or delete described above, please submit a request by emailing us at firstname.lastname@example.org.
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information.
You may only submit a request to know twice within a 12-month period. Your request to know or delete must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
You do not need to create an account with us to submit a request to know or delete.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
For instructions on exercising your sale opt-out or opt-in rights, see Personal Information Sales Opt-Out and Opt-In Rights.
Response Timing and Format
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact email@example.com.
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org.
If you need to access this Policy in an alternative format due to having a disability, please contact email@example.com.