Privacy Policy

TruCode LLC

Version Date: June 1, 2020

1.   General

TruCode, LLC (“Company” or “we” or “us” or “our”) respects the privacy of our customers, partners and the users of our website located at https://www.trucode.com, or such other media forms, media channels, mobile website or mobile application related or connected thereto (collectively, the “Website”).  This Privacy Policy is designed to inform you, as a user of the Website and/or a customer or partner of the Company (“user”, or “you”, or “your”), about the types of information that the Company may gather about or collect from you in connection with your use of the Company’s Encoder Essentials Partner Portal located at https://partner.trucode.com (the “Partner Portal”), the Company’s products and services (collectively with the Partner Portal, the “Services”) and/or the Website. It also is intended to explain the conditions under which the Company uses and discloses that information, and your rights in relation to that information.

Changes to this Privacy Policy are discussed at the end of this document. Each time you use the Website or the Services, however, the current version of this Privacy Policy will apply. Accordingly, each time you use the Website or the Services you should check the date of this Privacy Policy (which appears at the beginning of this document) and review any changes since the last time you used the Website or the Services.

BY USING OR ACCESSING THE WEBSITE AND/OR THE SERVICES, YOU ARE ACCEPTING THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY WITH RESPECT TO OUR USE AND DISCLOSURE OF YOUR INFORMATION.

2.  Scope

The Company’s processing of personal data, personal information, and/or protected health information in connection with your use of the Services is governed by this Privacy Policy and the terms of your license or subscription agreement(s) with us and/or our authorized partner(s) (in each case, a “Customer Agreement”). Your Customer Agreement may include a Business Associate Agreement, which governs our use and disclosure of protected health information disclosed by you or otherwise accessible by us through your use of the Services. The term “protected health information” or “PHI” as used herein is defined as set forth in 45 C.F.R. §160.103 (as may be amended). Personal information or personal data refers to any data or information which relates to an identified or identifiable natural person, and are subject to applicable data protection laws, such as the EU General Data Protection Regulation 2016/679 (“GDPR”) or the California Consumer Privacy Act (Assembly Bill 375), as amended (“CCPA”). The Company is the data processor (under GDPR) or service provider (under CCPA) and our customers are the data controllers (under GDPR) or businesses (under CCPA) with respect to such personal data or personal information. The term “Personal Information” as used in this Privacy Policy is deemed to include personal information, personal data, and protected health information, as such terms are defined under applicable law.

In the event of any conflict between this Privacy Policy and the corresponding Customer Agreement, the Customer Agreement will control to the extent permitted by applicable law. Please note that in certain instances, the Company may act as an independent controller or business regarding personal information or personal data with respect to its own processing activities.

This Privacy Policy is not a substitute for any privacy notice that customers are required to provide to their employees or other end users.

3.  Information We Collect

1. Information You Give to Us. When you access the Website and/or the Services, we may ask you to voluntarily provide us certain information that personally identifies (or could be used to personally identify) you (“Personal Information”). Personal Information may include, without limitation, some of the following categories of data: (1) contact and profile data (such as your name, address, zip code, email address, and phone number); (2) your billing information; (3) questions, comments, and other information that you voluntarily choose to provide to us. We may also collect additional information, which may or may not be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent. Users of the Services may still access and use some of the Services if you choose not to provide us with any Personal Information, but the features of the Services that require your Personal Information will not be accessible to you. Users of the Website are under no obligation to provide Company with Personal Information of any kind.  Users are under no obligation to provide, and are hereby expressly prohibited from providing, any PHI in conjunction with your use of the Website, the Partner Portal, or any other non-production environment within the Services, and the Company is under no obligation to protect PHI provided by you through your use of the Website, the Partner Portal, or in any non-production environment within the Services.
2. Information Gathered from Your Use of the Website and/or the Services. We automatically collect certain data when you use the Website and/or the Services, such as (1) IP address; (2) domain server; (3) type of device(s) used to access the Website and/or the Services; (4) web browser(s) used to access the Website and/or the Services; (5) referring webpage or other source through which you accessed the Website and/or the Services; (6) geolocation information; (7) session information generated and stored on your computer systems; (8) data provided through customer applications connected to the Services; and (9) other statistics and information associated with the interaction between your browser or device and the Website and/or Services (collectively “Traffic Data”). Depending on applicable law, some Traffic Data may be Personal Information. Personal Information (including PHI) may also be gathered through your use of the Services for the intended purpose of the Services.

