Owner and Data Controller
Table of Contents
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Account means a unique account created for You to access Our Service or parts of Our Service.
Business, for the purpose of the California Consumer Privacy Act (CCPA), refers to the Company as the legal entity that collects Consumers' personal information and determines the purposes and means of the processing of Consumers' personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers' personal information, that does business in the State of California.
Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Zac Fukuda and his associates who directly help conducting business. Business partners are not included.
Consumer, for the purpose of the CCPA, means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA who is outside the USA for a temporary or transitory purpose.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: Japan
Data Controller, for the purposes of the General Data Protection Regulation (GDPR), refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
Device means any device that can access the Website such as a computer, a cellphone or a digital tablet.
Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.
Personal Data (referred to as “the Data”) is any information that relates to an identified or identifiable individual.
For the purposes of GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.
For the purposes of the CCPA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.
For the purposes of the Lei Geral de Proteção de Dados (LGPD), Personal Data means as it is defined in the LGPD.
Sale, for the purpose of the CCPA, means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer's personal information to another business or a third party for monetary or other valuable consideration.
Service refers to any means of services that the Company provides to customers, such as designing, programming, coding, consulting and etc., and the Website.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
For the purpose of the GDPR, Service Providers are considered Data Processors.
Usage Data refers to data collected automatically, either generated by the use of the Website or from the Website infrastructure itself (for example, the duration of a page visit).
Website refers to Zac Fukuda, accessible from https://www.zacfukuda.com
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Under GDPR, You can be referred to as the Data Subject or as the User as you are the individual using the Service.
Types of Data
Among the types of data that We collect, by the Company or through third parties, there are Personal Data and Usage Data.
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
- Usage Data
Usage Data is collected automatically when viewing or using the Website. This information does not reveal Your specific identity—such as Your name or contact information—and is primarily needed to maintain the security and operation of Our Website, and for Our internal analytics and reporting purposes.
Usage Data we collect may include:
Log data is service-related, diagnostic, usage, and performance information Our servers automatically collect when you access or use Our Website and which We record in log files. This log data may include:
- IP address
- Device information
- Browser type
- Date/time stamps
- Pages and files viewed
- Search keywords
- System activity
- Error reports
- Hardware settings
- Referring URLs
Device data is information about Your computer, phone, tablet, or other device you use to access the Website. This device data may include:
- Type of device
- IP address (or proxy server)
- Device and application identification numbers
- Browser type
- Hardware model
- Internet service provider and/or mobile carrier
- Operating system
- System configuration information
Location data is information about Your Device's location, which can be either precise or imprecise. How much information We collect depends on the type and settings of the device You use to access the Website. For example, We may use GPS and other technologies to collect geolocation data that tells Us Your current location (based on Your IP address). You can opt out of allowing Us to collect this information either by refusing access to the information or by disabling Your location setting on Your Device. However, if You choose to opt out, You may not be able to use certain aspects of the Website.
Tracking Technologies and Cookies
- (Browser) Cookies
Certain sections of Our Website and Our emails may contain small electronic files known as web beacons—also referred to as clear gifs, pixel tags, and single-pixel gifs. These tiny graphics files enable Us to recognize when You have visited Our Website or opened Our email campaign, to count users who have visited those pages, to monitor the traffic patterns of users from one page within the Website to another, to understand whether You have come to the website from an online advertisement displayed on a third-party website, to improve the Website performance, or to measure other related website statistics.
Cookies can be persistent or session Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while session Cookies are deleted as soon as You close Your web browser.
We use both session and persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Type: Persistent Cookies
Administered by: Us
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow Us to remember choices You make when You use the Website, such as remembering Your language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter Your preferences every time You use the Website.
Tracking and Performance Cookies
Type: Persistent Cookies
Administered by: Third Parties
Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device You use to access the Website. We may also use these Cookies to test new pages, features or new functionality of the Website to see how Our users react to them.
