SOUNDCOMMERCE PRIVACY POLICY
Effective Date: January 1, 2020
Last Updated: August 8, 2022
This Privacy Policy describes the privacy practices that SoundCommerce LLC (“SoundCommerce” or “us” or “we”) follows when collecting and using information about you from our website at https://soundcommerce.com/ (“Website”) and about you and your end users from our online application, available at https://soundcommerce.io (“Application”).
We ask that you please read this Privacy Policy before using the Website and Application (collectively, “Sites”). It describes what information we gather from you and others who visit or use the Sites, how we use that information, and what we do to protect it. When you access or use the Sites, certain information, including personally identifiable information about you and your end users, may be collected, transferred, processed, stored, and in certain circumstances, disclosed as described in this Privacy Policy. BY VISITING OR USING OUR SITES, YOU EXPRESSLY CONSENT TO THESE INFORMATION HANDLING PRACTICES AND YOU ACKNOWLEDGE AND CONFIRM THAT YOU HAVE PERMISSION TO PROVIDE US WITH YOUR END USERS’ PERSONALLY IDENTIFIABLE INFORMATION.
Capitalized terms used but not defined in this Privacy Policy have the definitions provided in the Terms of Use. Parts of the Terms of Use may affect this Privacy Policy with respect to your use of the Website, so unless you have already done so, please review the Terms of Use prior to using the Website. IF YOU DO NOT AGREE WITH THIS POLICY OR OUR TERMS OF USE, PLEASE DO NOT USE THE WEBSITE OR REGISTER FOR AN ACCOUNT ON THE APPLICATION.
Please be aware that our services and systems are housed on servers in the United States, and the information we collect (including through Cookies as described below) is processed and stored in the United States, which may not offer the same level of privacy protection as the country where you reside or are a citizen. BY USING THE SITES AND PROVIDING INFORMATION TO US, YOU CONSENT TO THE TRANSFER TO AND PROCESSING OF THE INFORMATION IN THE UNITED STATES.
TABLE OF CONTENTS
3 OUR INFORMATION SHARING PRACTICES
4 SAFETY AND INFORMATION SECURITY MEASURES
5 YOUR CHOICE AND OPTIONS RELATING TO OUR COLLECTION
6 THE GENERAL DATA PROTECTION REGULATION (“GDPR”)
7 INTERNATIONAL DATA TRANSFER AND PERSONALLY IDENTIFIABLE INFORMATION
9 ACCESSING AND UPDATING YOUR PERSONALLY IDENTIFIABLE INFORMATION
10 CALIFORNIA SHINE THE LIGHT LAW
12 CHANGES TO THIS PRIVACY POLICY
PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
15 USE OF PERSONAL INFORMATION
1. THE INFORMATION WE COLLECT.
We collect data to provide the services you request, ease your navigation on our Sites, communicate with you, and improve your experience using our Sites and services. Some of this information is provided by you directly, such as when you create an account for our Application. Some of the information is collected through your interactions with the Sites and our services. We collect such data using technologies like Cookies and other tracking technologies, error reports, and usage data collected when you interact with our Sites or services.
The data we collect depends on whether you are visiting the Website or the Application and the services and features thereof that you use, and includes the following:
1.1 Personally Identifiable Information Collected via the Application.
You will use your Google account to log into and access the Application. When you visit the Application, the personally identifiable information we collect will or may include:
-
Name and Contact Data. Your name, email address, globally unique identifier, and other profile information you provide to us through your Google account when registering for an account.
-
Usage Information. Certain usage and device information (described in Section 1.2, below), to the extent it is linked in our log files to your personally identifiable information.
-
Consumer Data. We will collect your end users’ personally identifiable information (“Consumer Data”) through the Application or as you otherwise provide it to us. We use this Consumer Data with your permission to provide our services to you. Consumer Data includes any and all end user information to which you provide us access, including but not limited to:
-
Consumer Name and Contact Data. The name, email address, postal address, phone number, globally unique identifier and other profile information that your end users provide to you when they register for an account with you.
-
Consumer Purchase Information. The purchase history associated with an end user’s email account for your products or services.