4.  How We Collect Information

1. In General. We collect information, including Personal Information and Traffic Data, when you register on the Website, use and interact with the Services, fill out a form, use live chat, surf the Website, enter information on our Website, or provide us with feedback on our Services, as well as through Cookies, Web Beacons, website analytics services and other tracking technology (collectively, “Tracking Tools”) as described below. We also may collect information about you from third party sources.
2. Tracking Tools
   1. Cookies. A “Cookie” is a string of information which assigns you a unique identification that a website stores on a user’s computer, and that the user’s browser provides to the website each time the user submits a query to the website. We use Cookies on the Website and Services to keep track of services you have used, to record registration information regarding your login name and password, to record your user preferences, to keep you logged into the Website and Services, and to facilitate purchase procedures. Company also uses Cookies to track the pages that users visit during each Website and Services session, both to help Company improve users’ experiences and to help Company understand how the Website and Services are being used. USERS WHO DO NOT WISH TO HAVE COOKIES PLACED ON THEIR COMPUTERS SHOULD SET THEIR BROWSERS TO REFUSE COOKIES BEFORE ACCESSING THE WEBSITE AND/OR SERVICES, WITH THE UNDERSTANDING THAT CERTAIN FEATURES OF THE WEBSITE AND/OR SERVICES MAY NOT FUNCTION PROPERLY WITHOUT THE AID OF COOKIES. USERS WHO REFUSE COOKIES ASSUME ALL RESPONSIBILITY FOR ANY RESULTING LOSS OF FUNCTIONALITY.
   2. Web Beacons. A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. Company may use Web Beacons on the Website and/or Services and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personal Information. They are a technique Company may use to compile aggregated statistics about Website and Services usage. Web Beacons collect only a limited set of information, including a Cookie number, time and date of a page or email view and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Cookies or modifying your browser setting to notify you each time a Cookie is tendered, permitting you to accept or decline Cookies on an individual basis.
   3. Analytics. We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics for Display Advertising. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout/) and/or opt out from Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads Settings (www.google.com/settings/ads).
   4. Third Party Applications. The Services may integrate with or enable access to third party applications or third party tools that are not provided by the Company (“Non-TruCode Applications”). End users that register, install or access any Non-TruCode Applications may be required to accept privacy notices provided by those third parties. Please review those notices carefully, as the Company does not control and cannot be responsible for these the privacy or information security practices of such third parties.

