This CALIFORNIA PRIVACY STATEMENT (the “Statement”) for all California residents supplements all previous CONFERO, INC. (hereinafter “We,” “Us,” or “Our”) Data Privacy Policy Notices and applies solely to Users or Consumers under the California Consumer Privacy Act of 2018 (“CCPA”) who reside in the State of California (hereinafter “Users”, “Consumers” or “You”). CONFERO has promulgated this Statement in accordance with the CCPA and all applicable regulations. Any terms defined in the CCPA have the same meaning when used in this Statement.
Information We Collect
We collect information which identifies, relates to, describes, references, may be associated with, or could reasonably be linked, directly or indirectly, with a California consumer or household (“Personal Information”). Accordingly, we have collected the following categories of personal information from consumers within the last twelve (12) months:
Category | Examples | Collected |
---|---|---|
A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, tax identification numbers, military identification numbers or other similar unique identifiers. | YES |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some of the personal information collected herein may be saved in other categories as well. | YES |
C. Protected classifications under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | NO |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
F. Internet or other similar network activity. | Browsing history, search history, information on Consumer or User interactions with websites, applications, or advertisements. | YES |
G. Geolocation data. | Physical location or movements. | YES |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | YES |
I. Professional or employment-related information. | Current employment, job history or performance evaluations. | YES |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Student education records maintained by an educational institution or party acting on its behalf including grades, transcripts, class lists, schedules, identification codes, financial information, or disciplinary records. | NO |
K. Inferences drawn from other personal information. | Profile reflecting individual preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO |
Personal information does not include publicly available information which is lawfully available from federal, state or local government records and certain de-identified or aggregated consumer information. Other personal information is excluded from the CCPA including health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from You; from documents and answers to questions that You may provide to Us, including but not limited to email and other correspondence as well as activity on our website, portals, social media and other electronic sites and means.
- Directly from You; from work product You may provide to us in conjunction with customer service experience research opportunities performed by You on behalf of Our clients.
- Indirectly from You; from information We collect about You, including information that may be collected automatically and information such as your usage and frequency of usage of Our website, portals, social media and other electronic sites and means, including visited areas of said sites.
- From third parties; from companies that provide similar services when identifying prospective clients or when identifying prospective independent contractors, such as mystery shoppers, and other vendors.
- From third parties or directly from You; video, audio or similar recordings from customer experience research opportunities you may have performed.
We will not collect additional categories of personal information or use any such personal information for materially different, unrelated, or inconsistent purposes without notice to You.
Use of Personal Information
We may use or disclose the following personal information for the following business purposes:
- Auditing related to a current interaction with You and concurrent transactions, including but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use, provided the personal information is not disclosed to another third party and is not used to build a profile about a Consumer or otherwise alter a Consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
- Performing services on behalf of the business or a service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
- Verifying and validating data and information provided by You regarding customer experience research opportunities, including but not limited to verifying types of purchases, dates and times of said purchases to ensure work was performed in accordance with Our client expectations.
- Maintaining records, including audio and visual records, and tracking data in support of customer experience research opportunities, including receipts of purchases provided by You.
- Responding to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- Evaluating or conducting a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information maintained by Us is a transferable asset.
Sharing Personal Information
We may disclose your personal information to a third party for a business purpose. When a category of personal information for a business purpose is disclosed, it is memorialized in an agreement which describes the business purpose and specifically details the categories of personal information and provides for confidentiality as well as the parameters of how the information may be used to perform the specific agreement.
In the preceding twelve (12) months, We have disclosed the following categories of personal information for a business purpose:
Category A: Personal Identifiers.
Category B: California Customer Records personal information categories.
Category C: Protected Classification Characteristic under California or federal law.
Category E: Internet or other similar network activity.
Category G: Geolocation data.
Category H: Sensory data.
Category I: Professional or employment-related information.
We disclose your personal information for a business purpose to the following categories of third parties:
- Our affiliates.
- Our clients when specifically related to work commissioned by the client.
- Service providers.
- Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
In the preceding twelve (12) months, We have not sold any personal information, including personal information for minors under 16 years of age.
Your Rights and Choices
In accordance with the CCPA, You have specific rights relating to your personal information. Please review the following description of your CCPA rights and how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request We disclose certain information to You about the collection and use of your personal information over the preceding twelve (12) months. Upon your confirmable request, We will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources from which the personal information is collected.
- The business or commercial purpose for collecting or selling the personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you.
- Upon the sale or disclosure of your personal information for a business purpose:
- The category or categories of consumer personal information We have sold, or We will disclose that We have not sold your personal information; and
- The category or categories of consumer personal information We have disclosed for a business purpose, or We will disclose if your personal information has not been disclosed for a business purpose.
Deletion Request Rights
You have the right to request the deletion of any personal information We have collected and maintained from You, subject to certain exceptions. Once We receive and confirm your verifiable consumer request, your personal information will be deleted from our records, subject to exceptions under applicable law in accordance with the foregoing to:
- Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activities.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
- To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
- Comply with a legal obligation.
- Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.
- Fulfill the terms of a written warranty or product recall in accordance with state or federal law.
Exercising Access, Data Portability, and Deletion Rights
To exercise access, data portability, and deletion rights described above, please submit a verifiable consumer request to Us by:
- Calling 800-326-3880
- Visiting conferoinc.com
- Emailing us directly at privacy@conferoinc.com
Only You or a person registered with the California Secretary of State whom You authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a twelve (“12”) month period. The verifiable consumer request must:
- Provide sufficient information so that We can reasonably verify You or your authorized representative is attempting to enforce rights about an individual whom we have collected personal information.
- Describe the request with sufficient detail which affords Us the ability to understand, evaluate, and respond to your request.
We cannot respond to your request or provide personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We will confirm receipt of your request within ten (“10”) days of submission unless otherwise required by applicable law. We will endeavor to respond to a verifiable consumer request within 45 days of receipt. If We require more time (up to 90 days) We will inform you in writing about the reason for the extension. If you have an account with Us, We will provide our written response to that account. If You do not have an account with Us, We will provide the written response by mail or electronically, at your option. Any disclosures provided will related to the twelve (“12”) month period preceding the receipt of the verifiable consumer request. We will also explain the reasons if We cannot comply with a request. For data portability requests, We will provide your personal information in a format and method of transmission in accordance with the CCPA which will be readily useable and accord You the ability to transmit the information from one entity to another entity without hindrance.
In most instances, We do not charge a fee to process or respond to a verifiable consumer request unless it is repetitive excessive, or manifestly unfounded. If We determine a fee is warranted, We will explain the reasons for the decision and will provide a cost estimate before the request is completed.
Non-Discrimination
We will not discriminate against you for exercising any of your rights under the CCPA. Except in accordance with the provisions and regulations of the CCPA, We will not:
- Deny You goods or services.
- Charge You different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
- Provide You a different level or quality of goods or services.
- Suggest that You will receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to Our Privacy Statement
We reserve the right to amend this Privacy Statement at our discretion and at any time and We will notify you by email or through a notice on our website homepage.
Contact Information
Any questions or comments about our Privacy Statement, the way personal information is collected and used as well as your choices and rights under California law, please do not hesitate to contact:
Confero, Inc.
2500 Regency Parkway, Suite #239
Cary, NC 27518
Toll free phone: 800.326.3880
Website: www.conferoinc.com
privacy@conferoinc.com