Privacy Policy

CUSTOMER WEBSITE PRIVACY NOTICE


This version was last updated in April 2023.


Welcome to adm’s Website Privacy Notice.


If you are an EU citizen and/or resident, the Personal Data provided will be processed in accordance with applicable data protection and privacy laws and regulations, including the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 (“GDPR”) and implementing local laws, as well as the UK GDPR.


If you are based in Singapore, please also read the Singapore addendum that starts on page 11 below. The addendum is to be read together with this Privacy Notice. If there is any conflict between the addendum and the Privacy Notice, the addendum shall apply.


If you are based in the USA, please also read the USA addendum that starts on page 12 below. The addendum is to be read together with this Privacy Notice. If there is any conflict between the addendum and the Privacy Notice, the addendum shall apply.


adm respects your privacy and is committed to protecting your Personal Data (as defined hereafter). This Privacy Notice aims to give you information on how adm collects and processes Personal Data of users of this Website, regardless of where you visit it from (hereinafter “User”, “you” or “your”), including any Personal Data you may provide through this Website, when you purchase a product or service, when we receive your registration data to create an account and/or when you use adm’s proprietary software (adm EXCHANGE). This Privacy Notice will also inform you about your rights in relation to your Personal Data.


The use of this Website is subject to our “Terms of Use”. More information on the use of cookies and similar technologies used on this Website can be found in our “Cookie Notice”.


Please read these documents together with this Privacy Notice, as well as with any other privacy notices or fair processing policy we may provide on specific occasions when we are collecting or processing Personal Data about you. This Privacy Notice supplements other notices and privacy policies and is not intended to override them.


Please also use the Glossary at the end of the Privacy Notice to understand the meaning of some of the terms used in this Privacy Notice.


This Website is not intended for children and we do not knowingly collect Personal Data relating to children.


  1. Who is responsible for the processing of your Personal Data?

    adm Promotions USA, Inc. is the controller unless otherwise indicated and is responsible for this Website (hereinafter “adm”, “we”, “us” or “our”).

    • Full name of legal entity: ADM Promotions USA, Inc

    • Registered address: Suite 203, 78 Southfield Avenue, Stamford, CT 06902-7223, United States of America

    • Company number: 4729331 The Personal Data we collect about you.


    We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:

    1. Identity Data, including first name, last name, username, or similar identifier and/or title, Employing Company and job title.

    2. Contact Data, including billing address, delivery address, email address and telephone number.

    3. Transaction Data, including payment data, details of products and services you have purchased from us.

    4. Technical Data, including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other information on the technology on the devices you use to access this Website.

    5. Profile Data, including your username and password, purchases or orders made by you, your preferences, feedback and survey responses.

    6. Usage Data, including information about how you use our Website, products and services, any information disclosed to us when you contact us with a requests or complaint.

    7. Marketing and Communications Data, including your preferences in receiving marketing from us and our third parties and your communication preferences.


    We do not collect any special categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.


    Where required under applicable law, we will obtain your consent to the collection, use and/or disclosure of your Personal Data.


    The Personal Data that we specifically collect from you depends on the applicable purposes as described below.


    If you fail to provide Personal Data

    If we obtain Personal Data directly from you, you are in principle free to decide whether or not to provide adm with the Personal Data, except in the event of a legal obligation. Where we collect Personal Data to comply with a legal obligation, or under the terms of a contract we have with you or your Employing Company, and you do not wish to provide that Personal Data when requested, it is possible that you will not be able to use the Website, products or services that adm offers, that your questions cannot be answered and/or that you and/or your Employing Company will not be able to conclude an agreement with adm.


  2. How is your Personal Data collected?

    We use different methods to collect Personal Data from and about you including through:

    • Direct interactions. You may give us your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email, through the Website, adm EXCHANGE or otherwise. This includes Personal Data you provide when you: correspond with us about our products or services; request marketing to be sent to you; enter a competition, promotion, or survey; or give us feedback or contact us.

    Automated technologies or interactions. As you interact with our Website, we may collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, server logs and other similar technologies. Please see our Cookie Notice for further details.

    • Indirect collection. Contract, Financial and Transactional Data from providers of technical, payment and delivery services.

    • Identity and Contact Data from publicly available sources such as Companies House, and the Electoral Register based inside the EU.


  3. Purposes for which we may use your Personal Data

    We have set out below, in a table format, a description of the ways we plan to use your Personal Data, and which legal basis under the (UK) GDPR and other applicable data protection legislation is relied on to process the Personal Data. We have also identified what our legitimate interests are where appropriate. Where required under applicable law, we will obtain your consent for the collection, use and/or disclosure of your Personal Data for the purposes described in this section.