Targeting and Advertising Cookies
Type: Persistent Cookies
Administered by: Third Parties
Purpose: These Cookies track Your browsing habits to enable Us to show advertising which is more likely to be of interest to You. These Cookies use information about Your browsing history to group You with other users who have similar interests. Based on that information, and with Our permission, third party advertisers can place Cookies to enable them to show adverts which We think will be relevant to Your interests while You are on third-party websites.
We are not responsible for the safety of any information that You share with third parties that We may link to or who advertise on Our Website, but are not affiliated with, Our Services.
We take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Personal Data.
The Personal Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Company, in some cases, the Personal Data may be accessible to certain types of persons in charge, involved with the operation of Our Services (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by Us. The updated list of these parties may be requested from Us at any time.
We may process Personal Data for the following purposes:
- To provide and maintain Our Services.
- To manage Your Account: to manage Your registration as a user of the Service.
- For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
- To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
- To provide You with news, special offers and general information about other goods, services and events which We offer that are similar to those that You have already purchased or enquired about.
- To manage Your requests: To attend and manage Your requests to Us.
- To identify usage trends: Such as data analysis, identifying usage trends, determining the effectiveness of Our promotional campaigns and to evaluate and improve Our Website and Service, products, marketing and Your experience.
We do not process Personal Data for the following purpose:
- For business transfers: We do not process or use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.
We may share Your personal information in the following situations:
- With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of Our Service, to show advertisements to You to help support and maintain Our Service, to contact You.
- With Your consent: We may disclose Your personal information for any other purpose with Your consent.
We do not share Your personal information in the following situations:
- For business transfers: We do not share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Our assets, financing, or acquisition of all or a portion of Our business to another business.
- With Affiliates: We do not share Your information with Our affiliates. Affiliates include joint venture partners or other companies that We control or that are under common control with Us.
- With business partners: We do not share Your information with Our business partners to offer You certain products, services or promotions.
- Personal Data collected for purposes related to the performance of a contract between the Company and the User shall be retained until such contract has been fully performed.
- Personal Data collected for purposes of internal analysis shall be generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Websites.
- Personal Data collected for the purposes of Our legitimate interests—including tax report, accounting, and to resolve disputes—shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Company within the relevant sections of this notice or by contacting Us.
We may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, We may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted or anonymized, if this is not possible (for example, because Personal Data has been stored in backup archives), then We will securely store Your Personal Data and isolate it from any further processing until deletion is possible. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Your Personal Data is processed at Our operating offices and in any other places where the parties involved in the processing are located.
Depending on the User's location, Your Personal Data may be transferred to—and maintained on—computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Company to safeguard their Data.
If any such transfer takes place, Users can find out more by checking the relevant sections of this notice or inquire with Us using the information provided at the bottom.
We strive to minimize the disclosure of Your Personal Data. However We may have to disclose the Data in some situations.
Under certain circumstances, We may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements
We may disclose Your Personal Data in the good faith belief that such action is necessary to:
- Comply with a legal obligation
- Protect and defend the rights or property of Ours
- Prevent or investigate possible wrongdoing in connection with the Services
- Protect the personal safety of Users of the Services or the public
- Protect against legal liability
Even when We are involved in a merger, acquisition or asset sale, Your Personal Data will not be transferred.
The security of Your Personal Data is important to the Company. We strive to use commercially acceptable means—organizational and technical—to protect the Data.
However, no electronic transmission over the internet or information storage technology can be 100% secure. We cannot guarantee its absolute security. Despite Our safeguards and efforts, hackers, cybercriminals, or other unauthorized third parties may be able to defeat Our security and improperly collect, access, steal, or modify Your Data.
You should be aware that transmission of Personal Data to and from Our Services is at Your own risk, and only access the Services within a secure environment.
Detailed Information on the Processing
The Service Providers We use may have access to Your Personal Data. These third-party vendors collect, store, use, process and transfer information about Your activity on Our Website in accordance with their privacy policies.
We may use third-party Service Providers to monitor and analyze the use of Our Website. Those are:
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of Our Website. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy
For the information regarding how Google uses their data they collect, please refer to https://policies.google.com/technologies/partner-sites.
We may use Service Providers to show advertisements to You to help support and maintain Our Website.
