Skip to Content

 

 

PRIVACY NOTICE
Last updated June 12, 2023

 

INTRODUCTION

At Theisen’s we take customer privacy seriously. We believe that managing your privacy is important, and we want you to be informed. Please take a few minutes to review this privacy policy (this “Policy”) to understand how we collect, use, disclose, and otherwise interact with your personal information. We respect your privacy and are committed to managing it through our compliance with this Policy.

This Policy applies to your interactions and transactions with Theisen’s, including when you visit our website (www.theisens.com) (the “Site”), when you visit our retail locations, when you purchase our products, and when you otherwise communicate or connect with us (online, by phone, in-person, or otherwise) (collectively, the “Services”).

When you use the Services, you consent to our use of your personal information as described in this Policy. As do most companies, we may periodically revise this Policy, including when there are changes to the law, technology, or our business. Your continued use of the Services after any revisions means you consent to and acceptance of the revised Policy. Because we want you to be informed and privacy aware, we encourage you to review this Policy periodically to ensure you keep up to date with and understand our privacy practices.

More information specific to residents of California and Virginia 

THEISEN’S DATA COLLECTION

Types of Information We Collect

Theisen’s collects the following categories and types of information, which may constitute personal information:

Identifying Information (or “Identifiers”) – your name, postal address, billing or shipping address, email address, telephone or mobile number, account username and password, and any unique or similar identifiers.

Payment and Credit Information – Your credit or debit card information, banking information, information about your payment transaction, or other financial information you provide us.

Device Information – The operating system of your device, device identifier, the type of device you are using, and other mobile identifiers.

Commercial Information – Information about your orders, shipping details, returns, product complaints, product reviews, and warranties.

Internet and Network Activity – Information on your interactions with the Services, our advertisements, navigation, and activity in the Services, and how you use your account.

Audio/Video/Sensory Information – CCTV video and images captured in and around our stores, audio recordings of customer calls, and images you share with Theisens.com.

Employment Information - Information such as work experience, education, skills, behaviors, motivations, licenses and certifications, and any other information you provide to us through our employment application or as part of your employment with us.

Inferences – Information derived from your preferences, characteristics, predispositions, and behavior, as well as other information that helps us identify or predict which products you may be interested in.

How We Collect Information From and About You

Information You Voluntarily Provide to Us. You may provide us information, when you:

  • Create an account with us
  • Purchase a product or a gift card, including when you submit your payment and credit information to Theisen’s or its payment processors
  • Sign up for emails, news updates, promotions, or our text messaging program
  • Participate in surveys, sweepstakes, focus groups, marketing initiatives, contests, events, or promotions
  • Make a return or exchange
  • Contact Customer Service, or request information about us or our Services – please note that we may record calls with you for training, customer service, fraud prevention, or quality purposes
  • Submit product reviews, including photos of products
  • Track an online order
  • Communicate with us through the Chat or Email function in the Services
  • Interact with us on our social media pages
  • Apply for a job (online or in-person)
  • Through the employment process
  • Create a wish list

 

Information We Collect Through Other Means. We like to know who our customers are and how they are using our products, so we can market the right products to the right people. As a result, we may also collect, obtain, or supplement information about you (including personal information) from sources other than you, including publicly available sources and records, social media platforms, forums, blogs, other users of our products and services, our affiliates, our service providers, and third-party marketing partners.

Information When You Shop at Our Stores. We may also collect information from you when you shop at our stores, including much of the same information we would collect if you shopped online (i.e., order information, payment information, etc.). If you pay by personal check, we may also collect your driver’s license number for verification and fraud prevention purposes. In addition, to keep our employees and our customers safe, we use CCTV cameras in our retail stores and other company locations. These cameras collect and store audio, video, images, and other associated information to help us with fraud prevention, security, and risk management. Our CCTV cameras are provided by trusted third-party vendors, so video and images, as well as other associated information, are shared with both Theisen’s and those trusted vendors.

Information From Emails. We collect information about your interactions with emails sent by us or on our behalf, including whether you opened the email or clicked on any links. We may use this information to improve our marketing, to understand our audience, and to improve the Services. If you wish to opt out of receiving emails from us, please see the “Opt-Out” section, below. 