    Purpose/Activity Type of Personal Data Legal Basis for processing
    To register you as a new customer (a) Identity (b) Contact Performance of a contract with you
    To register you as an authorised user of your Employing Company’s account. (a) Identity (b) Contact Processing necessary for our legitimate interest to perform the contract with your Employing Company
    To process and deliver an order including: (a) Manage payments, fees and charges, (b) Provide customer support, (c) Collect and recover money owed to us. (a) Identity (b) Contact (c) Transaction (d) Marketing and Communications Certain processing may be necessary for a legal obligation incumbent on adm.

    If no such legal obligation applies, the processing will be necessary for
    - performance of a contract with you if we have a relevant contract with you; or
    - our legitimate interest to perform the contract with your Employing Company

    Other processing may be necessary for our legitimate interest to recover debts due to us.
    To communicate with you, including regarding: (a) your queries and/or complaints about our Website and products or services, (b) important information about your account and your products, e.g. to inform you that your payment has been accepted or your order has been processed. (a) Identity (b) Contact (c) Transaction (d) Marketing and Communications Certain processing may be necessary to comply with a legal obligation.

    If no such legal obligation applies, the processing will be necessary for our legitimate interests (process Personal Data of individuals in the context of sales or to answer questions or requests and to improve and promote out services this way).
    To manage our relationship with you/your Employing Company which will include: (a) Notifying you about changes to our terms or Privacy Notice (b) Asking you to leave a review or take a survey. (a) Identity (b) Contact (c) Profile (d) Marketing and Communications Certain processing may be necessary to comply with a legal obligation.

    If no such legal obligation applies,
    - if adm has a relevant contract with you, the processing will be necessary for the performance of a contract with you
    - if not, the processing will be necessary for our legitimate interest to perform the contract with your Employing Company

    Other processing may be necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services).
    To enable you to partake in a prize draw, competition or complete a survey. (a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications If adm has a relevant contract with you, the processing will be necessary for the performance of a contract with you. If not, the processing will be necessary for our legitimate interest to perform the contract with your Employing Company.

    In other cases, the processing will be necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business).
    To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). (a) Identity (b) Contact (c) Technical Certain processing may be necessary to comply with a legal obligation.

    If no such legal obligation applies, the processing will be necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).
    To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you. (a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical Where we are required by law to obtain your consent before processing such information, we will rely upon your consent as our basis for processing.

    In other cases, the processing will be necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy).
    To use data analytics to improve our Website, products/services, marketing, customer relationships and experiences. (a) Technical (b) Usage Where we are required by law to obtain your consent before processing such information, we will rely upon your consent as our basis for processing.

    In other cases, the processing will be necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy).
    To make suggestions and recommendations to you about goods or services that may be of interest to you, by email or mail. (a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications Where we are required by law to obtain your consent before processing such information, we will rely upon your consent as our basis for processing (e.g. share your Personal Data with a third party for marketing purposes).

    In other cases, the processing will be necessary for our legitimate interests (to develop our products/services and grow our business).
    For management of disputes and possible legal proceedings, in order to comply with legal obligations or court orders. (a) Identity (b) Contact (c) Transaction (d) Technical (e) Profile (f) Usage (g) Marketing and Communications Certain processing may be necessary to comply with a legal obligation (complying with binding court orders).

    If no such legal obligation applies, the processing will be necessary for our legitimate interests (defending our rights in and out of court and to collect Personal Data for use in resolving any disputes).
    As part of a corporate transaction, to evaluate or carry out an acquisition, merger, demerger, restructuring, dissolution or other sale or transfer of some or all of our assets, whether by way of transfer of all or part of the business, or as part of a bankruptcy, liquidation or similar proceeding, in which Personal Data in our possession forms part of the transferred assets. (a) Identity (b) Contact (c) Transaction (d) Technical (e) Profile (f) Usage (g) Marketing and Communications Necessary for our legitimate interests (carrying out the said business transactions in order to implement our business strategies or grow our business)

    In addition, if we use your information for purposes other than those mentioned above we will notify you of these purposes before using your information and obtain your consent (where necessary).

    Change of purpose

    We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.


  4. Disclosures of your Personal Data

    We require all third parties to respect the security measures applicable to your Personal Data and to treat it in accordance with the law.