Carbon by BuySellAds
Carbon is a advertising platform for creators and developers as publishers. Unlike major online advertising platforms, Carbon is not interest-based advertising. As such they do not issue any cookies on Our Website and do not collect Your browsing history. However, when You click a advertising, You will be navigated to the external web page, on which Our Privacy and Cookie Policies are not applied. They may have implemented their own cookies or other similar tracking technology during the navigation process.
General Data Protection Regulation (GDPR)
- Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, You can access, update or request deletion of Your Personal Data directly within Your account settings section. If You are unable to perform these actions Yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
- Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
- Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to Our processing of Your Personal Data on this ground. You also have the right to object where We am processing Your Personal Data for direct marketing purposes.
- Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
- Request the transfer of Your Personal Data. We will provide to You, or to a third party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
- Withdraw Your consent. You have the right to withdraw Your consent on using Your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Website.
We may process Personal Data under the following conditions:
- Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
- Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which We are subject.
- Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
- Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in Us.
- Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by Us.
You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that We may ask You to verify Your identity before responding to such requests. If You make a request, We will try Our best to respond to You as soon as possible.
You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
California Consumer Privacy Act (CCPA)
The California Code of Regulations defines a “resident” as:
- every individual who is in the State of California for other than a temporary or transitory purpose and
- every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose
If this definition of “resident” applies to You, We must adhere to certain rights and obligations regarding Your Personal Data.
Categories of Personal Information Collected
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or Device. The following is a list of categories of personal information which We may collect or may have been collected from California residents within the last twelve (12) months.
Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by Us, but reflects Our good faith belief to the best of Our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if You provided such personal information directly to Us.
Category A: Identifiers
Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver's license number, passport number, or other similar identifiers.
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
Category C: Protected classification characteristics under California or federal law
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Category D: Commercial information
Examples: Records and history of products or services purchased or considered.
Category E: Biometric information
Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Category F: Internet or other similar network activity
Examples: Interaction with Our Service or advertisement.
Category G: Geolocation data
Examples: Approximate physical location.
Category H: Sensory data
Examples: Audio, electronic, visual, thermal, olfactory, or similar information.
Category I: Professional or employment-related information
Examples: Current or past job history or performance evaluations.
Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))
Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Category K: Inferences drawn from other personal information
Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We may also collect other personal information outside of these categories instances where You interact with Us in person, online, or by phone or mail in the context of:
- Receiving help through Our customer support channels
- Participation in customer surveys or contests
- Facilitation in the delivery of Our Services and to respond to Your inquiries
Under CCPA, personal information does not include:
- Publicly available information from government records
- Unidentified or aggregated consumer information
Information excluded from the CCPA's scope, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data
- Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994
Sources of Personal Information
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from You. For example, from the forms You complete on Our Website, preferences You express or provide through Our Service
- Indirectly from You. For example, from observing Your activity on Our Website.
- Automatically from You. For example, through cookies We or Our Service Providers set on Your Device as You navigate through Our Website.
- From Service Providers. For example, third-party vendors to monitor and analyze the use of Our Website, third-party vendors to provide advertising on Our Website, or other third-party vendors that We use to provide the Service to You.
Use of Personal Information for Business Purposes or Commercial Purposes
We may use or disclose personal information We collect for “business purposes” or “commercial purposes” (as defined under the CCPA), which may include the following examples:
- To operate Our Service and provide You with Our Service.
- To provide You with support and to respond to Your inquiries, including to investigate and address Your concerns and monitor and improve Our Service.
- To fulfill or meet the reason You provided the information. For example, if You share Your contact information to ask a question about Our Service, We will use that personal information to respond to Your inquiry.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to You when collecting Your personal information or as otherwise set forth in the CCPA.
- For internal administrative and auditing purposes.
- To detect security incidents and protect against malicious, deceptive, fraudulent or illegal activity, including, when necessary, to prosecute those responsible for such activities.
Please note that the examples provided above are illustrative and not intended to be exhaustive. For more details on how We use this information, please refer to the Processing section.
