A. Scope
This privacy policy applies to all personal data collected or processed by GLOBALG.A.P. c/o FoodPLUS GmbH (hereinafter referred to as “FoodPLUS” or “we”) when using the GGN label platform under www.ggn.org (hereinafter referred to as “GGN label platform”). This website (hereinafter referred to as “Website”) is accessible by everyone (hereinafter referred to as “User”) and provides information about agricultural businesses that are certified against the GLOBALG.A.P. standards (hereinafter referred to as “Certified Company” or “Certified Companies”) and registered on the GGN label platform.
When using any of the websites operated by FoodPLUS, e.g., www.globalgap.org or www.database.globalgap.org, the Privacy Notice by FoodPLUS linked on the respective website applies.
In this privacy policy, we inform you inter alia about the type, scope, and purposes of the collection, processing, and use of your personal data when visiting or using our GGN label platform. This is performed in accordance with the provisions of the European General Data Protection Regulation (GDPR) and other applicable (federal and state) data protection legislations (hereinafter referred to jointly as “Applicable Data Protection Law”).
No automated decision-making/profiling is performed.
B. Data Controller
Responsible as the data controller for collecting and processing your data is:
FoodPLUS GmbH
Spichernstr. 55
50672 Cologne, Germany
E-mail: info@globalgap.org,
Tel: +49 (0) 221-57776-0.
C. Categories of Data
We collect and process different categories of personal data depending on how you use our GGN label platform.
When you register as a certified company with the GGN label platform we might process your username, password, first name, surname, work mobile phone, work e-mail address, work address, office phone, office fax, and company you work for. If you provide us with additional information such as photo/avatar, we will also process this information.
When you contact us through the contact form of the GGN Label platform, we will process your name, e-mail address, and message.
Please note that FoodPLUS may receive messages that require translation. In such cases, our employees use translation tools (e.g., Google translator) to process your inquiry. Thus, please ensure that you do not enter personal data into the message field of your inquiry.
When you contact us by phone, e-mail, in person, or via any other business contact channel, we will collect the information you provide us. Typical data collected is first name and surname, e-mail address, phone, and company you work for, although other types of information provided by you could be collected.
When you visit our GGN label platform as a User to inform yourself about the Certified Companies and our labels, we (or the webspace provider commissioned by FoodPLUS) collect data about every access to the GGN label platform / the Website (known as server log files). The access data include name of the webpage or webservice accessed, file, date and time of the access, data volume transferred, any data input, report of successful access, browser type including version, User’s operating system, referrer URL (the page visited previously), IP address, where relevant username and the requesting provider. This data is not merged with other data sources or other personal data about you. The IP address is stored for the duration of the session for this purpose. FoodPLUS further reserves the right to review the log data retrospectively if there are specific indications that justify a suspicion of unlawful use.
D. Purpose and Legal Basis for Processing
When you register as a Certified Company we need to process your personal data to manage and maintain the business relationship, comply with our contractual obligations (that is, to provide you with the service), and comply with our legal obligations under the law. The legal basis for processing your personal data is Art. 6 (1) (b) GDPR for the purpose of the performance of a user agreement. In case you submit additional data based on your consent, the legal basis for processing is Art. 6 (1) (a) GDPR.
When you place an inquiry with us by using the contact form or via any other of our business contact channels, we need to process your personal data to respond to your request, manage and maintain the business relationship, comply with our contractual obligations (that is, to provide you with the service), and comply with our legal obligations under the law. In this regard the legal basis for processing your personal data is Art. 6 (1) (b) GDPR. In case you submit additional data based on your consent, the legal basis for processing is Art. 6 (1) (a) GDPR.
If you visit our GGN label platform/Website as a User to inform yourself about the Certified Company, FoodPLUS uses the log data solely for statistical analyses and for the purpose of operating, securing, and optimizing the GGN label platform. The system needs to store the IP addresses temporarily to enable the GGN label platform to be delivered to you. Data is saved in server log files to safeguard the functionality of the Website. The data also helps FoodPLUS to optimize the GGN label platform and safeguard the security of the IT systems. These purposes constitute a legitimate interest of FoodPLUS in data processing. The legal basis here is Art. 6 (1) (f) GDPR. Your data for analytical purposes we only process with your consent according to Art. 6 (1) (a) GDPR. You can withdraw your consent at any time with effect for the future. For more information see below under “G. Cookies.”
To the extent we are required to process any of your personal data to comply with a legal obligation, we will process your personal data on basis of Art. 6 (1) (c) GDPR.
