collection and use of personal data
Personal Data We Collect
In order to provide our Sites, we may collect and process information that relates to identified or identifiable individuals (“Personal Data”). We collect and process the following categories of Personal Data (note, specific Personal Data elements are examples and may change):
Identity Data: Personal Data about you and your identity, such as your name or IP address.
Contact Data: Identity Data used to contact an individual, e.g. email address, physical address, or phone number.
Device/Network Data: Personal Data relating to your device, browser, or application e.g. device identifiers, identifiers from cookies, session history and Site navigation metadata, and other data generated through applications and browsers, including via cookies and similar technologies.
User Content: Personal Data included in content provided by users of the Sites in any free-form or unstructured format, such as in a “contact us” box, free text field, in a file or document, or messages to us.
How We Collect Personal Data
We collect Personal Data from various sources based on the context in which the Personal Data will be processed:
Data we collect from you: We collect Personal Data from you directly, for example, when you input information into an online form, or contact us directly.
Data collected automatically: We may collect certain Personal Data automatically. For example, we collect Device/Network Data automatically using cookies and similar technologies when you use our Sites, access our Sites, or when you open our marketing communications.
How we Process Personal Data
When you use our Site, we automatically collect and process Identity Data and Device/Network Data. We use this data as necessary to initiate or fulfill your requests for certain features or functions through our Site, such as delivering pages, logging activities for security purposes, etc. We may also process this Personal Data for our Business Purposes (described below).
Informational or Promotional Emails
We may process Identity Data, Device/Network Data and Contact Data in connection with email communications relating to our Sites, or if we send you promotional communications. You may receive such email communications if you contact us, choose to receive them, or engage in a transaction allowing us to send you those communications. We may also automatically collect Device/Network Data when you open or interact with those communications so that we can better understand engagement with our communications. We may also process this Personal Data for our Business Purposes (described below).
When you contact us though the Site using a contact us box or via email, we process Personal Data such as Identity Data, Device/Network Data, and any Personal Data contained within any User Content. We use Identity Data, Contact Data, and User Content as necessary to communicate with you about the subject matter of your request and related matters. We may also process this Personal Data for our Business Purposes (described below).
Cookies and Similar Tracking Technologies
We, and certain third parties, automatically collect and process Identity Data, Contact Data, and Device/Network Data when you interact with cookies and similar technologies on our Sites. We may receive this data from third parties to the extent allowed by the applicable partner. Please note that the privacy policies of third parties may also apply to these technologies and the Personal Data collected through them.
Subject to your rights & choices, we may use this information as follows:
(i) for “essential” or “functional” purposes, such as to enable certain features of the Sites, deliver pages, maintain user sessions, and the like; and
(ii) for “analytics” purposes, consistent with our business interest in how the Sites are used or perform, how users engage with and navigate through our Sites, what sites users visit before visiting the Sites, how often they visit the Sites, and other similar metrics.
Note: Some of these technologies can be used to identify you across platforms, devices, sites, and services.
Business Purposes of Processing
In addition to the processing described above, we generally process Personal Data for several common purposes in connection with our business. For example, we process your Personal Data:
• To provide our Sites and fulfill our obligations to you
• To improve, personalize, and secure our Sites
• To enable and improve our customer Site
• To comply with the law, and in the public interest
• As part of corporate events
Please see below for more information regarding the purposes for which we process your Personal Data.
Operate our Sites and Fulfill Obligations
We process any Personal Data as is necessary to provide the Sites, and as otherwise necessary to fulfill our obligations to you, e.g. to provide you with the information, features, and Site you request.
Internal Processes and Service Improvement
We may use any Personal Data we process through our Sites as necessary in connection with our improvement of the design of our Sites, understanding how are Sites are used or function, for customer Site purposes, in connection with the creation and analysis of logs and metadata relating to Site use, and for ensuring the security and stability of the Sites. Additionally, we may use Personal Data to understand what parts of our Sites are most relevant to users, how users interact with various aspects of our Sites, how our Sites perform or fail to perform, etc., or we may analyze use of the Sites to determine if there are specific activities that might indicate an information security risk to the Sites or our Users.