Disclosure of Personal Information for Business Purposes or Commercial Purposes
We may use or disclose and may have used or disclosed in the last twelve (12) months the following categories of personal information for business or commercial purposes:
- Category A: Identifiers
- Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
- Category F: Internet or other similar network activity
Please note that the categories listed above are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact disclosed, but reflects Our good faith belief to the best of Our knowledge that some of that information from the applicable category may be and may have been disclosed.
When We disclose personal information for a business purpose or a commercial purpose, We enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
Sale of Personal Information
As defined in the CCPA, “sell” and “sale” mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information by the business to a third party for valuable consideration. This means that We may have received some kind of benefit in return for sharing personal information, but not necessarily a monetary benefit.
Please note that the categories listed below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact sold, but reflects Our good faith belief to the best of Our knowledge that some of that information from the applicable category may be and may have been shared for value in return.
We may sell and may have sold in the last twelve (12) months the following categories of personal information:
- Category A: Identifiers
- Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
- Category F: Internet or other similar network activity
Share of Personal Information
We may share Your personal information identified in the above categories with the following categories of third parties:
- Service Providers
- Third party vendors to whom You or Your agents authorize Us to disclose Your personal information in connection with products or services We provide to You
Sale of Personal Information of Minors Under 16 Years of Age
We do not sell the personal information of Consumers We actually know are less than 16 years of age, unless We receive affirmative authorization (the “right to opt-in”) from either the Consumer who is between 13 and 16 years of age, or the parent or guardian of a Consumer less than 13 years of age. Consumers who opt-in to the sale of personal information may opt-out of future sales at any time. To exercise the right to opt-out, You (or Your authorized representative) may submit a request to Us by contacting Us.
If You have reason to believe that a child under the age of 13 (or 16) has provided Us with personal information, please contact Us with sufficient detail to enable Us to delete that information.
Your Rights under the CCPA
The CCPA provides California residents with specific rights regarding their personal information. If You are a resident of California, You have the following rights:
- The right to notice. You have the right to be notified which categories of Personal Data are being collected and the purposes for which the Personal Data is being used.
The right to request. Under CCPA, You have the right to request that We disclose information to You about Our collection, use, sale, disclosure for business purposes and share of personal information. Once We receive and confirm Your request, We will disclose to You:
- The categories of personal information We collected about You
- The categories of sources for the personal information We collected about You
- Our business or commercial purpose for collecting or selling that personal information
- The categories of third parties with whom We share that personal information
- The specific pieces of personal information We collected about You
If we sold Your personal information or disclosed Your personal information for a business purpose, We will disclose to You:
- The categories of personal information categories sold
- The categories of personal information categories disclosed
- The right to say no to the sale of Personal Data (opt-out). You have the right to direct Us to not sell Your personal information. To submit an opt-out request please contact Us.
The right to delete Personal Data. You have the right to request the deletion of Your Personal Data, subject to certain exceptions. Once We receive and confirm Your request, We will delete (and direct Our Service Providers to delete) Your personal information from Our records, unless an exception applies. We may deny Your deletion request if retaining the information is necessary for Us or Our Service Providers to:
- Complete the transaction for which We collected the personal information, provide a good or service that You requested, take actions reasonably anticipated within the context of Our ongoing business relationship with You, or otherwise perform Our contract with You.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if You previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with Us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which You provided it.
The right not to be discriminated against. You have the right not to be discriminated against for exercising any of Your consumer's rights, including by:
- Denying goods or services to You
- Charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties
- Providing a different level or quality of goods or services to You
- Suggesting that You will receive a different price or rate for goods or services or a different level or quality of goods or services
Exercising Your CCPA Data Protection Rights
In order to exercise any of Your rights under the CCPA, and if You are a California resident, You can contact Us:
Only You, or a person registered with the California Secretary of State that You authorize to act on Your behalf, may make a verifiable request related to Your personal information.
Your request to Us must:
- Provide sufficient information that allows Us to reasonably verify You are the person about whom We collected personal information or an authorized representative
- Describe Your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it
We cannot respond to Your request or provide You with the required information if we cannot:
- Verify Your identity or authority to make the request
- And confirm that the personal information relates to You
We will disclose and deliver the required information free of charge within 45 days of receiving Your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.
