CCPA Privacy Notice (for California Consumers) (last modified: July 18, 2022)
This supplements the Company Privacy Policy and applies only to California consumers. The table below summarizes how we use California consumer’s personal information. Not all items listed below are collected; the categories are derived from the California Consumer Privacy Act (“CCPA”).
| Categories of personal information collected over the 12-month period to the effective date of our Privacy Policy | Sources of collection over the applicable 12-month period | Categories of third parties with whom Company disclosed personal information for a business purpose over the applicable 12-month period | Business or commercial purpose(s) for which we collected personal information over the applicable 12-month period in addition to those purposes stated in our Privacy Policy |
| Identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers
|
From you (for instance the information you provide when register an account account, or when you share such information with your consent through the Site) | Our payment providers and other third-party service providers
|
Performing necessary services and improving services (maintaining and servicing accounts; providing customer service; processing and fulfilling transactions; processing payments; verifying information; developing user models; developing statistics and analytics; and other similar services)
Analyzing interactions including use-data, unique visitors, and other similar analytics
Monitoring and detecting security threats; protecting against malicious code, viruses, and malware; detecting malicious, fraudulent, illegal, or deceptive user activity
Internal research and development
Improving and updating our Services and Site
Complying with applicable law |
| Signature, physical characteristics or description, state identification card number, education, bank account number, credit card number, debit card number, other financial information, and medical information | From you (for instance when you pay for a Transaction or Product or when you share such information with other users through the Site)
|
Our payment providers and other third-party service providers
|
|
| Characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, disability, citizenship status, and military and veteran status
|
We do not collect such information | N/A | N/A |
| Categories of personal information collected over the 12-month period prior to the effective date of our Privacy Policy | Sources of collection over the applicable 12-month period | Categories of third parties with whom Company disclosed personal information for a business purpose over the applicable 12-month period | Business or commercial purpose(s) for which we collected personal information over the applicable 12-month period in addition to those purposes stated in our Privacy Policy |
| Commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies | From you (for instance when you take part in a Transaction)
|
Our payment providers and other third-party service providers
|
Performing necessary services and improving services (maintaining and servicing accounts; providing customer service; processing and fulfilling transactions; processing payments; verifying information developing user models; developing statistics and analytics; and other similar services)
Analyzing interactions including use data, unique visitors, and other similar analytics
Monitoring and detecting security threats; protecting against malicious code, viruses, and malware; detecting malicious, fraudulent, illegal, or deceptive user activity
Internal research and development
Improving and updating our Services and Site
Complying with Applicable Law |
| Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements
|
From you (for instance when you access or use the Site, or when take part in a Transaction) | Third-party service providers
|
|
| Information Required under state and federal law
|
From you by your use of the Site or Services and with your consent |
Governmental Regulators
|
|
| Audio, electronic, visual, and similar information
|
We do not collect such information. | N/A | N/A |
| Categories of personal information collected over the 12-month period prior to the effective date of our Privacy Policy | Sources of collection over the applicable 12-month period | Categories of third parties with whom Company disclosed personal information for a business purpose over the applicable 12-month period | Business or commercial purpose(s) for which we collected personal information over the applicable 12-month period in addition to those purposes stated in our Privacy Policy |
| Professional or employment information
|
We do not Collect such information | N/A | N/A
|
| Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
|
From all data aggregated which we collect and you provide through using our Services, or that you have otherwise consented to | Third-party service providers | Performing necessary services and improving services (maintaining and servicing accounts; providing customer service; processing and fulfilling transactions; processing payments; verifying information developing user models; developing statistics and analytics; and other similar services)
Analyzing interactions including use data, unique visitors, and other similar analytics
Monitoring and detecting security threats; protecting against malicious code, viruses, and malware; detecting malicious, fraudulent, illegal, or deceptive user activity
Internal research and development
Improving and updating our Services and Site
Complying with applicable law |
California Consumer Privacy Rights
We do not sell any of your personal information, so there is no need to opt out. This means that we do not disclose, transmit, communicate, transfer, or otherwise make available your personal information to any third party for monetary or other valuable consideration.
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the Transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
Exercising Your Rights to Know or Delete
To exercise your rights to know or delete described above, please submit a request by emailing us at [email protected]
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information.
You may also make a request to know or delete on behalf of your child by emailing us at [email protected]
You may only submit a request to know twice within a 12-month period. Your request to know or delete must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
You do not need to create an account with us to submit a request to know or delete.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