    In view of achieving one or several of the above-mentioned purposes, we share your Personal Data within the adm Group (on which you can find more information here www.admgroup.com. In addition, we can transmit your personal data to third parties who reasonably need access to those data. It concerns third parties, such as:

    • external service providers that adm relies on in the framework of granting access to you to the Website and allow you to use the Website, products and/or services: IT service providers, marketing agencies, subcontractors;

    • potential or future buyers of adm;

    • law enforcement and public authorities, in accordance with the applicable legislation;

    • external professional advisors (e.g. auditors, lawyers or consultants of adm).


  5. International transfers

    Please note that some parties who receive your personal data may be located in a country outside the European Economic Area (EEA) and/or the United Kingdom (UK) and/or the place from which you are accessing our Website or using the products or services, of which the legislation does not offer the same degree of data protection. We will take steps to ensure that your personal data is only transferred to parties that apply an appropriate level of data protection (e.g. where the European Commission has issued an adequacy decision or by including the so-called EU standard contractual clauses in the agreement with the recipient and subject to an appropriate data transfer impact assessment). You can contact us to receive a copy of the appropriate safeguards that apply to the transfer of your personal data using the contact details in Section 11 (Contact details).


  6. Data Security

    We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.


  7. Data retention: How long will you use my Personal Data for?

    We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

    To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements and the relevant statutory limitation or retention terms.

    We will only retain your Personal Data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements. Details of retention periods for different aspects of your Personal Data are available in our Data Retention Policy which is available here.

    In some circumstances you can ask us to delete your Personal Data: see Section 9 (Your rights under the GDPR) below for further information.

    In some circumstances we will anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes.


  8. Your rights under the (UK) GDPR

    Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. If the (UK) GDPR applies to the processing of your personal data and the relevant conditions of the (UK) GDPR are met, you have the right to:

    • Request that we provide you with a copy of your Personal Data that we hold, to access those Personal Data and to be informed of, inter alia, (a) the source of your Personal Data (where we have not received the Personal Data directly from you); (b) the purposes, legal basis and methods of processing; (c) the controller's identity; and (d) the entities or categories of entities to whom your Personal Data may be disclosed or transferred;

    • Request that your Personal Data be rectified or deleted. adm will seek to verify the accuracy of the Personal Data before rectifying it. The right to delete your Personal Data can only be exercised in limited circumstances e.g. where it is no longer needed for the purposes for which it was collected; where you have withdrawn your consent (if this was the legal basis). adm is however not required to comply with your request to delete your Personal Data where your Personal Data needs to be processed, for example, for compliance with our legal obligations or for the establishment, exercise or defence of legal claims;

    • Restrict the processing of your Personal Data. This applies where (i) the accuracy of the Personal Data is contested, in which case, we will process it to allow us to verify its accuracy; (ii) where the processing is unlawful, but you do not want it erased; (iii) where it is no longer needed for the purposes for which it was collected, but you still need it to establish, exercise or defend legal claims; or (iv) you have exercised the right to object, and verification of overriding grounds is pending;

    • Object to the processing of your Personal Data. This applies to Personal Data which we process based on our legitimate interest, and you believe your fundamental rights and freedoms outweigh our legitimate interests;

    • Request portability of any Personal Data that has been transmitted by you to adm in a machine-readable format or to have it transferred directly to another controller, but in each case, only where: the processing is based on your consent or on the performance of a contract with you; and the processing is carried out by automated means;

    • Obtain a copy of, or reference to, the safeguards under which your Personal Data is transferred outside the European Economic Area and/or the UK. We may redact data transfer agreements to protect commercial terms;

    • Withdraw your consent, and therefore prevent that processing, at any time, where the legal basis of processing is your consent;

    If you have questions about your data protection rights, or if you would like to exercise one or more of your rights as a data subject, please contact us through the Website’s ‘Contact us’ function or submit your request by email to global.legal@admgroup.com.

    Furthermore, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). You have also the right to lodge a complaint with your local data protection supervisory authority (i.e. your place of habitual residence, place or work or place of alleged infringement) at any time.


    Marketing communications

    We will obtain your consent to the sending of marketing communications where required to do so under applicable law. You can ask us or third parties to stop sending you marketing messages at any time by checking or unchecking relevant boxes to adjust your marketing preferences, by following the opt-out links on any marketing message sent to you or by contacting us at any time.

    Where you withdraw your consent or opt out of receiving these marketing messages, this will not apply to Personal Data provided to us because of a product/service purchase, warranty registration, product/service experience or other transactions.


    Cost of a request

    In principle, no fee is required. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights under the (UK) GDPR). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or if we are permitted to do so under applicable law. Alternatively, we could refuse to comply with your request in these circumstances.