E. Disclosure to Third Parties and Transferring of Data to Countries outside the EEA/EU
FoodPLUS will receive access to your personal data. Only relevant individuals who are acting within their job description and have a need to know will have access to your personal data.
In certain cases, third-party providers may be given access to your personal data. We will only disclose your personal data to third parties if you have provided your consent or subject to another permitted circumstance in accordance with the Applicable Data Protection Law. These include in the first instance service providers commissioned by us who support our business operations (Art. 28 GDPR). This covers e.g., webspace or telemedia service providers for the operation and/or maintenance of the GGN label platform or the forwarding of in-voicing or tax-relevant information to service providers for the purposes of invoicing and accounting or controlling. In these cases, however, the scope of the transferred data will extend only to the minimum required to achieve the purposes pursued via the data processing.
We will not share your personal data with local authorities or courts except where we are required to do so by applicable law, a court order, or a legally binding injunction. If we are legally obliged to disclose specific personal data on the basis of a judicial decision or following a request for information from law-enforcement or supervisory authorities or authorized third parties in conjunction with investigatory proceedings or the suspicion of a criminal act, an unlawful act or other acts that may give rise to legal liability for you or us, we will disclose the data required for the investigation, such as name, address, e-mail address, or other relevant information (Art. 6 (1) (c) GDPR). Similarly, we reserve the right to process and use Users’ personal data to enforce or defend against claims (Art. 6 (1) (f) GDPR).
Personal data may be transferred in this way to third parties that are domiciled in non-EEA or non-EU countries and where the EU Commission has not established a level of data protection comparable to the EU (e.g., USA). In this case, prior to transferring we ensure in compliance with the requirements of Art. 44 et seq. GDPR that an adequate level of data protection is in place at the recipient, in particular by conducting so-called transfer impact assessments, obtaining your consent in advance or through specific guarantees , in particular the self-certification of a recipient in the US in accordance with the principles of the EU-US Privacy Framework or as well as concluding the so-called EU standard contractual clauses. A copy of suitable guarantees can be obtained on request via the email address set out at the end of this privacy policy. Basic information about the participants of the EU-US Privacy Framework can further be found here. Basic information about the EU standard contractual clauses can be found here, and information about the adequacy decisions here.
Furthermore, even when we have concluded standard contractual clauses, we seek to establish further measures that provide an equal level of data protection compared to the applicable standards in the EU when personal data is forwarded to third countries (e.g., the USA, South Africa). Such further measures shall be established to accommodate CJEU decision C-311/18 (Schrems II). For further information on this topic please contact our Data Protection Officer via the email address set out at the top of this privacy policy.
Additional information relevant to the GGN label platform Certified Companies: your personal data is available through the GGN label platform to your company colleagues registered on the GGN label platform. Your personal data is NOT available to other registered and Certified Companies.
F. Retention Periods for Personal Data
We will deactivate or cancel the registered Certified Company data as soon as appropriate to avoid unauthorized access to information. It is then no longer visible in the GGN Label Platform and you will not receive any new communications. We will delete personal data of those registered Certified Companies after the end of statutory retention obligations if and where applicable.
In consideration of the applicable provisions under Applicable Data Protection Law, we will delete the stored personal data about you without any action on your part if there is no longer a need for the information to be known to perform the purpose associated with the storage or if the storage of the data is not permitted for other legal reasons. In some cases, provided for by law (e.g., statutory retention obligations), your personal data may be blocked instead of deleted.
G. Cookies
We store cookies on our Users’ hard drives unless they actively block them. Cookies are small text files that permit specific information relating to the device to be stored on the User’s accessing device (PC, smartphone, etc.). Some enhance the friendliness of websites and thus aid the User (e.g., by storing login data), some enable the recording of statistical data about website use and the analysis to improve websites or the placement of targeted ads. You can influence how cookies are used. Most browsers have an option that limits or completely prohibits the storage of cookies. However, it should be noted that usage, and in particular user comfort, may be restricted without cookies. For further information about the use of cookies and how you can deactivate them, see www.youronlinechoices.com.
The processing of personal data collected using cookies for analytical and marketing purposes is only done, and cookies are only dropped subject to your prior consent. Thus, the legal basis for this processing is Art. 6 (1) a) GDPR). You can withdraw your consent at any time with effect for the future. The legal basis for setting cookies for the technical operation of our Website is Art. 6 (1) (f) GDPR.
Further information on which third-party-providers we use in this regard can be found in the following.