Information We Collect Automatically When You Use the Services. When you use or interact with the Services, we may use a variety of technologies that collect information automatically, including cookies. Those technologies may collect, among other things, your IP address, location, device type, date and time of visit, operating system, and browser type, as well as your activities on the Site. We also use these technologies to monitor the performance of the Site, troubleshoot the Site, and optimize your experience. If you are interacting with the Services on a mobile device, additional information may be collected, including your mobile device’s unique device ID, its GPS signal, and information about how you use the Services. The information may also be collected by, received by, or shared with our service providers or third parties who assist us with these activities. We use this information to, for example, help make the Site more useful and appealing to you and to better understand our users.

  • Cookies. We think it is important that you understand cookies. A cookie is a small text file that is sent to your browser when you access the Services. We, our service providers, and the third parties described below may use session cookies. A session cookie is available only during the course of the browser session; the information is not sent to or stored on a computer’s hard drive. Closing the browser or logging off will invalidate the session cookie. We and our service providers and other third parties described below may also use machine cookies, which do remain on a computer hard drive and gather information, sometimes over time and across sites. You can find more information about your choices regarding cookies under the heading “YOUR CHOICES ABOUT OUR COLLECTION, USE, AND DISCLOSURE.”
  • Web Beacons. “Web beacons” or “tracking pixels” are electronic images, tags, or scripts that allow access to cookies, and, among other things, help track general usage patterns of visitors to online services. Web beacons can recognize certain types of information, such as cookies, time and date of a page view, and a description of the page where the web beacon is placed. They may also be used to track interactions with emails. We, our service providers, and the third parties described below may use web beacons to compile information regarding your use of the Services.
  • Location Information: We may collect information about your location (via GPS or other technologies), including when you enable location-based features in the Services, such as allowing us to show you the nearest Theisen’s store.

 

THIRD-PARTY DATA COLLECTION AND ADVERTISING

Like the internet itself, online marketing is a networked enterprise. Thus, we want to make it clear that we do use third parties, including Google, Facebook, Hubspot, and dotdigital, to assist us, including with marketing, analytics, social media, and data analysis. These third parties may use cookies, or other methods or technologies like scripts, pixels, or action tags, to collect information about you when you interact with the Services. We may also provide these third parties with information about you to assist us in our marketing efforts. We use the information we collect and receive for a variety of purposes, including to learn which online advertisements attracted you; to improve our content, products, and services; to inform groups of users about relevant products and services; to identify new customers; and to help us analyze and improve the Services and the effectiveness of our marketing. The use of your information may be governed by privacy policies maintained by those third parties. There is additional information about third-party data collection and targeted advertising in the section titled “Online Behavioral (Targeted) Advertising,” below.

Social Media Platforms. We use third parties to gather and analyze data from social media platforms, including, for example, Facebook®, Instagram®, Pinterest®, YouTube®, and Twitter®. We use these third parties to help us understand your interaction between social media and our Services, and to advertise to current and future customers based on interests and demographics.

 

Online Behavioral (Targeted) Advertising. Online behavioral advertising is used to deliver advertisements that are catered to your interests (or “targeted” to you) based on your browsing history. We may engage third parties to display ads on our behalf on the Internet, including, for example, Google, and those third parties may use information about you to provide you with our ads. They may also track and report on the performance of our advertising and marketing campaigns and provide that information to us. Online behavioral advertising can use a variety of tracking technologies, including cookies, pixels, and scripts, and track you across websites. Certain state privacy laws allow residents of those states to opt out of this type of advertising. Customers in those states may fill out our webform to opt out.

 

DATA INTEGRATION

Some of the information we collect or that we receive from our service providers and third parties may be maintained or associated with other personal information we have or collect about you. This helps us to, among other things: (a) estimate our audience size and usage patterns; (b) store information about your preferences, allowing us to customize our Services according to your individual interests; (c) speed up your searches; (d) recognize you when you return to the Services; (e) improve the Services and any products and services we offer; and (f) improve our marketing efforts.

HOW WE USE INFORMATION

The information we gather works every bit as hard as a pair of Fire Hose® Work Pants. It allows us to serve you better, in ways such as those described above and below.