-
Consumer Location Information. The shipping and billing addresses for any of your end users who have purchased products or services from you.
Our collection of this information allows us to provide you with our services, establish, maintain and support your user account, and communicate with you in accordance with our Terms of Use.
1.2 Personally Identifiable Information Collected via the Website.
We do not collect personally identifiable information when you visit the Website.
If you apply for a job with us through the Website, you will be directed to a third party website portal to submit your application materials. Once submitted, we will have access to any personally identifiable information that you disclose in your job application and provide through the third-party portal (e.g., educational transcript, resume, curriculum vitae, or other employment information).
1.3 Usage and Device Information.
Similar to other web sites, we use tracking technologies to automatically collect certain technical information from your browser or device when you visit our Sites. This data may include, but is not limited to, your IP address, browser type and language, referring/exit pages and URLs, other browser history, platform type, number of clicks, landing pages, the pages you requested and viewed, the amount of time spent on particular pages, and the date and time of your visits. Our collection of this data, described in more detail below, allows us to provide more personalized, high-quality services to you and to track usage of the Sites.
1.4 Cookies.
We automatically derive and collect certain data based on your interactions with us on the Sites using cookies and similar technologies (collectively, “Cookies”). Our collection of data through Cookies includes information about your browser and usage patterns, which may include your IP address, browser type, browser language, referring/exit pages and URLs, pages viewed, links clicked, whether you opened an email, and information about the device you use to access the Sites. Our collection of this information allows us to improve your user experience in various ways, such as to personalize our display of the Sites to you, to “remember” whether or not you are signed in, and to provide better technical support to you.
Please note: If you restrict, disable or block any or all Cookies from your web browser or mobile or other device, the Sites may not operate properly, and you may not have access to our services or Sites. We shall not be liable for any impossibility to use the Sites or services or degraded functioning thereof, where such are caused by your settings and choices regarding Cookies.
1.5 Pixels (aka web beacons/web bugs/java script).
We may use Pixels to automatically record certain technical information about your interactions with us when you visit the Sites or otherwise engage with us, to help deliver Cookies on our Sites, or count users who have visited the Sites. We may also include web beacons in our promotional e-mail messages or newsletters to determine whether you open or act on them for statistical purposes. Pixels are tiny graphics (about the size of a period at the end of a sentence) with unique identifiers used to track certain online actions, movements and related information of Sites users. Unlike cookies, which are stored on a user’s computer hard drive, Pixels are embedded invisibly on web pages or in HTML-based emails. The data we receive through Pixels allows us to effectively promote the Sites to various populations of users, and to optimize external ads about the Sites that appear on third-party websites.
1.6 Third Party Analytics Providers.
We also collect information about Website and Application usage and users thereof using third-party analytics providers (“Analytics Providers”), for example, as described below:
-
We use Google Analytics on the Website to collect and track non-personally identifiable information about visitors of the Website. For more information regarding Google’s use of Cookies, and collection and use of information, see the Google Privacy Policy (available at https://policies.google.com/privacy?hl=en). If you would like to opt out of Google Analytics tracking, please visit the Google Analytics Opt-out Browser Add-on (available at https://tools.google.com/dlpage/gaoptout).
-
We use Lever to collect employment applications and supporting information through the Website. For more information on Lever’s privacy practices, please see their privacy policy at https://www.lever.co/privacy-notice/.
-
For the Application, we use MixPanel and Woopra to track your usage statistics, including log-in data like user names and email addresses, as well as report usage and behavior. For more information regarding MixPanel’s use of cookies, and collection and use of information, see the MixPanel Privacy Statement (https://mixpanel.com/legal/privacy-policy/). For more information on Woopra’s privacy practices, please see Woopra’s privacy policy (https://www.woopra.com/privacy).
These and other Analytics Providers use Cookies in order to collect demographic and interest-level information and usage information from users that visit the Sites, including information about the pages where users enter and exit the Sites and what pages users view on the Sites, time spent, browser, operating system, and IP address. Cookies allow Analytics Providers to recognize a user when a user visits the Sites and when the user visits other websites. Analytics Providers use the information they collect from the Sites and other websites to share with us and other website operators information about users including age range, gender, geographic regions, general interests, and details about devices used to visit websites and purchase items. We do not link information we receive from Analytics Providers with any of your personally identifiable information.