5.  How We Use Your Information

1. To operate the Website. We use your Personal Information to:
   • operate, maintain, administer, improve, and secure the Website;
   • study how the Website is used and to improve the Website and our other Services;
   • manage and communicate with you regarding your account on the Website and/or the Services, if you have one, including by sending you service announcements, technical notices, updates, security alerts, and support and administrative messages;
   • better understand your needs and interests, and personalize your experience with the Website;
   • provide support and maintenance for the Website and our Services;
   • respond to your service-related requests, questions and feedback.
2. To provide the Services. We use your Personal Information to provide the Services you purchase pursuant to a Customer Agreement and related internal purposes, including to:
   • enable end users to access and use the Services;
   • provide the Services;
   • provide information about the Services, such as important updates or changes to the Services, security alerts, training and the availability of new features;
   • improve the Services and develop new products and services; and
   • respond to inquiries, complaints, and requests for customer support
3. To provide other requested services. If you request a service through the Website, such as signing up for our newsletter, we may request and use Personal Information that we need to provide the requested service.
4. To send marketing communications. If you request information from us or register for an account on the Website, we may send you Company-related marketing communications as permitted by law. If you wish to opt-out of receiving marketing materials from Company, you may do so by following the unsubscribe link in the email communications, by going to your account settings (if applicable) or contacting us using the contact information below. However, we reserve the right to send you notices about your account, such as service announcements and administrative messages, even if you opt out of all voluntary email notifications.
5. To comply with law. We use your Personal Information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
6. With your consent. We may use or share your Personal Information with your consent, such as when you consent to let us post your testimonials or endorsements on our Website, you instruct us to take a specific action with respect to your Personal Information, you opt into third-party marketing communications, or as otherwise agreed in the applicable Customer Agreement.
7. For compliance, fraud prevention and safety. We use your Personal Information as we believe necessary or appropriate to (i) enforce the terms and conditions that govern the Website, (ii) enforce the terms and conditions of our Customer Agreements; (iii) protect our rights, privacy, safety or property, and/or that of you or others; and (iv) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
8. Anonymized/Aggregated Data. We may use your information in an aggregated, de-identified and generic manner to derive statistical and performance information related to the provision and operation of the Services, for marketing and survey purposes, setting benchmarks, feature suggestions, utilization analyses, product analytics and/or new product features or services, and related purposes.

6.  How We Share Information

Except as described in this Privacy Policy, we do not share the Personal Information that you provide to us with other organizations. We may disclose Personal Information to third parties under the following circumstances:

1. Service Providers. We may employ third-party companies and individuals to administer and provide certain services on our behalf (such as hosting, billing, customer service, sales analysis, marketing assistance, supporting the Website’s functionality and supporting surveys and other features offered through the Website) or providers that help us provide, manage, and improve the Services, which may include, without limitation, our subsidiaries and corporate affiliates, as applicable. These third parties may have access to Personal Information needed to perform their functions, but may only use your information as directed by the Company and in a manner consistent with this Privacy Policy and are prohibited from using or disclosing your information for any other purpose. PHI data may be shared with third parties as necessary for us to provide the Services, as permitted by an executed Business Associate Agreement and applicable HIPAA regulations.
2. Customers and Partners. We may disclose Personal Information to our customers or partners, to the extent such information pertains to such customer’s or partner’s end users.
3. Professional advisors. We may disclose your Personal Information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
4. Compliance with Laws and Law Enforcement; Protection and Safety. The Company may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Website and/or the Service; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
5. Business Transitions. The Company reserves the right to transfer all Personal Information in its possession to a successor organization in the event of a merger, acquisition, bankruptcy or other sale of all or a portion of Company’s assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personal Information will be subject to this Privacy Policy, or to a new privacy policy if you are given notice of that new privacy policy and are given an opportunity to affirmatively opt-out of it. Personal Information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by the successor organization.
6. Anonymized/Aggregated Data. We may share aggregated and non-Personal Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on the Website and on websites of third parties. We may combine non-Personal Information we collect with additional non-Personal Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to the Website and the most popular features or services accessed. This information does not contain any Personal Information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.

7.   Information Security and Protection of Data

The security of your Personal Information is important to us. The Company uses a variety of industry-standard and commercially reasonable physical, electronic, and procedural safeguards to protect Personal Information in the Company’s possession or control from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with applicable law. However, please be advised that even the best security measures cannot fully eliminate all risks and we cannot guarantee that any safeguards or security measures will be sufficient to prevent a security problem. We recommend that our users take steps to protect against unauthorized access to any devices, networks and applications connected to the Website and/or the Services. You are responsible for maintaining the confidentiality of your Personal Information by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.

8.  Children

Our Website and Services are not directed to or intended for use by children under sixteen (16) years of age and children under age 16 are prohibited from using the Services.  We do not knowingly collect any information from children under 16.  By accessing, using, and/or submitting information to or through the Website and/or the Services, you represent that you are at least 16 years of age. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, please contact us immediately.  If we learn that we have received or inadvertently gathered any information from a child under age 16, we will delete such information from our records as soon as reasonably practicable.