Uses of Personal Information. We may use your personal information:

  • To respond to any request you have made, including for information, for products, or about the Services
  • For our marketing efforts, including to keep you informed about existing and new products to determine how best to market to you, and to provide you with surveys, questionnaires, and other promotional or marketing inquiries
  • To process, confirm, complete, and support any transactions requested by you, including any payments
  • To provide you with customer support
  • To communicate with you, including through email and SMS/text messages
  • To resolve issues or concerns, including any returns and exchanges
  • To improve the Services and our products, including your user experience
  • To protect the safety, security, availability, and integrity of the Services, including to prevent fraud, theft, or other illegal activity
  • To monitor compliance with and enforce this Policy and our Terms of Use and any other applicable agreements and policies
  • To comply with or enforce our legal obligations or rights
  • If necessary, to notify you about changes to the Services and any products we offer or provide
  • In any other way we may describe when you provide the information and
  • To fulfill any other purposes for which you provide it or offer your consent

 

Aggregated, Anonymized, and De-Identified Information. We may use or share information we collect automatically from your use of the Services that is not personal information and any other information that is otherwise de-identified or anonymized for any purpose, including with third parties to improve the content and functionality of the Services, to better understand our customers and markets, and to improve our products and services.

DISCLOSURE OF YOUR INFORMATION

We may share your information, including your personal information:

  • With service providers we use to provide or support our business and the Services, including payment processors, data analytics providers, technology providers (for example, providers that send emails on our behalf, host or monitor the Services and provide chat functionality), maintenance providers, fraud prevention providers, shipping providers, and marketing providers
  • With third parties for marketing purposes as described in the “Third-Party Data Collection and Advertising” section, above.
  • For any other purposes disclosed by us when you provide the information or
  • With your consent

 

We may also share your personal information to comply with any court order or legal obligation, including responding to any lawful government or regulatory request, or if we believe disclosure is necessary to enforce or protect our rights, property, or safety, or that of our users or third parties.

Where we provide personal information to our service providers, we strive to ensure that our service providers handle such personal information solely in the manner described in our agreement with them and in accordance with applicable laws.

YOUR CHOICES ABOUT OUR COLLECTION, USE, AND DISCLOSURE

There are steps you can take to manage your privacy, which we outline below. Keep in mind that an opt-out is typically valid only for the device that you use to opt-out; so, if you use multiple devices, you may need to opt-out on each device. Also, some opt-outs require that you accept a cookie or install a plug-in to record and honor your request; if you delete the cookie, you may need to opt-out again. In addition to the methods below, you may be able to use the incognito or private function in your browser or other software and plug-ins to help manage your privacy preferences; make sure to review the privacy policy of any provider of such software or plug-in before installing it.

Cookies. If you wish to disable or opt-out of some or all cookies, you may set your browser to refuse some cookies or to alert you when cookies are being sent. Your browser may also allow you to remove or delete cookies on your device. Review our Cookie Policy. 

Please note that opting out of cookies could impact the Services, some of which may then be inaccessible or not function properly.

Analytics. Some of the analytics providers we use allow you to opt-out of data collection, as described below.

Location Information. If you do not wish to share GPS location information with Theisen’s, you may be able to turn off location sharing in your mobile device settings, or otherwise decline the option to allow your web browser to use your location for certain functionality such as finding the nearest Theisen’s store.

E-mail Opt-Out. You may opt-out of receiving future communications from us by clicking on the “unsubscribe” link at the bottom of any email from us (or sent on our behalf).

Accessing and Correcting Personal Information. If you have an account with us and wish to review and/or update your personal information, please log into the Services and visit your account profile page to make any desired changes. If you are a California or Virginia resident, you may have other rights that are described below in  Appendix A (Privacy Information for California and Virginia Residents).

Google Ads. We use several Google services to assist us with advertising. Learn more about Google's practices about data collection and to manage Google Ads.

Online Behavioral Advertising. You can opt-out of online behavioral advertising from members of the Digital Advertising Alliance and the National Advertising Initiative using the links below. For more information visit: https://youradchoices.com/ and https://thenai.org/about-online-advertising/faq/?tab=3 .  Our ads on third-party websites may also display an advertising options icon that you can click to learn about your privacy choices. This icon will only appear on certain platforms.

 

Social Media and Other Opt-Outs. You can also opt-out of some of our advertising and social media partners by visiting their opt-out pages:

 

Mobile Device Options:  In some instances, mobile devices have settings that allow you to control or limit your cookies and similar technologies. For example, if you are an iOS user, you can enable “Limit Ad Tracking,” and for Android users, the “Opt-Out of Ads Personalization” or “Opt Out of Interest-Based Ads” settings are used for this purpose.

Personal Information Opt-Out. If you prefer not to have your personal information shared with carefully screened companies or organizations (third parties) whose products might be of interest to you, just let us know by sending us an email at customerservice@theisens.com, contacting us by mail at 6201 Chavenelle Road, Dubuque, IA 52002, or calling us at 1-866-245-6850. Please note that we may take reasonable steps to verify your identity and the authenticity of your request, including where permitted or required by law.