    What we may need from you

    Especially if you do not submit your request through the Website’s ‘Contact us’ function (as a logged-in user), we may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights under the (UK) GDPR). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.


  9. Third-party links

    This Website may include links to third-party websites and applications. This Privacy Notice only applies to Personal Data processed by adm. When you click on links on this Website, we strongly advise to read the privacy statements on the relevant websites first, before sharing any Personal Data.


  10. Contact details

    Our legal department is responsible for overseeing questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice, including any requests to exercise your rights under the (UK) GDPR, please contact us using the details set out below.

    If you have any questions about this Privacy Notice or our privacy practices, please contact us in one the following ways:

    • Email address: global.legal@admgroup.com

    • Postal address: 8th Floor, 20 Farringdon Street, London EC4A 4AB


  11. Changes to the Privacy Notice and your duty to inform us of changes

    We keep our Privacy Notice under regular review. The modified Privacy Notice shall enter into force as of the date on top of this page. Where required under applicable law, we will obtain your consent to changes to the Privacy Notice.

    It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.


  12. Glossary

    Employing Company means any company that you are engaged or employed by, and with which adm is in contract with, for the provision of products and/or services.


    Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified.


    Addendum for individuals based in Singapore


    1. DATA SUBJECT RIGHTS

      If the relevant conditions of the Personal Data Protection Act 2012 are met, you may have the right to:

      • Request access to the Personal Data we process about you, obtain a copy of such Personal Data, and be informed of how we have used or disclosed your Personal Data in the 12 months prior to your request.

      • Request that your Personal Data be rectified. If your Personal Data is incorrect, you may request that your data be corrected by adm free of charge.

      • Withdraw your consent. Where we have obtained your consent, you have the right to withdraw your consent at any time. However, depending on the nature of the consent that is withdrawn, you may not be able to use the Website, products or services that adm offers. Any withdrawal of your consent will not affect the processing of Personal Data which occurred before you withdrew your consent.

      • Complain to the competent authority. You have the right to file a complaint with the competent data protection authority (https://www.pdpc.gov.sg/).

      To exercise the above rights with regard to the processing activities for which we are the controller, please contact us by e-mail or regular mail (see Section 11 for our contact details). Your request should be accompanied by your full contact details and a means of verifying your identity (e.g. a copy of the front of your ID card or driving licence). We may request further information as necessary in order to verify your identity or for security purposes. Where permitted to do so under applicable law, we may charge a reasonable fee for processing your request. We may also reject your requests where permitted to do so by law.


    Addendum for Individuals based in the United States of America


    1. THIRD-PARTY AD SERVING & AUDIENCE AND TRAFFIC MEASUREMENT SERVICES

      The Website may use third-party network advertisers to serve advertisements you may see based on your visit. Network advertisers are third parties that display advertisements based on your visits to the Website and other websites you have visited. Third-party ad serving enables advertisements to be served to you for products or websites you might be interested in. In addition, we may share this information with brand partner to allow them and their network advertisers to serve ads based on your interests to you.

      The Website is in compliance with the Ad Choices Self-Regulatory Program for Online Behavioral Advertising. The goal of Ad Choices is to provide you with information about how online advertising works and the choices you have.

      You may visit the http://www.aboutads.info/choices page to learn more about online behavioral advertising and to see your opt-out choices from companies that are participants in the Self-Regulatory Program for Online Behavioral Advertising.

      Please note that if you choose to opt out, you will still see ads, but these ads will not be customized based on your interests generated from your visits over time and across different websites. In addition, the preferences you select on the http://www.aboutads.info/choices page may not apply to mobile devices. Due to the differences between using apps and websites on mobile devices, opt-outs will need to be set for both browsers and apps.

    2. DO-NOT-TRACK

      Some browsers have incorporated a Do-Not-Track (DNT) feature. These features, when turned on, send a signal that you prefer that the website you are visiting not collect and use data regarding your online searching and browsing activities. As there is not yet a common understanding on how to interpret the DNT signal, we currently do not respond to DNT signals on the Website.

    3. SOCIAL MEDIA FEATURES

      The Website may include social media features, including the Facebook “Like” button. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing it.


    4. CALIFORNIA CONSUMER PRIVACY ACT DISCLOSURE

      This California Consumer Privacy Act Disclosure describes how adm Promotions USA, Inc. and its affiliated entities collect, use and disclose personal information relating to California residents (consumers) covered by the California Consumer Privacy Act of 2018 (“CCPA”).


