US Regional Privacy Notice

Last updated: April 17, 2024

Introduction

This Notice explains how we collect, use, and disclose your Personal Information. It also describes how to exercise your rights under the California Consumer Privacy Act, the Colorado Privacy Act, the Connecticut Act Concerning Personal Data Privacy and Online Monitoring, the Massachusetts Information Privacy Act, the Nevada Privacy of Information Collected on the Internet from Consumers Act, the New York Privacy Act, the Utah Consumer Privacy Act, and the Virginia Consumer Data Protection Act. We call these laws collectively the “U.S. Privacy Laws.”

When we say “Personal Information” in this Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with you, directly or indirectly. Personal Information does not include information that cannot be reasonably linked to you.

How we collect, use, and disclose Personal Information

To provide the products or features offered by SecurePoint 360 we process information about you, including Personal Information, whether or not you have an account or are logged in. To learn about the types of information we collect and how we use it, you can review our Privacy Policy.

Subject to the limitations we describe in our Privacy Policy, we may disclose your Personal Information for business purposes, with strict restrictions on how our partners can use and disclose the data we provide. We may also disclose it at your direction or in other ways that are in accordance with the U.S. Privacy Laws. We don’t “share” your Personal Information, as defined in the California Consumer Privacy Act (“CCPA”).

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Category Examples

Collected

A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

Yes

B. Personal information categories A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

No

C. Protected classification characteristics under US Regional Laws. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

No

D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes

E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

No

F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

Yes

G. Geolocation data. Physical location or movements.

No

H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information.

No

I. Professional or employment-related information. Current or past job history or performance evaluations.

Yes

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Yes

K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Yes

L.  Sensitive Personal Information Biometric information for purposes of identifying a consumer; personal information collected and analyzed concerning a consumer’s health, and personal information collected and analyzed concerning a consumer’s sex life or sexual orientation

No

We will use and retain the collected personal information as needed to provide the Services or for:

  • Category A – As long as the user has an account with us
  • Category D- As long as the user has an account with us
  • Category I – As long as the user has an account with us
  • Category J – As long as the user has an account with us
  • Category K – As long as the user has an account with us

We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of:

  • Receiving help through our customer support channels;
  • Participation in customer surveys or contests; and
  • Facilitation in the delivery of our Services and to respond to your inquiries.

Consumer’s Rights

Depending on where you live and subject to certain exceptions, you may have some or all of the following rights:

  • Right to Correct: You have the right to request the correction of any inaccurate personal information that we maintain about you, considering the nature of the personal information and the purposes of the processing of the personal information.   We will use commercially reasonable efforts to correct the inaccurate personal information as you may direct.
  • Right to Know: The right to request that we disclose to you the Personal Information we collect, use, or disclose, and information about our data practices.
  • Right to Request Deletion: The right to request that we delete your Personal Information that we have collected from or about you.
  • Right to Opt Out: The right to opt out of the processing of your Personal Information that have obtained from or about you.
  • Right to Non-Discrimination: The right not to receive discriminatory treatment for exercising your privacy rights.
  • Do Not Track: SecurePoint 360 does not track its customers over time and across third-party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. Third parties that have content embedded on SecurePoint 360 websites such as a social feature may set cookies on a user’s browser and/or obtain information about the fact that a web browser visited a specific Company website from a certain IP address. Third parties cannot collect any other personal information from Company’s websites unless you provide it to them directly.

To submit a request to exercise your rights, and as applicable, to appeal a consumer rights action, please email us at privacy@securepoint360.com

If you choose to submit a request, you must provide us with enough information to identify you (e.g., your first and last name and email address) and enough specificity on the requested data. We will only use the information we receive to respond to your request. We will not be able to disclose information if we cannot verify that the person making the Consumer Request is the person about whom we collected information, or someone authorized to act on such person’s behalf. We will verify your request by comparing the information you provide with the information we have on you and, if your request is submitted by an authorized agent, we will require you to provide signed, written permission for such agent to act on your behalf.

Transfers of Personal Data

The Services are hosted and operated in the United States (“U.S.”) through and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided in the U.S. and will be hosted on U.S. servers, and you authorize SecurePoint 360 to transfer, store and process your information to and in the U.S., and possibly other countries.

Security

To help protect the privacy of data and personally identifiable information you transmit through use of this site and any other related services, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

A copy of our written Information Security Plan is available upon request – contact us to request a copy.