EXTERNAL WEBSITES

Third-Party Links. Our Services may contain links to websites operated and maintained by third parties. We have no control over and are not responsible for the privacy policies or content on those websites, and any links to third-party websites do not imply an affiliation between Theisen’s and the website owner, or any endorsement, approval, or verification of any content contained on those websites. Privacy policies on third-party websites and mobile applications may be different from our Policy. You access such links at your own risk. You should always read the privacy policy of a website or mobile application before disclosing any of your information.

Social Media. If you use any functionality in the Services that allows you to interact with social media platforms (e.g., Facebook®, Instagram®, Twitter®, Pinterest®, and YouTube®) or otherwise interact with us on social media, generally, then please be aware that: (a) we may display your email address and/or social media handle (e.g., username) to other users; (b) we may use information you provide about yourself or other users to facilitate communications; and (c) we may collect information about interactions with us, including personal information and audio, video, and photos, and receive information from social media platforms about you, including as described in the section titled “Third-Party Data Collection and Advertising.” Please note that any content you post to social media platforms is subject to the data-handling practices of each social media platform, as described in their respective terms of use and privacy policy, which we encourage you to read before posting content.

DO NOT TRACK

The Services respond to “do not track” requests, where legally required. All traffic is treated equally and processed the same. If you desire to have your browsing be private, we suggest that you use your web browser’s private, incognito, or similar function, or utilize third-party software or plug-ins that have such functionality.

RETENTION

We retain personal information only as long as we reasonably need it to fulfill the purposes for which we collected or obtained it. We use reasonable business criteria to establish retention periods for personal information.

NOTICE TO CALIFORNIA. VIRGINIA AND NEVADA RESIDENTS

California and Virginia.  Residents of the States of California and Virginia may have additional rights under state laws with respect to their personal information. If you are a California or Virginia resident, please review Appendix A (Privacy Information for California and Virginia Residents) to understand the rights you may have and how to exercise them.

Nevada. Residents of the State of Nevada have the right to opt-out of the sale of certain pieces of information for monetary consideration, where the buyer of such information will sell and license it to others. Theisen’s does not sell any personal information for monetary consideration. To opt-out of such activity, please follow the instructions in the section above titled “Personal Information Opt-Out.”

CHILDREN UNDER THE AGE OF 13

Although we appreciate the Theisen’s Customers of the future, these Services are not intended for anyone under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under the age of 13 without parental consent, we will delete that information and otherwise comply with the requirements of any applicable law including the Children’s Online Privacy Protection Act. If you believe that we might have any information from or about a child under the age of 13, please contact us at customerservice@theisens.com.

SECURITY

We strive to use reasonable means to secure your personal information while you are using the Services. However, please keep in mind that the transmission of information over the internet and on mobile platforms is not always secure, which means we cannot and do not guarantee the security or confidentiality of any personal information you provide to us. Given this reality, your use of the Services, and your decision to provide personal information to us, is at your own risk.

CHANGES TO THIS POLICY

Innovation is part of our company mission. As we constantly evolve and improve how we do business online, from time to time this Policy may change. The effective date of this Policy is the date next to the words “Last Modified” at the top of this Policy. We may update this Policy at any time, at our sole discretion, if we make material changes to the way we handle your personal information, or if material changes are necessary due to law. http://www.theisens.com and at any other link you clicked on to reach this Policy. Any changes we make to this Policy will be effective immediately upon the posting of the updated Policy. As such, we encourage you to review this Policy regularly. Your continued use of the Services after we make changes will constitute your acceptance of any such changes.

CONTACT US

Have questions or comments? We want to hear from you. If you have feedback about this Policy or our Terms of Use, wish to remove or change your contact information in our database, or do not want to receive future mailings or other communications, or if you have other inquiries, just contact us at any time using one of the options below:

 

APPENDIX A (Privacy Information for California and Virginia Residents)

 

This Appendix supplements the information contained in the Theisen’s Privacy Policy and applies solely to residents of the States of California and Virginia (“consumers” or “you”).

When you use the Services, we may collect personal information. Personal information is defined under the applicable state privacy laws as information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked to, directly or indirectly, a particular consumer or device.