1.7 Location Information.
We do not collect precise geolocation data from you or your device, but may collect and use information about your general location (such as any state or country of residence supplied by you when setting up your user profile) or infer your approximate location based on your IP address in order to track our general Website and Application usage or to tailor any pertinent aspects of your user experience to your region.
As described in Section 1.1, to the extent that you provide us access to Consumer Data on your end users’ addresses and locations, we collect and use such Consumer Data.
2. HOW WE USE YOUR INFORMATION.
2.1 General.
We may use your personally identifiable information for the purpose of providing you with our services; communicating with you about the Sites or our services; to operate, manage, improve and conduct analyses relating to the Sites; to prevent fraud or abuse, to address technical and security issues, and to otherwise protect users; and to improve the Sites.
We may use Consumer Data to provide our services to you or to improve our Sites and services.
2.2 Account-Related Emails.
If you have provided us with your contact information, we may, subject to applicable laws, send you emails about the Sites and your account, including announcements about new services. For example, when you register, you will receive a welcome email. If our Application is temporarily unavailable, we may also send you an email notice.
Email communications you receive from us will generally provide an unsubscribe link allowing you to opt out of receiving future email or to change your contact preferences. If you have an account with us, you can also change your contact preferences by contacting us at [email protected], 888-41-SOUND, or through your account manager. Please remember that even if you opt out of receiving marketing e-mails, we may still send you important service information related to your accounts and the Services.
2.3 Non-Personally Identifiable Consumer Data.
We may use Consumer Data that has been anonymized and/or aggregated in any manner that does not identify your individual end users for the purpose of improving the operation and management of the Application and our services. Any non-personally identifiable Consumer Data that is combined with personally identifiable Consumer Data will be treated by us as personally identifiable Consumer Data.
2.4 Advertising.
We do not use Consumer Data or your personally identifiable information to display any targeted advertising on the Sites.
3. OUR INFORMATION SHARING PRACTICES.
We will not sell or rent your personally identifiable information or Consumer Data to third parties. We share your information, including any personally identifiable information, and Consumer Data in the circumstances described below.
3.1 Interest-Based Advertising.
We do not display any targeted advertising on the Sites.
3.2 Sites and Services.
We may disclose your non-personally identifiable information to an affiliated person or third-party service providers assisting us in the operation, management, improvement, research and analysis of the Sites. Affiliated persons or our third party service providers may augment, extend, and combine this non-personally identifiable information with data from additional third party sources in order to assist us with the above. Use of information by affiliated persons and third party service providers will be subject to this Privacy Policy or an agreement that is at least as restrictive as this Privacy Policy.
We may share your end users’ Consumer Data with third parties at your direction only.
3.3 Legal Requirements.
We reserve the right to disclose all information collected via the Sites, including your information and Consumer Data, internally or to third parties, for any lawful purpose or to prevent harm to us or others. For example, and without limitation, in our discretion we may disclose information to government regulators, law enforcement authorities or alleged victims of identity theft. We will notify you in the event of a government or legal request for your information or your Consumer Data.
3.4 Organizational Transitions.
If we should ever transfer or restructure the operational ownership of the Sites, such as through a merger with another entity or a reorganization of all or a part of our operational responsibilities or assets, we may disclose, transfer, assign our rights, and/or delegate our duties to your personally identifiable information and Consumer Data without notice and consent, including to prospective or actual recipient entities. Should this occur, we will require any third party receiving your personally identifiable information and Consumer Data under this subsection to be contractually required to provide the same level of privacy compliance as provided by us under this Privacy Policy.
3.5 Disclaimer.
We cannot ensure that your personally identifiable information and Consumer Data will be disclosed only as described in this Privacy Policy. For example, we may be required to disclose your personally identifiable information or Consumer Data to the government or third parties under certain circumstances, third parties may unlawfully intercept or access transmissions or private communications, or others may abuse or misuse your personally identifiable information that they collect from the Sites. Even with the most rigorous information security standards, no transmission of data over the internet can be 100% secure.