      Introduction

      Under the CCPA, “Personal Information” is information that identifies, relates to, or could reasonably be linked directly or indirectly with a particular California resident. The specific Personal Information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual. For more information about how we collect, disclose, and secure information relating to these customers, please refer to our general Privacy Policy above. Terms that are used, but not defined, in this CCPA Disclosure are defined in the CCPA.


      Collection and Disclosure of Personal Information

      In the past 12 months, we have collected, and disclosed to third parties for our business purposes, the following categories of Personal Information relating to California residents covered by this disclosure:

      • Identifiers, such as name, postal address, IP address, account credentials and email address;

      • Personal information, as defined in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), such as contact information and financial information;

      • Characteristics of protected classifications under California or federal law, such as gender;

      • Commercial information, such as transaction information and purchase history;

      • Internet or network activity information, such as browsing history and interactions with our website; and

      • Geolocation data, such as Internet Protocol (IP) location.

      Your information may be “sold” as defined under the CCPA, which defines “sale” as the disclosure of Personal Information to a third-party for monetary or other valuable consideration. California’s definition of sale is broad and encompasses many types of data transfers. However, we do not "sell" any consumer data in the traditional sense for monetary compensation.

      The categories of sources from whom we may have collected this Personal Information are:

      • Directly from a California resident or the individual’s representatives;

      • Service Providers, Consumer Data Resellers and other third parties;

      • Public Record Sources (Federal, State or Local Government Sources);

      • Information from our affiliates;

      • Website/Mobile App Activity/Social Media; and

      • Information from brand partner about individuals associated with brand partner.

      The categories of third parties to whom we may disclose Personal Information for our business purposes described in this privacy disclosure are:

      • An applicable brand partner.

      • Service Providers who support our business, such as fulfillment services, technical support, delivery services, professional advisors as well as web-hosting providers, analytics providers, customer-relationship management software providers and other information technology providers;

      • Any court, governmental authority, law enforcement agency or other third party where we believe disclosure is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights, the rights of any third party or individuals’ personal safety, or to detect, prevent, or otherwise address fraud, security or safety issues;

      • To our affiliated entities and in connection with the sale, assignment or other transfer of our company or our business; and.


      Use of Personal Information

      In the past 12 months, we may have used Personal Information relating to California residents to:

      • Deliver the services and support or carry out the transactions for our products that you have requested;

      • Send communications to you, such as to respond to your requests and to provide you with product safety information, your transaction status (including order confirmations),

      • Provide communications from brand partner;

      • Customize, analyze and improve our products, services (including the content and advertisements on our website), technologies, communications and relationship with you;

      • Comply with our legal and regulatory responsibilities and to enforce our rights.

      • Authenticate users and to otherwise provide for the safety and security of the websites and otherwise prevent fraud and other prohibited or illegal activities;

      • Protect the security of our website(s), our business(es), or our products or services; or

      • Otherwise, as disclosed to you at the point of collection.


      Rights under the CCPA

      If you are a California resident, you have the right to:

      1. Request we disclose to you free of charge the following information covering the 12 months preceding your request:
        1. the categories of Personal Information about you that we collected;

        2. the categories of sources from which the Personal Information was collected;

        3. the purpose for collecting Personal Information about you;

        4. the categories of third parties to whom we disclosed Personal Information about you and the categories of Personal Information that was disclosed (if applicable) and the purpose for disclosing the Personal Information about you; and

        5. the specific pieces of Personal Information we collected about you;

      2. Request we delete Personal Information we collected from you, unless the CCPA recognizes an exception;

      3. Opt-out of our sale of your personal information.

      4. Be free from unlawful discrimination for exercising your rights under the CCPA

      We will acknowledge receipt of your request and advise you how long we expect it will take to respond if we are able to verify your identity. Requests for specific pieces of Personal Information will require additional information to verify your identity. We will work to process all verified requests within 45 days pursuant to the CCPA. If we need an extension for up to an additional 45 days in order to process your request, we will provide you with an explanation for the delay.

      If you submit a request on behalf of another person, we may require proof of authorization and verification of identity directly from the person for whom you are submitting a request.

      In some instances, we may not be able to honor your request, and we will advise you of that fact in our response. For example, we will not honor your request if we cannot verify your identity or if we cannot verify that you have the authority to make a request on behalf of another individual. Additionally, we will not honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA’s access or deletion rights.


      How to Exercise Your Rights

      If you are a California resident, you may submit a request by emailing your request to privacy@lapineinc.com.