I. YouTube Videos
Videos are shown on the GGN label platform via the provider YouTube. These are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter referred to as “YouTube”). If a webpage containing such a button (identifiable by the YouTube icon in the lower right of the video preview) is accessed and you activate the corresponding content, your browser creates a direct connection with the YouTube servers. YouTube transmits the content of the YouTube button directly via your browser and is integrated into the respective webpage. We have no further influence over the data that YouTube collects via the button. Even though we have turned on the privacy-enhanced mode provided by YouTube to further protect your privacy, it is likely that your IP address is recorded and cookies are set, among other things. Correspondingly, we only process these personal data with your consent (Art. 6 (1) GDPR).
If you are logged on to YouTube as a member, YouTube may allocate information about the webpages accessed and YouTube content to your user account. This may also be the case if you log on to YouTube as a member at another point in time. Further information about the scope and purpose of the data collection and the further use and processing of the data by YouTube as well as your associated rights and configuration options to protect your privacy can be found in the YouTube privacy policy: https://policies.google.com/privacy?hl=en
II. Google Maps
The GGN label platform uses Google Maps API applications. This enables us to display interactive maps directly on the GGN label platform and enables you to conveniently use the map function. We use Google Maps to allow Certified Companies to search their location, address and geo-position, translate geo-positions into addresses and addresses into geo-positions. You can view Google’s terms of use here: https://policies.google.com/terms?hl=en. You can find Google’s privacy policy here: https://policies.google.com/privacy?hl=en.
III. Google Translation API
The GGN label platform uses Google translate API to allow register Users to automatically translate free texts inputted by other Users into their language. The free-text fields can be sent to Google for translation if required by another registered Certified Company. Please ensure that you do not enter personal information into the GGN label platform free-text fields. You can view Google’s terms of use here: https://policies.google.com/terms?hl=en. You can find Google’s privacy policy here: https://policies.google.com/privacy?hl=en.
IV. Piwik PRO
The GGN label platform uses the web analysis service Piwik PRO from the provider Piwik PRO GmbH (hereinafter referred to as “Piwik PRO”) for the statistical analysis of user access. Piwik PRO may use cookies, tags, IP addresses, and what is known as fingerprinting to enable an analysis of Users’ Website use. This may include the collection or processing of the following data: IP address (anonymized), user ID, date and time of the request, title or URL of the page visited, URL of the page visited previously, screen resolution, time zone, files clicked on and downloaded, links clicked to external websites, display speed of the pages, User’s geo-data (country, region, city, approximate longitude and latitude), browser language, user agent of the browser used, randomly assigned one-off user ID, time of a User’s first visit, time of a User’s previous visit, number of a User’s visits.
This processing is done only subject to your prior consent. Thus, the legal basis for this processing is (Art. 6 (1) a) GDPR). The information generated by the cookies about the use of the GGN label platform is stored on the servers of Piwik PRO or service providers commissioned by them in Europe. The IP address is anonymized immediately after processing and before saving. The information generated by Piwik PRO is not used to identify the User of the GGN label platform personally and is not merged with other personal data of the User.
You can also prevent the installation of the cookies by making a corresponding setting in your browser software. However, FoodPLUS refers Users to the fact that in this case they may not be able to use the full functionality of this Website. For further information about this topic, see https://piwikpro.de/datenschutz/.
Google Ads
We use Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). We can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks. For these purposes of (re-)marketing and targeting, cookies and other technologies are stored on you device.
This processing is only done, and cookies are only dropped subject to your prior consent. Thus, the legal basis for this processing is Art. 6 (1) a) GDPR). You may withdraw your consent at any time with the effect for the future.
You can also prevent the use of the cookies through a corresponding setting in your browser software – the suppression of third-party cookies means that you will not receive any ads from third-party providers.
It is possible that respective data is transferred to the US. This transfer is based on Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/. Furthermore, Google is certified in accordance with the “EU-US Data Privacy Framework”. This is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please see https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
V. Profiles on Social Media Networks
We maintain publicly accessible profiles on various social networks. The individual social networks we use are listed below. You can access our social media profiles from our website by clicking on the relevant network button. These are no social plug-ins, but simple links to our FoodPLUS/GLOBALG.A.P. accounts registered on the respective network. Our social media profiles are intended to present our company and our activities as widely as possible. This is a legitimate interest within the meaning of Art. 6 (1) f) GDPR. The analysis initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks.
The social networks can generally analyze your user behavior when you visit their website and visiting our social media profiles triggers various data processing operations. If you are logged into your social media account and visit our social media profiles, the operator of the social media network can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media platform. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by collecting your IP address. With the help of the data collected in this way, the operators of the social media websites can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you both within and outside the respective social media platform. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.