Any disclosures We provide will only cover the 12-month period preceding the verifiable request's receipt.
For data portability requests, We will select a format to provide Your personal information that is readily usable and should allow You to transmit the information from one entity to another entity without hindrance.
Do Not Sell My Personal Information
You have the right to opt-out of the sale of Your personal information. Once We receive and confirm a verifiable consumer request from You, We will stop selling Your personal information. To exercise Your right to opt-out, please contact Us.
The Service Providers We partner with (for example, Our analytics or advertising partners) may use technology on the Website that sells personal information as defined by the CCPA law. If you wish to opt out of the use of Your personal information for interest-based advertising purposes and these potential sales as defined under CCPA law, you may do so by following the instructions below.
Please note that any opt out is specific to the browser You use. You may need to opt out on every browser that You use.
You can opt out of receiving ads that are personalized as served by Our Service Providers by following Our instructions presented on the Service:
- The NAI's opt-out platform: http://www.networkadvertising.org/choices/
- The EDAA's opt-out platform http://www.youronlinechoices.com/
- The DAA's opt-out platform: http://optout.aboutads.info/?c=2&lang=EN
The opt out will place a cookie on Your computer that is unique to the browser You use to opt out. If you change browsers or delete the cookies saved by Your browser, You will need to opt out again.
Your mobile device may give You the ability to opt out of the use of information about the apps You use in order to serve You ads that are targeted to Your interests:
- “Opt out of Interest-Based Ads” or “Opt out of Ads Personalization” on Android devices
- “Limit Ad Tracking” on iOS devices
You can also stop the collection of location information from Your mobile device by changing the preferences on Your mobile device.
California Online Privacy Protection Act (CalOPPA)
Most web browsers and some mobile operating systems and mobile applications include a Do Not Track (DNT) feature or setting You can activate to signal Your privacy preference not to have data about Your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized.
As such, We no not respond to DNT signals or any other mechanism that automatically communicates Your choice not to be tracked online.
However, some third-party websites do keep track of Your browsing activities. If You are visiting such websites, You can set Your preferences in Your web browser to inform websites that You do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of Your web browser.
California Civil Code Section 1798 (Shine the Light law)
Under California Civil Code Section 1798.83, also referred to as the Shine the Light law, California residents with an established business relationship with Us can request and obtain information once a year free of charge about categories of Your Personal Data (if any) We disclosed to third parties for the third parties’ direct marketing purposes and the names and addresses of all third parties with which We shared Your Personal Data in the immediately preceding calendar year.
If You would like to make such a request or more information under the California Shine the Light law, and if You are a California resident, You can submit Your request in writing to Us using the contact information provided below.
The Personal Information Protection and Electronic Documents Act (PIPEDA)
We may process Your Personal Data if You have given Us specific permission (i.e., express consent) to use that information for a specific purpose, or in situations where Your permission can be inferred (i.e., implied consent). You can withdraw Your consent at any time.
In some exceptional cases, We may be legally permitted under applicable law to process Your Personal Data without Your consent, including, for example:
- If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
- For investigations and fraud detection and prevention
- For business transactions provided certain conditions are met
- If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim
- For identifying injured, ill, or deceased persons and communicating with next of kin
- If We have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse
- If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province
- If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
- If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced
- If the collection is solely for journalistic, artistic, or literary purposes
- If the information is publicly available and is specified by the regulations
Lei Geral de Proteção de Dados (LGPD)
The grounds on which We process Your personal information
We can process Your Personal Data solely if We have a legal basis for such processing. Legal bases are as follows:
- Your consent to the relevant processing activities
- compliance with a legal or regulatory obligation that lies with Us
- the carrying out of public policies provided in laws or regulations or based on contracts, agreements and similar legal instruments
- studies conducted by research entities, preferably carried out on anonymized Personal Data
- the carrying out of a contract and its preliminary procedures, in cases where You are a party to said contract
- the exercising of Our rights in judicial, administrative or arbitration procedures
- protection or physical safety of Yourself or a third party
- the protection of health—in procedures carried out by health entities or professionals
- Our legitimate interests, provided that Your fundamental rights and liberties do not prevail over such interests; and
- credit protection
To find out more about the legal bases, You can contact Us at any time using the contact details provided below.