9.  Controlling Your Personal Information

1. Access, update, correct or delete your information. Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. If Your Personal Information changes, or if you no longer desire to use the Website or the Services, you may correct, update, or delete it by contacting us as set forth below. We will respond to your request within a reasonable timeframe. It is important that the Personal Information we hold about you is accurate and current. Please let us know if your Personal Information changes during your relationship with us by updating your registration profile or by contacting us as set forth below.
2. Marketing communications; Notifications. You may opt out of marketing-related emails by clicking on a link at the bottom of each such email, or by contacting us as set forth below. If you opt out of such emails, you may continue to receive service-related and other non-marketing emails. Upon your first use of the Partner Portal, you will be automatically subscribed to receive notifications with respect to the Services. You may opt out of such notifications through the Partner Portal or by contacting us as set forth below. 
3. Testimonials. If you gave us consent to post a testimonial on our Website, but you wish to update or delete it, please contact us as set forth below.
4. Choosing not to share your Personal Information. Where we are required by law to collect your Personal Information, or where we need your Personal Information in order to provide a requested Service to you or operate the Website, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with the requested Service(s) or operate the Website. We will tell you what information you must provide to receive a requested Service or interact with the Website by designating it as required or through other appropriate means.

10.  Data Subject Rights

Our customers are the data controllers/businesses of end users’ personal information or personal data. As the data controllers/businesses, our customers are responsible for receiving and responding to requests from end users and other individuals to exercise any rights afforded to them under applicable data protection law. We will use commercially reasonable efforts to assist customers in responding to such requests as related to the Services to the extent the customer is unable to respond to such requests.

11.    Third Party Sites

The Website may contain links to third-party websites. A link to a third-party website does not mean that we endorse that website, the quality or accuracy of information presented on the website, or the persons or entities associated with the website. If you decide to visit a third-party website, you are subject to the privacy policy of the third-party website, as applicable, and we are not responsible for the policies and practices of the third-party website. This Privacy Policy does not apply to any other website or digital service that you may be able to access through the Website or the Services, which may have data collection, storage and use practices and policies that may materially differ from this Privacy Policy.

12.   Transfers of Personal Information

The Website and the Services are hosted in the United States of America and are subject to U.S. state and federal law. If you are accessing our Website or Services from other jurisdictions, please be advised that you are transferring your personal information to us in the United States, and by using our Website or Services, you consent to that transfer and use of your personal information in accordance with this Privacy Policy. You also agree to abide by the applicable U.S. state and federal laws concerning your use of the Website and/or the Services and your agreements with us. Any persons accessing our Website or Services from any jurisdiction with laws or regulations governing the use of the Internet, including personal data collection, use and disclosure, different from those of the jurisdictions mentioned above, may only use the Website or Services in a manner lawful in their jurisdiction. If your use of the Website or Services would be unlawful in your jurisdiction, please do not use the Website or the Services. Individuals located in the European Union or in the State of California, USA should be sure to read the important information provided below as well as any specific supplements and addendums addressed to their regions.

13.   Do Not Track Policy

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Because there is not yet a common understanding of how to interpret the DNT signal, the Website currently does not respond to DNT browser signals or mechanisms.

14.   Updates and Changes

Company may, in its sole discretion, change this Privacy Policy from time to time and the updated version will be posted on this page, along with the effective date as stated at the top of this Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account and supersedes all previous versions. Users should regularly check this page for any changes to this Privacy Policy. Your continued use of the Website and/or the Services after the effective date of any changes constitutes your acceptance of the amended Privacy Policy. If you do not agree to such changes, you must stop using the Website and the Services after the effective date of such changes. The Company may, as determined in its discretion, decide to notify users of material changes made to this Privacy Policy via email or otherwise. Accordingly, it is important that users always maintain and update your contact information.