4. SAFETY AND INFORMATION SECURITY MEASURES.
4.1 Security.
We use certain physical, managerial, and technical safeguards designed to preserve the security of your information and Consumer Data that we maintain in connection with your use of the Sites and our services. For example, when you transmit your personally identifiable information or Consumer Data to us, we encrypt its transmission with transport layer security technology (TLS), secure file transfer protocol (SFTP), or similar technologies. This, however, does not guarantee that your information and Consumer Data may not be accessed, disclosed, altered, or destroyed by any breach of our physical, technical or managerial safeguards. In the event that any of your information or Consumer Data under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and will notify you, as appropriate, in accordance with pertinent laws and regulations.
4.2 Storage.
We store the personally identifiable information and Consumer Data that we collect in operating environments that are safeguarded against public access and protected from internal access with physical and technical security measures. While these measures are helpful to safeguard your personally identifiable information and Consumer Data after we receive it, no transmission of data over the internet can be guaranteed to be 100% secure.
5. YOUR CHOICE AND OPTIONS RELATING TO OUR COLLECTION.
5.1 You Can Choose Not to Provide Personally identifiable information.
You may always decline to provide your personally identifiable information and Consumer Data to us by not registering for an account and not using our Application or services. If you decide to register, you can decline to provide any optional information in your account profile. If you do not register for an account, you will not be able to access or use our Application and other services.
5.2 You May Decline Other Requests.
We use your personally identifiable information and Consumer Data for the purposes for which we collected it or where you have consented to our use of such information. If you do not wish to provide information to us or do not wish to consent to the uses described in this Privacy Policy, please do not use the Sites or register for an account.
5.3 Managing Your Information or Deleting Your Account.
You may access, update or delete your account or request the deletion of Consumer Data at any time by contacting us at [email protected] with your request.
5.4 Online Tracking Choices.
Most browsers are initially set up to accept Cookies, but you can reset your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, some features and services (particularly those that require sign-in) may not function properly if your Cookies are disabled. Similarly, if you choose to delete session objects from our Sites, you may not be able to access and use all or part of the Sites or benefit from some or all of the services offered.
Some web browsers incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want its online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about that browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operations, including SoundCommerce, do not respond to DNT signals.
5.5 Location Information.
You may be able to change the settings on your computer or mobile device to prevent it from providing us with any of your location data, such as your IP address from which we may infer your general location.
5.6 Deletion of Your Personally Identifiable Information.
You have the right to request that we delete any of your personally identifiable information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personally identifiable information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or service provider(s) to:
-
Complete the transaction for which we collected the personally identifiable information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
-
Debug products to identify and repair errors that impair existing intended functionality.
-
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
-
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
-
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
-
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
-
Comply with a legal obligation.
-
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
5.7 Deletion of Consumer Data.
If an end user requests that you delete its Consumer Data, and we have collected such end user’s Consumer Data, you may direct us to delete such Consumer Data. We may deny your end user’s deletion request if retaining the Consumer Data is necessary for us or service provider(s) to:
-
Complete the transaction for which we collected the Consumer Data.
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
-
Debug products to identify and repair errors that impair existing intended functionality.
-
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
-
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
-
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when deletion may likely render impossible or seriously impair the research’s achievement, if the end user previously provided informed consent.
-
Enable solely internal uses that are reasonably aligned with consumer expectations based on the relationship with the end user.
-
Comply with a legal obligation.
-
Make other internal and lawful uses of that information that are compatible with the context in which the end user provided it.
6. THE GENERAL DATA PROTECTION REGULATION (“GDPR”)
Residents of the European Economic Area (“EEA”) may be entitled to rights under the GDPR. These rights are summarized below. If an end user of yours requests to exercise its rights under the GDPR, we may require verification of the end user’s identity before we respond to any such requests. If the end user is entitled to these rights, the end user may exercise these rights with respect to its Consumer Data we collect and store:
-
the right to withdraw consent to data processing at any time;
-
the right of access to the end user’s Consumer Data;
-
the right to request a copy of the end user’s Consumer Data;
-
the right to correct any inaccuracies in the end user’s Consumer Data;
-
the right to erase the end user’s Consumer Data;
-
the right to data portability, meaning to request a transfer of the end user’s Consumer Data from us to any other person or entity as chosen by the end user;
-
the right to request restriction of the processing of the end user’s Consumer Data; and
-
the right to object to processing of the end user’s Consumer Data.