Categories of Personal Data processed
To find out what categories of Your personal information are processed, You can read the section titled Detailed Information on the Processing within this notice.
Why We process Your Personal Data
Your Brazilian Privacy Rights
You have the right to:
- obtain confirmation of the existence of processing activities on Your Personal Data
- access to Your Personal Data
- have incomplete, inaccurate or outdated Personal Data rectified
- obtain the anonymization, blocking or elimination of Your unnecessary or excessive Personal Data, or of information that is not being processed in compliance with the LGPD
- obtain information on the possibility to provide or deny Your consent and the consequences thereof
- obtain information about the third parties with whom We share Your personal information
- obtain, upon Your express request, the portability of Your Personal Data (except for anonymized information) to another service or product provider, provided that Our commercial and industrial secrets are safeguarded
- obtain the deletion of Your Personal Data being processed if the processing was based upon Your consent, unless one or more exceptions provided for in art. 16 of the LGPD apply
- revoke Your consent at any time
- lodge a complaint related to Your Personal Data with the National Data Protection Authority (ANPD) or with consumer protection bodies
- oppose a processing activity in cases where the processing is not carried out in compliance with the provisions of the law
- request clear and adequate information regarding the criteria and procedures used for an automated decision
- request the review of decisions made solely on the basis of the automated processing of Your Personal Data, which affect Your interests. These include decisions to define Your personal, professional, consumer and credit profile, or aspects of Your personality.
You will never be discriminated against, or otherwise suffer any sort of detriment, if You exercise Your rights.
How to File a Request
You can file Your express request to exercise Your rights free from any charge, at any time, by using the contact details provided below.
How and When We Will Respond to Your Request
We will strive to promptly respond to Your requests.
In any case, should it be impossible for Us to do so, We’ll make sure to communicate to Your the factual or legal reasons that prevent Us from immediately, or otherwise ever, complying with Your requests. In cases where We are not processing Your Personal Data, We will indicate to You the physical or legal person to whom You should address Your requests, if We are in the position to do so.
In the event that You file an access or personal data processing confirmation request, please make sure that You specify whether You would like Your Personal Data to be delivered in electronic or printed form. You will also need to let Us know whether You want Us to answer Your request immediately, in which case We will answer in a simplified fashion, or if You need a complete disclosure instead.
In the latter case, We will respond within 15 days from the time of Your request, providing You with all the information on the origin of Your Personal Data, confirmation on whether or not records exist, any criteria used for the processing and the purposes of the processing, while safeguarding Our commercial and industrial secrets.
In the event that You file a rectification, deletion, anonymization or personal data blocking request, We will make sure to immediately communicate Your request to other parties with whom We have shared Your Personal Data in order to enable such third parties to also comply with Your request—except in cases where such communication is proven impossible or involves disproportionate effort on Our side.
Transfer of Personal Data Outside of Brazil Permitted by the Law
We are allowed to transfer Your Personal Data outside of the Brazilian territory in the following cases:
- when the transfer is necessary for international legal cooperation between public intelligence, investigation and prosecution bodies, according to the legal means provided by the international law
- when the transfer is necessary to protect Your life or physical security or those of a third party
- when the transfer is authorized by the ANPD
- when the transfer results from a commitment undertaken in an international cooperation agreement
- when the transfer is necessary for the execution of a public policy or legal attribution of public service
- when the transfer is necessary for compliance with a legal or regulatory obligation, the carrying out of a contract or preliminary procedures related to a contract, or the regular exercise of rights in judicial, administrative or arbitration procedures
Our Website does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.
California Privacy Rights for Minor Users
California Business and Professions Code Section 22581 allows California residents under the age of 18 who are registered users of online sites, services or applications to request and obtain removal of content or information they have publicly posted.
To request removal of such data, and if You are a California resident, You can contact Us using the contact information provided below, and include the email address associated with Your account.
Be aware that Your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.