15.   Contact Us

Please email your policy question or complaint to us at the address below:

Computer Programs and Systems, Inc.
Compliance Point of Contact
Attn: Kevin Plessner
6600 Wall Street
Mobile, Alabama 36695
United States

If you believe there may have been a violation of TruCode / CPSI policy, law or other illegal or unethical business conduct relating to our business, you may report such violations anonymously by using this complaint form. We will document and evaluate your complaint, investigate it as appropriate and take action as necessary to address the situation.

Additional Information for European Union Users

Personal information. References to “Personal Information” in this Privacy Policy are equivalent to “personal data” as defined by the European Union General Data Protection Regulation 2016/79 (“GDPR”). We are the processor of your personal data for GDPR purposes.

Legal basis for processing. We only use your personal data as permitted by law. We are required to inform you of the legal basis of our processing of your personal data, which are based on one or more of the following:

• Consent: The consent you provide to us when you share or submit your personal data with or to us;
• Legitimate interest: Our “legitimate interest,” as defined by GDPR, or the legitimate interest of a third party, including you. For example, we may use your data for fraud and security monitoring to ensure our networks and websites are secure, to administer and conduct our business with you, and to respond to your requests, inquiries and complaints.
• Contract: Our performance of a contract, directly or indirectly, between us and you or your employer.
• Legal Obligation: Our compliance with a legal obligation that we are or may be subject to.

If you have questions about the legal basis of how we process your personal data, contact us using the contact information provided above.

Use for new purposes. We may use your personal data for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal data for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We keep basic information about our users for the duration of the agreement. In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

Your Rights. European data protection laws give you certain rights regarding your personal data. You may ask us to take the following actions in relation to your personal data that we hold:

• Opt-out. Stop sending you direct marketing communications. You may continue to receive service-related and other non-marketing emails.
• Access. Provide you with information about our processing of your personal data and give you access to your personal data.
• Correct. Update or correct inaccuracies in your personal data.
• Delete. Delete your personal data.
• Transfer. Transfer a machine-readable copy of your personal data to you or a third party of your choice.
• Restrict. Restrict the processing of your personal data.
• Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal data that impacts your rights.

You can submit these requests by email or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

Subprocessors. We may engage certain third parties (“Subprocessors”) in order to assist us in connection with the Services, some of whom may have access to your personal data in conjunction with such processing. Please contact us for a list of our current Subprocessors.

Cross-Border Data Transfer. Whenever we transfer your personal data out of the EEA to countries not deemed by the European Commission to provide an adequate level of protection, the transfer will be based on one of the safeguards recognized by the European Commission as providing adequate protection for personal data, where required by EU data protection legislation. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Additional Information for Californian Residents

Shine the Light Law

California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personal Information that was shared and the names and addresses of all third parties with which we shared Personal Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed above.

California Consumer Privacy Act

The California Consumer Privacy Act (Assembly Bill 375), as amended (“CCPA”), affords Californian consumers specific rights regarding their personal information. These rights have been described in this Privacy Policy and are further highlighted in this section. If you need to access this notice in an alternative format, please contact our privacy officer as listed above.

WE DO NOT SELL, DISCLOSE, SHARE OR TRANSFER PERSONAL INFORMATION FOR THE COMMERCIAL BENEFIT OF ANY PARTY. WE MAY PAY MONETARY COMPENSATION TO THOSE PROVIDING OR ASSISTING US IN PROVIDING THE SERVICES THAT YOU HAVE REQUESTED WHEN YOU ENGAGED OUR SERVICES AND SOME OF THOSE SERVICES MAY REQUIRE ACCESS OR PROCESSING OF YOUR PERSONAL INFORMATION.