Your end user may exercise these rights free of charge. These rights will be exercisable subject to limitations as provided for by the GDPR. Any requests to exercise the above-listed rights may be made to: [email protected]. If your end user is an EEA resident, the end user has the right to lodge a complaint with a Data Protection Authority about how we process the end user’s Consumer Data at the following website: https://edpb.europa.eu/about-edpb/board/members_en.
7. INTERNATIONAL DATA TRANSFER AND PERSONALLY IDENTIFIABLE INFORMATION
If you provide your personally identifiable information or Consumer Data to us, we may transfer, process, use, or store this information in any country where we have operations, including countries outside of the United States and the EEA. We may transfer your personally identifiable information or Consumer Data to a country other than the country where it was collected for processing consistent with this Privacy Policy. Do not provide personally identifiable information or Consumer Data to us if you do not consent to that information being transferred outside of the United States or the EEA. Your personally identifiable information and Consumer Data may be transferred to a country where privacy laws may not be as protective as in your place of residence. If we transfer your personally identifiable information or Consumer Data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
-
European Commission Standard Contractual Clauses: We may use specific contracts approved by the European Commission which give personally identifiable information the same protection it has in the EEA.
-
Privacy Shield: Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personally identifiable information shared between the Europe and the US.
For additional information on the mechanisms used to protect your personally identifiable information and Consumer Data, please contact us via e-mail at [email protected].
8. EXTERNAL LINKS.
The Sites contain links to other web sites. However, we are not responsible for any of the content of other linked web sites. We are also not responsible for the privacy practices and the terms and conditions of use for any external web sites. The linked web sites may collect personally identifiable information from you that is not subject to our control. The data collection practices of linked sites will be governed by that web site’s privacy policy.
9. ACCESSING AND UPDATING YOUR PERSONALLY IDENTIFIABLE INFORMATION.
We do not review for accuracy or update your user information or Consumer Data regularly, but encourage you to access, review and update your personally identifiable information at any time. To request a copy of your personally identifiable information and data or for assistance regarding canceling your account, or deleting your personally identifiable information, contact us at: [email protected], 888-41-SOUND, or go to www.soundcommerce.com/request. We will respond to your request as soon as reasonably possible after verifying your authority to make such requests. Your requests for deletion of your personally identifiable information or Consumer Data are subject to Sections 2.5 and 2.6, respectively, and we will delete your personally identifiable information and Consumer Data within a reasonable time.
10. CALIFORNIA SHINE THE LIGHT LAW.
California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personally identifiable information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to [email protected].
11. CALIFORNIA MINORS.
While the Sites and services are not intended for anyone under the age of 18, if you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: [email protected]. If you receive a request from an end user who is a California resident under the age of 18 to remove the end user’s content that you provided to us, you may request that we also remove such content by contacting us at: [email protected]. When requesting removal, you must specify the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you or the end user, if applicable, cannot be identified; (4) you do not follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your information or end user information from the Sites or services does not ensure complete or comprehensive removal of that information from our systems or the systems of our service providers. We are not required to delete information posted by you; our obligations under California law are satisfied so long as we anonymize the information or render it invisible to other users and the public.
12. CHANGES TO THIS PRIVACY POLICY.
Because our privacy practices and privacy law necessarily evolve over time, we reserve the right to revise this Privacy Policy from time to time in our sole discretion, upon notice to you such as by posting updated Privacy Policy on the Sites, sending you an email to your account email, or by any other reasonable means. You should periodically review this Privacy Policy to ensure that you are familiar with the most current version. Your continued use of the Sites after the Effective Date posted above will constitute your acceptance of the updated Privacy Policy.