Please also note, that we cannot understand all processing operations on the social media networks. Depending on the provider, further processing operations may therefore be carried out. For details, please refer to the terms of use and data protection policies of the respective social media platforms. Facebook:We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries. You can adjust your advertising settings yourself in your user account on Facebook. Further details can be found in Meta's privacy policy: https://www.facebook.com/about/privacy/. Instagram: We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, Ireland. According to Instagram, the data collected is also transferred to the USA and other third countries. You can adjust your advertising settings yourself in your user account on Instagram. Further details can be found in Meta's privacy policy: https://privacycenter.instagram.com/policy. LinkedIn: We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
VI. Rights of data subjects
You have the following rights:
the right to request confirmation of whether personal data relating to you is being processed and details of this data and any additional information and a copy of the data (Art. 15 GDPR);
the right to request the completion of incomplete personal data or the rectification of incorrect personal data (Art. 16 GDPR);
under Art. 17 GDPR, the right to request that personal data be deleted immediately, or, if need be under Art. 18 GDPR, that the data processing be restricted (if this data is subject to statutory retention periods, we will block it for the duration of the retention period);
the right to receive, or have transmitted to a third party, the relevant personal data that you have provided to us and that we process in an automated manner on the basis of your consent or in the performance of a contract. The data will be provided in a machine-readable format. If you request the direct transfer of the data to a different controller, this will only be done if it is technically feasible (Art. 20 GDPR).
the right to object at any time to the processing of personal data processed by us on the basis of a legitimate interest of ours (Art. 6 (1) f) DGSVO), pursuant to Art. 21 GDPR; and
the right to withdraw any consents granted pursuant to Art. 7 (3) GDPR with future effect. This will not affect the lawfulness of any processing performed on the basis of such consent up to the withdrawal.
We will notify any recipients to whom we have disclosed your personal data about any correction or erasure of the personal data or restriction of the processing, unless this turns out to be impossible or would involve disproportionate effort.
You can assert the above rights against us, e.g., by notifying us by post via the contact details described above or e-mail to dataprivacy@globalgap.org.
That notwithstanding, you have the right to submit a complaint to the competent supervisory authority (Art. 77 GDPR).
UNITED STATES SUPPLEMENT
California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia provide (now or in the future) their state residents with rights to:
Right to Know. Confirm whether we process their personal information.
Right to Access and Delete. Access and delete certain personal information.
Right to Correct. Correct inaccuracies in their personal information, taking into account the information's nature processing purpose (excluding Iowa and Utah).
Right to Deletion. Request the deletion of your personal information that has been collected, subject to certain exceptions.
Right to Data Portability.Obtain your personal information in a portable, and to the extent technically feasible, easily usable format that can be transmitted to another entity.
Right to Opt-Out. Opt-out of personal data processing for:
targeted advertising (excluding Iowa);
sales; or
profiling in furtherance of decisions that produce legal or similarly significant effects (excluding Iowa and Utah).
Either limit (opt-out of) or require consent to process sensitive personal data.
The exact scope of these rights may vary by state. To exercise any of these rights please reach out to the Data Controller at dataprivacy@globalgap.org or by calling toll-free at +1 833 879 8855.
The California-specific supplement is below in this Policy.
CALIFORNIA Additional California privacy terms and rights
The state of California enacted the California Consumer Privacy Act in 2018 and amended it in 2020 under the California Privacy Rights Act (hereinafter referred to collectively as “CCPA”). Together, the acts afford certain rights to California residents (hereinafter referred to as “Consumers”). This section specifically addresses the rights of California residents under the CCPA.
A. Collection categories
As explained above in this privacy policy, we collect a variety of categories of information, including sensitive personal information, in connection with providing the services. In this section, we explain these categories again specifically in the context of the CCPA. In providing the services on the Website, we collect the following categories of personal information: the person’s name, postal/​mailing address, IP address, unique personal identifier or online identifier, email address or telephone number, and other Registration Data.
B. Information sources
As explained above, we collect personal information from consumers themselves directly via our Website, through interactions with our company’s personnel, and through social media, and, in some cases, from service providers.
C. Personal information use and sharing for business purposes
As explained in greater detail above, we use the personal information that is collected for a wide variety of business purposes:
To fulfill any contractual obligations with you related to the Website
To facilitate the establishment and use of accounts created on the Website
To verify your identity and manage access to your accounts on the Website
To facilitate your participation in our online forums
For analytics purposes and to operate, maintain, and improve the Website
To market the Websites and gather additional information regarding the Websites
To create new products and services on the Website
To protect against, investigate, and deter fraudulent, unauthorized, and/or illegal activity on or relating to the Website
When necessary, to meet legal requirements, such as legally mandated reporting, subpoenas, court orders, or other legal process requirements
We only disclose and share your personal information for business purposes with the following categories of third parties:
Service providers, as explained above, and with our affiliated company GLOBALG.A.P. North America Inc.