Personal information does not include publicly available information from government records, de-identified or aggregated consumer information, or information excluded from state privacy laws’ scope, such as health or medical information subject to HIPAA, and financial information subject to GLBA or FCRA.

Disclosures

In the past twelve (12) months, we have collected the categories of personal information described in the Privacy Policy section titled “Types of Information We Collect.”

In the past twelve (12) months, we have used and shared personal information of consumers in those categories as follows:

 

Identifiers (e.g., name, address, email)

How We Use Identifiers (Business Purposes)

To provide you with information, products, or services; to advertise or market to you; to secure the Services from malicious traffic; for anti-fraud measures; to evaluate store locations; and for our own legal obligations and business needs.

Categories of Service Providers and Third Parties With Whom Identifiers Are Shared

Entities that we are legally required to share with pursuant to law; service providers (e.g., shipping partners, fraud analytics partners); ad networks; data analytics providers; marketing partners; outside auditors and lawyers; and social networks.

Internet and Network Information (e.g., IP address, browsing history)

How We Use Internet and Network Information (Business Purposes)

To provide you with information, products, or services; to advertise or market to you; to improve our services and products; and to secure the Services and prevent fraud.

Categories of Service Providers and Third Parties With Whom Personal Internet and Network Information Is Shared

Entities that we are legally required to share with pursuant to law; service providers (e.g., fraud analytics partners); marketing partners; ad networks; data analytics providers; and social networks.

Payment, Financial and Credit Information

How We Use Payment, Financial, and Credit Information (Business Purposes)

To provide you with information, products, or services; to secure the Services from malicious traffic; for anti-fraud measures; and for our own legal obligations and business needs.

Categories of Service Providers and Third Parties With Whom Payment, Financial and Credit Information Is Shared

Entities that we are legally required to share with pursuant to law; service providers (e.g., payment processors and fraud analytics partners; and outside auditors and lawyers.)

Device Information

How We Use Device Information (Business Purposes)

To provide you with information, products, or services; to advertise or market to you; to improve our services and products; to show you our store locations; and to secure the Services.

Categories of Service Providers and Third Parties With Whom Device Information Is Shared

Entities that we are legally required to share with pursuant to law; service providers; marketing partners; ad networks; data analytics providers; and social networks.

Protected Classification Characteristics Under California or Federal Law

How We Use Protected Classification Characteristics (Business Purposes)

To provide you with information, products, or services; to advertise or market to you; and to improve our services or products.

Categories of Service Providers and Third Parties With Whom Protected Classification Characteristics Are Shared

Entities that we are legally required to share with pursuant to law; and service providers.

Commercial Information

How We Use Commercial Information (Business Purposes)

To provide you with information, products, or services; to advertise or market to you; for our own legal obligations and business needs; and to improve our services and products.

Categories of Service Providers and Third Parties With Whom Commercial Information Is Shared

Entities that we are legally required to share with pursuant to law; service providers (e.g., shipping partners); marketing partners; ad networks; data analytics providers; prospective purchasers of our business; outside auditors, insurers, and lawyers; and social networks.

Geolocation Data

How We Use Geolocation Data (Business Purposes)

To provide you with information, products, or services; show you our store locations; and advertise or market to you.

Categories of Service Providers and Third Parties With Whom Geolocation Data Is Shared

Entities that we are legally required to share with pursuant to law; marketing partners; ad networks; data analytics providers; and service providers.

Audio, Electronic, or Visual Information

How We Use Audio, Electronic, or Visual Information (Business Purposes)

To improve our services and products; for fraud prevention, security, and risk management.

Categories of Service Providers and Third Parties With Whom Audio, Electronic or Visual Information Is Shared

Entities that we are legally required to share with pursuant to law; service providers; and outside auditors and lawyers.

Inferences

How We Use Inferences (Business Purposes)

To provide you with information, products, or services; to advertise or market to you; to improve our services and products and their availability; and for our own business needs.

Categories of Service Providers and Third Parties With Whom Inferences Are Shared

Entities that we are legally required to share with pursuant to law; service providers; marketing partners; ad networks; data analytics providers; and social networks.