PERSONAL INFORMATION OR THE BENEFIT OF ITS USE IS NEVER PROVIDED IN COMPENSATION FOR SERVICES. That does not mean that we do not share your data with other parties, but any disclosure of personal information is solely performed for the operation of the Website and provision of Services. These may perform administrative functions, provide security or perform any of a number of operational and necessary services without which we cannot operate our business or provide services to you.

What is Personal Information under CCPA

“Personal information” is anything that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Californian consumer or household.

Privacy Policy

We provide this Privacy Policy to describe our activities with regard to the personal information we collect and use and to inform you of your rights regarding your information. You have the right as a Californian consumer to expect the Privacy Policy to be available, accessible and easy to understand, and reviewed and updated at least annually describing our personal information collection activities over the prior 12 months. If our business changes or additional processing for new purposes are planned, you have the right to expect an update to the Privacy Policy to be provided describing these purposes.

How We Obtain Your Data (Please see the following sections):

• How We Collect Information
• Children

Note on Children: The CCPA requires opt-in consent to information use for minors under the age of 16 and verified parental consent for children under the age of 13. We do not knowingly collect or process the information of children. For more information, please refer to the Children section.

Your Rights under CCPA with regard to Your Personal Information

You have the right as a Californian consumer to expect disclosures as to how we collect, use and care for your personal information, our purposes for collection and what we do with the information we collect, and in specific, if your information is sold to other parties.

California law provides you as a consumer specific rights with regard to the management and sale of your personal information. You have the right as a Californian consumer to expect disclosures as to whether we for our benefit or on behalf of another company, share or sell the personal information we collect or process for commercial gain. The law imposes on certain businesses an obligation to provide the means by which these rights can be exercised.

You may ask that we or partners for whom we process or those working on our behalf take specific actions with regard to the information about you.

You may exercise these rights without concern. You cannot be charged for these requests, penalized in any way, denied benefits, products or services or charged differently for benefits, products or services for doing so.

You can do this by contacting us as described above.

You, or your authorized agent, may request the following actions in relation to your personal information:

• Opt-out. Discontinue the sharing, transfer, disclosure or sale of your information and not be contacted to request the resumption of those activities for at least 12-months.
• Request to Know. Provide you with information about what we hold and the processing of your personal information.
• Request to Delete. You have the right to request that we erase your personal information and for us to direct the same of any third-party service providers processing your information on our behalf.
• Portability. Request that any information held be returned by mail or electronically, and if electronically held, be returned in a format permitting its transfer to another service.

Verifying Your Identity

Please note that after submitting your initial request we may require additional information about your identity if we cannot verify it with the information you submitted and the information we already have. We are restricted from using that additional information for any purpose other than verifying your request or for security or fraud prevention. Except as required under CCPA, we must delete any additional information collected for the purpose of verifying your identity as soon as practical after processing your request. We will confirm receipt of your request within ten (10) days from receiving it and will respond within the timelines established under CCPA.

We, or our partners, on verification of your identity and legitimate standing to make the request, and if not an undue or unreasonable hardship for us, must act on your request, or at a very minimum, advise you as to why we cannot. There are specific reasons under the law which prevent accommodation of some requests, but if denied, we will advise as to why, to whom you may submit a complaint, and your options for challenge, redress or escalation.

Exercising your rights

If you have a specific question or concern about your rights, or questions about our Privacy Policy in support of your rights as a Californian consumer or wish to exercise your rights as a Californian consumer, please contact us by using the means included in the contact us section.

You may exercise these rights twice in a 12-month period. If an option is available to compensate you for the use of your information, you must be advised of this. We will make best efforts to address your requests within 45 days, but where that is not possible will advise you of the need for an extension of an additional 45 days.

Inquiries, data or information requests, complaints

If you have questions, would like to submit an inquiry, data or information request(s), or have a complaint about our use of your personal information or our response or handling of your requests regarding your personal information, you may contact us as described here.

You can also submit a complaint to the California Office of the Attorney General here. For more information on the California Consumer Privacy Act please visit https://www.oag.ca.gov/privacy/ccpa.

* * *