This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing the personal data we may collect from you or that you may provide when you visit our website(s) or other digital properties, communications, or forms that link or refer to this notice (our “Website“). This Policy also describes our data collection, use, protection and disclosure practices for customers that we provide our services to under a Master Services Agreement (“MSA”), or similar agreement. For purposes of this Policy, Website visitors shall be referred to as “Site Visitors” and customers that we provide services to under an MSA shall be referred to as “Customers.”
This Policy applies to the personal data collected through our Website, regardless of the country where you are located.
The Website may include links to third-party websites, plug-ins, services, social networks, or applications. Clicking on those links or enabling those connections may allow the third party to collect or share data about you. We do not control these third-party websites, and we encourage you to read the privacy notice of every website you visit.
Please read this notice carefully to understand our policies and practices for processing and storing your personal data. By engaging with our Website, you accept and consent to the practices described in this notice. This notice may change from time to time. Your continued engagement with our Website after any such revisions indicates that you accept and consent to them, so please check the notice periodically for updates.
We collect and use different types of data from and about you including:
If we combine or connect non-personal, demographic, or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal data.
We use different methods to collect data from and about you including through:
Certain features of our Website may use Flash cookies (local stored objects) instead of browser cookies to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies and browser cookies use different management tools and you must manage their settings separately.
Our Website pages and emails may contain web beacons (small transparent embedded images or objects, also known as clear gifs, pixel tags, and single-pixel gifs that permit us, for example, to count website page visitors or email readers, or to compile other similar statistics such as recording Website content popularity or verifying system and server integrity.
We do not control how these third-party tracking technologies operate or how they may use the collected data. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
We use your personal data to provide you with products, offer and provide you services, communicate with you, deliver advertising and marketing, fulfill business obligations, or to conduct other business operations, such as using data to improve and personalize your experiences. Examples of how we may use the personal data we collect include to:
We may use non-personal data for any business purpose.
We may share your personal data:
We may also disclose your personal data to third parties:
We may share non-personal data without restriction.
We are based in the United States. We may process, store, and transfer the personal data we collect, in and to a country outside your own, with different privacy laws that may or may not be as comprehensive as your own, including Canada, Argentina, and Brazil.
If you are based in the European Economic Area, the European Commission has not approved an adequate level of protection for the transfer of data to the countries named above. As a result, we have, in accordance with European Union law, entered into a special agreement with our subsidiaries, affiliates and service providers in those countries in order to maintain adequate level of data protection in situations when the processing may occur overseas. The above-mentioned agreements are based on the standard contractual clauses approved by the European Commission, the use of which is governed by Article 46 GDPR. You can find more information at the following link: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
By submitting your personal data or engaging with our Websites, or as a Customer, you consent to this transfer, storing, or processing.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates, or include plug-ins enabling third-party features. If you follow a link to any third-party website or engage a third-party plug-in, please note that these third parties have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third parties.
You can access, review, and change your personal data by logging into the Website and visiting your account profile page.
You may also send us an email at email@example.com to request access to, correct, or delete personal data that you have provided to us. We cannot delete your personal data except by also deleting your user account. We may not accommodate a request to change or delete information if we believe the change or deletion would violate any law or legal requirement or negatively impact the information’s accuracy.
The security of your personal data is very important to us. We use physical, electronic, and administrative safeguards designed to protect your personal data from loss, misuse, and unauthorized access, use, alteration, or disclosure. We store all personal data you provide to us behind firewalls on servers employing security protections. We encrypt any payment transactions.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to take care when providing information in public areas of the Website like message boards, which any Website visitor can view.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website. Any transmission of personal data is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on the Website.
We do not direct our Website to minors and we do not knowingly collect personal data from children under 18, or as defined by local legal requirements. If we learn we have mistakenly or unintentionally collected or received personal data from a child without appropriate consent, we will delete it. If you believe we mistakenly or unintentionally collected any information from or about a child, please contact us at firstname.lastname@example.org.
Our data protection officer is Lisa Cohrs, General Counsel.
Our corporate headquarters are located at 4521 Campus Drive, #344, Irvine, California, USA 92612.
If you need to access this Policy in an alternative format due to having a disability, please contact email@example.com.
Where noted in this Policy, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B personal information“) from some of its requirements.
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information“). Personal information does not include:
In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
Physical location or movements.
We HAVE NOT collected and DO NOT collect the following categories of personal information from consumers:
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Audio, electronic, visual, thermal, olfactory, or similar information.
Current or past job history or performance evaluations.
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We obtain the categories of personal information listed above from the following categories of sources:
We may use or disclose the personal information we collect for one or more of the following purposes:
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, Company has disclosed personal information for a business purpose to the categories of third parties indicated at www.caylent.com/subprocessors.
We do not sell personal information.
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity, we will disclose to you:
We do not provide a right to know or data portability disclosure for B2B personal information.
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
We do not provide these deletion rights for B2B personal information.
To exercise your rights to know or delete described above, please submit a request by emailing us at firstname.lastname@example.org.
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information.
You may only submit a request to know twice within a 12-month period. Your request to know or delete must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
You do not need to create an account with us to submit a request to know or delete.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact email@example.com.
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org.
If you need to access this Policy in an alternative format due to having a disability, please contact email@example.com.