13. PRIVACY QUESTIONS.
If you have any questions about this Privacy Policy or other matters that relate to it, you may contact us by sending an email to [email protected], calling us at 888-41-SOUND, visiting www.soundcommerce.com/request, or reaching us at the mailing address below:
SoundCommerce
300 Lenora St #1020
Seattle, WA 98121
PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
This section supplements the information contained in this Privacy Policy, and applies solely to visitors, users, and and others who reside in the State of California (“consumers” or “you”) and your end users who reside in the state of California (“end users”). We adopt this notice in this section to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this section.
14. INFORMATION WE COLLECT
This Sites and our Services collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”) or a particular end user (“Consumer Data”). In particular, the Sites have collected the following categories of your personal information and Consumer Data in the last twelve (12) months. We obtain the categories of your personal information and Consumer Data listed below as set forth in the methods described in Section 1 above.
Collected? | |||
Category | Examples | Your Personal Information | Consumer Data |
A. Identifiers. | A real name, alias, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. If you apply for a job through our website, we may collect any contact information (e.g., name, email, address, phone number) that you provide. | YES | YES, if provided by you |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, size information that may provide us with your end users’ physical characteristics or description, address, telephone number. If you apply for a job through our website, we may collect any education or employment history that you provide. Some personal information included in this category may overlap with other categories. | YES | YES, if provided by you |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | NO | NO |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | NO | YES, if provided by you |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO | NO |
F. Internet or other similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | YES | YES |
G. Geolocation data. | Physical location or movements. | YES | YES, if provided by you |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO | NO |
I. Professional or employment-related information. | Current or past job history or performance evaluations or job applications. | YES | NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO | NO |
K. Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO | YES |
Personal information does not include:
-
Publicly available information from government records.
-
De-identified or aggregated consumer information.
-
Information excluded from the CCPA’s scope, including without limitation: health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
-
Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
-
15. USE OF PERSONAL INFORMATION
We may use or disclose your personal information or Consumer Data for one or more of the following business purposes:
-
To fulfill or meet the reason you provided the information.
-
To provide, support, personalize, and develop our Sites and services.
-
To create, maintain, customize, and secure your account with us.
-
To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
-
To personalize your experience and to deliver content and product and service offerings relevant to your interests, including offers through our Sites, third party sites, and via email (with your consent, where required by law).
-
To help maintain the safety, security, and integrity of our Sites, services, databases and other technology assets, and business.
-
For testing, research, analysis, and product development, including to develop and improve our Sites and services.
-
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
-
As described to you when collecting your personal information or Consumer Data or as otherwise set forth in the CCPA.
-
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by the Company about our users is among the assets transferred.
We will not collect additional categories of personal information or Consumer Data, or use the personal information we collected for materially different, unrelated, or incompatible purposes, without providing you notice.
16. SHARING PERSONAL INFORMATION
We may disclose your personal information or Consumer Data to a service provider for a business purpose. When we disclose personal information or Consumer Data for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information and Consumer Data confidential and not use it for any purpose except performing the contract.
We share your personal information and Consumer Data with the following categories of third parties:
-
Analytics Providers
-
Marketing providers, including customer relationship management and digital advertising tools
-
Cloud platform providers
If directed by you, we may share your end users’ Consumer Data with additional third parties at your direction only.
In the preceding twelve (12) months, we have disclosed the following categories of personal information and Consumer Data for a business purpose:
-
Identifiers
-
California Customer Records personal information categories
-
Protected classification characteristics under California or federal law
-
Commercial information
-
Internet or other similar network activity
-
Geolocation data
-
Professional or employment-related information
-
Inferences drawn from other personal information
In the preceding twelve (12) months, we have not sold personal information. Under the CCPA, the sale of personal information means “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.” (Cal. Civ. Code § 1798.140(t)(1)). In the event that we do sell any personal information, we will update this Privacy Policy to list the categories of consumers’ personal information sold, and we will address the sale of such personal information in accordance with the policies set forth below.
17. YOUR RIGHTS AND CHOICES
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
17.1 Your Right to Access Specific Information and Data Portability Right
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
-
The categories of personal information we collected about you.
-
The categories of sources for the personal information we collected about you.
-
Our business or commercial purpose for collecting or selling that personal information.
-
The categories of third parties with whom we share that personal information.