D. Sale of personal information
We do not engage in any sale of a consumer’s personal information as that term is defined under the CCPA.
E. Sharing of personal information
The CCPA defines “sharing” as “renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means” personal information. We share your personal information, as described above, with the companies that provide cookies and similar technologies used on our Website. Those companies have access to and might use the personal information gathered through these technologies, which might include an individual consumer’s IP address. Such uses might include targeted advertising information based on individual internet activity and interests. It is possible that some of the businesses providing marketing services to us might share personal information with their business partners. In addition, some companies that provide services to us might need to access and use customer information as part of providing services to us, and these same companies might use this information for the development of their own business capabilities, not solely for the provision of services to us.
To notify us of your desire to restrict the use of your personal information by third parties, contact us and submit your request by emailing us at dataprivacy@globagap.org: DO NOT SHARE MY PERSONAL INFORMATION
If you have any questions about submitting your request, please contact us and submit your request by emailing us at dataprivacy@globagap.org or calling toll-free at +1 833 879 8855.
F. Your California rights and choices
The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
i. Access to specific information.
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see the section “Exercising consumer rights” below), we will disclose to you:
The categories of personal information we collected about you
The categories of sources for the personal information we collected about you
Our business or commercial purpose for collecting or selling that personal information
The categories of third parties with whom we share that personal information
The specific pieces of personal information we collected about you
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
Sales, identifying the personal information categories that each category of recipient purchased
Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained
Under the CCPA, you may also request that we disclose certain information to you about our collection and use of your personal information beyond the past 12 months. We, however, may decline to provide that information to you if doing so would require a disproportionate effort on our part.
ii. Deletion and correction request rights
You have the right to request that we delete or correct any of your personal information that we collected from you, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see the section “Exercising consumer rights” below), we will delete (and direct our service providers to delete) or correct your personal information from our records, unless an exception applies.
In the absence of a verifiable consumer request from you, we will retain your personal information as described above, before automatically deleting (and directing our service providers to delete) it.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
Complete the transaction for which we collected the personal information, provide goods or services that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities
Debug products to identify and repair errors that impair existing intended functionality
Exercise free speech, ensure the right of another consumer to exercise their right to free speech, or exercise another right provided for by law
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.)
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us
Comply with a legal obligation
Make other internal and lawful uses of that information that are compatible with the context in which you provided it
iii. The right to opt out – the right to opt out of sharing of personal information
You have the right to opt out of the sharing of your information with a third party, i.e., to prevent a transfer of information to a third party that is not restricted in certain ways from making use of the information. As we explained above, some of the companies that provide cookies and similar technologies might use personal information for targeted advertising information based on individual internet activity and interests, potentially including the sharing of information with others. You can exercise your right to opt out of the sharing of your information by emailing us at dataprivacy@globagap.org: DO NOT SHARE MY PERSONAL INFORMATION
iv. Exercising consumer rights
To exercise the rights described above, please submit a verifiable consumer request to us by one of the following methods:
• Emailing us at dataprivacy@globalgap.org
• Calling us toll-free at +1 833 879 8855
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may make a verifiable consumer request for access or data portability no more than twice within a 12-month period.
To verify the identity of an individual making a request, a two-step process will need to be completed.
A verifiable consumer request must do the following:
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it
Separately provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
iv. Response timing and format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Unless otherwise requested, any disclosures we provide will cover no more than the 12-month period preceding receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, where applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless the request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
G. Nondiscrimination
We will not discriminate against you for exercising your CCPA rights. Unless permitted by the CCPA, we will not:
Deny you goods or services
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
Provide you with a different level of quality of goods or services
Suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. However, we do not currently provide any financial incentives.
H. “Shine the Light” disclosure
We have not shared any personal information with other companies for their direct marketing use within the immediately preceding calendar year. Accordingly, California’s “Shine the Light” law, Cal. Civil Code § 1798.83 to § 1798.84, does not apply to us, and we have not established any mechanism for you to request information on our sharing of information for third parties’ marketing purposes.
Updates to the Privacy Policy
In the course of the ongoing development of our Website, we will also continually modify our privacy policy. Your continued use of the Website following the posting of revised terms of use means that you accept and agree to the changes. Any changes will be communicated on this page in good time. For that reason, our users should regularly view this page to find out about the current status of the privacy policy.