Sensitive Personal Information – Driver’s License Number If Paying by Check, employment related information

How We Use Sensitive Information (Business Purposes)

For fraud prevention and investigation in accordance with CPRA Section 7027; for applicant and employment tracking and reporting, payroll and benefits administration

Categories of Service Providers and Third Parties With Whom Sensitive Information Is Shared

Banking, POS system support partner, security partners and law enforcement; government agencies, payroll processors, benefits administrators

 

Sales and Sharing of Personal Information

Theisen’s does not sell your personal information for monetary payment. However, to ensure we can share our products with you and tailor our advertisements, we do allow some of our advertising partners to use cookies, pixels, and other technologies to collect personal information when you use the Services, and we also share personal information with them directly, both of which practices may constitute a “sale” of personal information under privacy laws. We also utilize marketing partners and cooperatives, which allow us to send and receive personal information to enhance our marketing efforts and permit you to receive ads for products and services that might be of interest to you from carefully screened companies, and this too may constitute a “sale” of personal information under the law.

We share your information with certain service providers and third parties for us to fulfill our obligations with you as our customer. For example, we share your information with our payment processors and shipping partners as well as our order tracking partner in order to provide you with visibility on the status of your order. In addition, we share your information with our CCTV provider and fraud prevention and detection partners in order to protect you and our employees.

Given the foregoing, we have disclosed the following information in situations that might constitute a “sale” during the past twelve (12) months: Identifiers, Internet and Network Information, Device Information, Commercial Information, and Inferences.

Theisen’s does not knowingly sell the personal information of minors under sixteen (16) years of age.

Personal Information Sales and Sharing Opt-Out

If you are 16 years of age or older, you have the right to direct us to not sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-out of personal information sales may opt-in to future sales at any time.

To exercise the right to opt-out, you (or your authorized representative) may submit a request via our webform.

Please note that opting out of cookies could impact the Services, some of which may then be inaccessible or not function properly. Information on deleting or controlling cookies can be found at https://www.aboutcookies.org/.  

You do not need to create an account with us to exercise your opt-out rights. We will use the personal information provided in an opt-out request only to review and comply with the request.

California and Virginia Residents’ Rights and Choices

The CCPA and CDPA provides California and Virginia residents with specific rights regarding their personal information, described below. Below are your rights and how to exercise those rights.

1. Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information for the time period required by law. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources of the personal information we collected about you.
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you.

 

2. Deletion Request Rights

You have the right to request that we delete some or all of the personal information that we have collected from you and retained, subject to a number of exceptions. We (and our service providers) are not required to delete personal information where it is, for example: (a) necessary to complete a transaction with you or for warranty or product recalls; (b) used for security purposes, to prevent fraud, to fix errors, or to comply with law; (c) reasonable for us to use for internal purposes given our relationship with you; or (d) compatible with the context in which you provided the information. The list of exceptions above is not exhaustive, and we may also deny a deletion request as otherwise permitted by law.

3. Correction Request Rights

You have the right to request us to correct inaccurate personal information that we maintain about you. Please note that we do not have the ability to make changes to your duluthtrading.com online account, so we cannot change that information. In order to make changes to your online account, please log in and change the data that is inaccurate. If you are having difficulty with making these changes, please contact our customer service team at 1-866-245-6850 and they can talk you through it.

4. Sensitive Personal Information

As noted in section 7027, subsection(m) under the CCPA (California), our collection and use of Sensitive Personal Information for fraud prevention qualifies as an exempt use and thus does not require us to provide an opt-out process for consumers.  Under the CDPA (Virginia) we do not process “sensitive information.”

5. Right to Appeal

Under certain state privacy laws, you have the right to appeal a refusal to take action on your request. To lodge an appeal, please use the webform to complete your request. Within 60 days of the filing of your appeal, we will provide you any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If we reject your appeal, you may contact the Attorney General using the below methods to file a complaint.

 

6. Exercising Your Rights

To exercise your rights described above, please submit a verifiable consumer request to us by:

 

Only you, or a person that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. If you are making a request on behalf of another person, we may require that you prove you are authorized to act on behalf of that individual.

You may make a verifiable consumer request for access or data portability only twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

 

We may not be able to fulfill your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. To verify your identity, we may request certain pieces of personal information about you, and we reserve the right to take additional steps as necessary to verify your identity if we have reason to believe a request is fraudulent.

We will use the personal information provided in a verifiable consumer request only to verify the requestor's identity or authority to make the request.

7. Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. If you appeal a rejected request, we will provide you with a written response within 60 days of your filing of the appeal.

Any disclosures we provide will cover only the legally mandated period preceding the date we receive your verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

8. Non-Discrimination

You have the right to not be discriminated against for exercising any of your privacy rights. Unless permitted by state privacy laws, we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services; or

Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.