-
The specific pieces of personal information we collected about you (also called a data portability request).
-
If we disclosed your personal information for a business purpose, the business purpose for which personal information was disclosed, and the personal information categories that each category of recipient obtained.
-
If applicable, (1) the categories of personal information we have sold; (2) the categories of personal information that we sold and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each category of third parties to whom the personal information was sold.
17.2 Your Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or service provider(s) to:
-
Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
-
Debug products to identify and repair errors that impair existing intended functionality.
-
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
-
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
-
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
-
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
-
Comply with a legal obligation.
-
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
17.3 Your Right to Opt-Out
If you are 16 years of age or older, you have the right to direct us not to sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal information sales my opt-out of future sales at any time.
To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by sending us an e-mail at [email protected]. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back in to personal information sales at any time by sending us an e-mail at [email protected]. We will only use personal information provided in an opt-out request to review and comply with the request.
17.4 Exercising Your Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
-
Calling us at 888-41-SOUND
-
Visiting www.soundcommerce.com/request
-
Sending us an e-mail at [email protected]
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make such a request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
17.5 Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
-
Deny you goods or services.
-
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
-
Provide you a different level or quality of goods or services.
-
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
18. YOUR END USERS’ RIGHTS.
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your end users’ CCPA rights and explains how to exercise those rights.
18.1 Your End Users’ Right to Delete.
Your end users have the right to request that you direct us to delete any of the end user’s Consumer Data that we collected from you and retained, subject to certain exceptions. Once you direct us to delete an end user’s Consumer Data based on a verifiable consumer request, we will delete (and direct our service providers to delete) the end user’s Consumer Data from our records, unless an exception applies.
We may deny your instruction to delete an end user’s Consumer Data if retaining the Consumer Data is necessary for us or service provider(s) to:
-
Complete the transaction for which we collected the Consumer Data.
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
-
Debug products to identify and repair errors that impair existing intended functionality.
-
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
-
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
-
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when deletion may likely render impossible or seriously impair the research’s achievement, if the end user previously provided informed consent.
-
Enable solely internal uses that are reasonably aligned with consumer expectations based on the relationship with the end user.
-
Comply with a legal obligation.
-
Make other internal and lawful uses of that information that are compatible with the context in which the end user provided it.
18.2 Exercising Your End Users’ Rights
To exercise the deletion rights described above, please submit the end user’s verifiable consumer request and any other relevant end user information to us by either:
-
Calling us at 888-41-SOUND
-
Visiting www.soundcommerce.com/request
-
Sending us an e-mail at [email protected]
Only the end user, or a person registered with the California Secretary of State that the end user has authorized to act on the end user’s behalf, may make a verifiable consumer request related to the end user’s Consumer Data. An end user may also make a verifiable consumer request on behalf of a minor child.
The verifiable consumer request must provide sufficient information that allows us to reasonably verify that the end user is the person about whom we collected Consumer Data or an authorized representative, and describe the end user’s request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your direction to delete if we cannot verify the end user’s identity or authority to make the request and confirm the Consumer Data relates to the end user. Making a verifiable consumer request does not require the end user to create an account with us. We will only use Consumer Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to your direction to delete an end user’s Consumer Data within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your direction to delete an end user’s Consumer Data unless it is excessive, repetitive, or manifestly unfounded. If we determine that the direction warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your direction.
18.3 Non-Discrimination
We will not discriminate against you or your end user for exercising any of the end user’s CCPA rights. Unless permitted by the CCPA, we will not:
-
Deny you goods or services.
-
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
-
Provide you a different level or quality of goods or services.
-
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Consumer Data’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires prior opt in consent, which the end user may revoke at any time.
19. CONTACT INFORMATION
If you have any questions or comments about this notice, the ways in which we collect and use your information and Consumer Data described in this Privacy Policy, your and your end users’ choices and rights regarding such use, or wish to exercise your or your end users’ rights under California law, please do not hesitate to contact us at
Phone: 888-41-SOUND
Website: www.soundcommerce.com/request
E-mail: [email protected].
Postal Address: SoundCommerce
300 Lenora St #1020
Seattle, WA 98121