Privacy Policy - CCPA
Additional Notice for California Residents
This section provides information specific to California Residents. This Notice supplements our Privacy Policy. Please see below for additional information relevant to the CCPA, as amended.
The California Consumer Privacy Act (CCPA) enhances privacy rights and consumer protection for individuals who reside in California. FortifyIQ, Inc. has adopted this statement to comply with the CCPA which applies solely to “consumers” as defined by the CCPA.
What categories of personal information do you collect about me?
In the last twelve (12) months, we may collect personal identifiers, such as your name, personal and/or business contact details, including your:
- phone number(s),
- email address,
- mailing address,
- job title,
- and any other information required to validate your identity;
- credit card or bank account information necessary for billing purposes;
- commercial information, such as records of products or services purchased or other purchasing or use histories or tendencies;
- activity information relating to internet or other electronic networks such as browsing or searching history, or interaction with a website, ad or app (usually via your Internet Protocol address);
- information such as your FortifyIQ account login and password (if you are an FortifyIQ User);
- information related to employment or other professional standings;
- information related to education;
- information that may be drawn from the above information identified through inference or predictions about your preferences and interests.
We do not knowingly collect any information about anyone under the age of 18.
Do you share, disclose or sell my personal information?
We may share your personal information, relating to the categories listed above, with our other group companies and service providers for internal reasons if it is necessary for business and operational purposes.
Where required we share your personal information, relating to the categories listed above, with service providers or third parties to comply with a legal obligation; when we believe in good faith that an applicable law requires it; at the request of governmental authorities conducting an investigation; to verify or enforce our terms of use or other applicable policies; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, visitors to our website, our business or the public.
As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us your personal information, relating to the categories above, may be disclosed or sold to such entity. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible it will be sold or transferred to third parties.
We may sell your personal information, relating to the categories listed above, to our customers, after you have expressed an interest in their goods or services. This interest may be expressed in numerous ways, including submitting your information to us in order to download a digital asset (such as a whitepaper or e-book), by engaging with any of our email marketing or clicking on a digital advert hosted by us. Please ensure that you read and agree to our customers’ privacy policies before expressing any interest in their product as outlined above.
Processing of sensitive data, as defined under California law, only occurs when you knowingly take affirmative action to provide such information to us for processing. For the avoidance of doubt, we do not sell your sensitive personal information as defined under California law. For the purposes of this sentence, and in accordance with the California Consumer Privacy Act (the ”CCPA”) when used in this CCPA notice, “sold” or “sale” means the disclosure of personal information for monetary or other valuable consideration but does not include, for example, the transfer of personal information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
What are my rights?
If you are a resident of California, you have the following rights:
1. The right to request disclosure of our data collection and sales practices in connection with your personal information, including the categories of personal information we have collected, the source of the information, our use of the information and, if the information was disclosed or sold to third parties, the categories of personal information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold;
2. The right to request a copy of the specific personal information collected about you during the 12 months before your request (together with right #1, a “personal information request”);
3. The right to have such information deleted (excepting where such information is required to:
i. provide you with goods or services you requested;
ii. detect or resolve issues security or functionality-related issues;
iii. comply with the law;
iv. conduct research in the public interest;
v. safeguard the right to free speech; and
vi. carry out any actions for internal purposes that you might reasonably expect).
4. The right to request that your personal information not be sold to third parties, if applicable;
5. The right not to be discriminated against because you exercised any of the new rights.
6. The right to opt out of sharing of personal information.
7. The right to opt out of certain uses and disclosures of “sensitive personal information.”
8. The right to correct inaccurate personal information.
9. The right to enhanced transparency about a business’s information practices, including information about data retention periods.
10. New rights with respect to the use of automated decision-making technology, including for profiling. FortifyIQ, Inc. does not conduct “profiling.”
You are entitled to make two information requests within a 12-month period. If you make an information request, we will need to collect certain information from you in order to verify your identity. You will receive a response to your request within 30 days.
How can I request that my personal information not be sold or shared?
If you do not want your personal information to be sold, you can simply click here: Do Not Sell or Share My Personal Information.
How to Make a Request Under this Policy
In addition to using the links Do Not Sell or Share My Personal Information there are several ways for you to submit any of the above personal information requests.
You may:
- Send a request by mail to:
FortifyIQ, Inc.
12 Damonmill Square
Suite EB-1N
Concord, MA 01742 - Send a request via email to [email protected]
- Click here.
Making Shine the Light Request
To make a request for information under the Shine the Light Act, please send an email to [email protected]
FortifyIQ, Inc. will respond to all requests within 30 days. To respond to your requests to access, obtain a copy of, correct or delete your personal data, we will need to verify your identity and/or authority to make such requests and access, receive, modify or delete such personal data. When you submit a request, we will take steps to verify your identity. You are not required to create an account with us to submit a request. We may ask you to provide us with information about yourself in order to verify your identity. We will only use the personal information you provide in connection with identity verification to verify the requestor’s identity or authority to make the request and whenever feasible, we will attempt to match the information you provide with information we may already have about you.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your personal information. For all requests, you must provide your full legal name, your home address, your cell phone number, your email address, which consumer right you are calling about, and what your request is. You may be asked for additional proof of identity, as well.
Decisions made by FortifyIQ, Inc. pursuant to any above request may be appealed to FortifyIQ, Inc.’s Privacy Officer by submitting a request to review the decision by mail at FortifyIQ, Inc., Attention Privacy, 12 Damonmill Square, Suite EB-1N, Concord, MA 01742 or by electronic mail at [email protected]. Within 45 days of your submission, we will inform you in writing of the appeal decision with an explanation of the reason for the decision. If you are dissatisfied with the appeal decision, you may contact the California Attorney General’s Office at https://oag.ca.gov/privacy/caloppa/complaint-form/privacy-notice.
Cookies
As described under our “Cookies Policy,” some of FortifyIQ, Inc.’s websites and mobile applications use cookies, web beacons and other similar tracking technologies to enable essential features, or for data analytics and marketing purposes.
Links to Other Websites
Our websites and mobile applications link to other websites that are not operated or controlled by FortifyIQ, Inc. We do not monitor or control, and are therefore not responsible for, the privacy practices or the content of linked external websites. We recommend reviewing the privacy policies for any linked websites you visit.
Changes to Our Privacy Notice
Contact Information
If you have questions about this Privacy Notice or wish to contact us concerning personal information you provided to us, you may reach us by email or US Mail as follows:
- FortifyIQ, Inc.
Attention Privacy
12 Damonmill Square
Suite EB-1N
Concord, MA 01742 - Send a request via email to [email protected]
- Click here.