We process Personal Data as necessary in connection with our creation of aggregate analytics relating to how our Sites are used, the pages and content users view, and to create other reports regarding the use and performance of our Sites, and other similar information and metrics. The resulting aggregate data will not contain information from which an individual may be readily identified.
Compliance, Safety & Public Interest
Note that we may, without your consent or further notice to you, and to the extent required or permitted by law, process any Personal Data subject to this Policy for purposes determined to be in the public interest or otherwise required by law. For example, we may process information as necessary to fulfil our legal obligations, to protect the vital interests of any individuals, or otherwise in the public interest or as required by a public authority. Please see the data sharing section for more information about how we disclose Personal Data in extraordinary circumstances.
Your Personal Data may be processed as part of routine corporate operations, as part of corporate reorganizations, or any business transition, such as a merger, acquisition, liquidation, or sale of assets.
Other Processing of Personal Data
If we process Personal Data in connection with our Sites in a way not described in this Policy, this Policy will still apply generally (e.g. with respect to your rights and choices) unless otherwise stated when you provide it.
Information we collect may be shared with a variety of parties, depending upon the purpose for and context in which that information was provided. We generally transfer data to the categories of recipients or in connection with specific business purposes, described below.
In connection with our general business operations, product/Site improvements, to enable certain features, and in connection with our other lawful business interests, we may share Personal Data with service providers or subprocessors who provide certain services to us, or process data on our behalf. For example, we may use third party hosting providers to host our sites or content, and we may disclose information as part of our own internal operations, such as security operations, internal research, etc.
Your Personal Data may be disclosed to a third party in the event that we go through a business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, Personal Data may be part of the assets transferred, or may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction.
In order to streamline certain business operations and develop products and Site that better meet the interests and needs of our customers, we may share your Personal Data with any of our current or future affiliated entities, subsidiaries, and parent companies.
Your rights & choices
Applicable law may grant you rights in your Personal Data. These rights vary based on your location, state/country of residence, and may be limited by or subject to our own rights in your Personal Data. You may submit requests to exercise rights you may have by contacting us at. firstname.lastname@example.org
All rights requests we receive directly must be verified to ensure that the individual making the request is authorized to make that request, to reduce fraud, and to ensure the security of your Personal Data. For example, we may require that you verify that you have access to the email on file in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.
Note: We are able to fulfill rights requests regarding Personal Data that we control or process. We may not have access to or control over Personal Data controlled by third parties. Please contact the third party directly to exercise your rights in third party-controlled information.
You may have the following choices regarding the Personal Data we process, to the extent required under applicable law:
Consent: If you consent to our processing of personal data, you may withdraw your consent at any time. You may be required to close your account in order to withdraw consent where your consent is necessary to perform essential aspects of our Sites.
Direct Marketing: You have the choice to opt-out of or withdraw your consent to marketing communications. You may exercise your choice via the links in our communications or by contacting us re: direct marketing.
We implement and maintain reasonable security measures to safeguard the Personal Data you provide us. However, we sometimes share Personal Data with third parties as noted above, and though we may enter contracts to help ensure security, we do control third parties’ security processes. We do not warrant perfect security and we do not provide any guarantee that your Personal Data or any other information you provide us will remain secure.
We retain information for so long as it, in our discretion, remains relevant to its purpose, and in any event, for so long as is required by law. We will review retention periods periodically, and may sometimes pseudonymize or anonymize data held for longer periods, if appropriate.
Our Sites are neither directed at nor intended for use by minors under the age of majority in the relevant jurisdiction. Further, we do not knowingly collect Personal Data from such individuals. If we learn that we have inadvertently done so, we will promptly delete it.
We operate in and use Site providers located in the United States. If you are located outside the U.S., your Personal Data may be processed in the U.S. The U.S. may not provide the same legal protections guaranteed to Personal Data in foreign countries. Contact us for more information regarding transfers of data to the U.S.
changes to our policy
We may change this Policy from time to time. Please visit this page regularly so that you are aware of our latest updates. Your use of the Sites following notice of any changes indicates acceptance of any changes.
Feel free to contact us with questions or concerns using the appropriate address below.
General inquires: email@example.com
Privacy Rights & Compliance: firstname.lastname@example.org