PRIVACY POLICY

Effective Date: September 1, 2023

 

Your privacy is of utmost importance to us. This Privacy Policy is designed to help you understand how we collect, use, disclose, process and safeguard your personal data when you use our FictionMe mobile application or related services (collectively, the "Services").

Personal data refers to any information that relates to an identified or identifiable individual, also known as a "data subject." This includes a wide range of information, from basic identifiers like names and contact details to more sensitive data like biometric information or beliefs, which can be used to identify or distinguish an individual.

By accessing or using our Services, you unconditionally consent to the practices described in this Privacy Policy. Please take a moment to carefully read and understand the terms outlined herein. If you do not agree with the practices described in this Privacy Policy, we advise you to refrain from using our Services.

This Privacy Policy applies to all users of FictionMe, including readers, and any other individuals accessing or using our Services. It covers the collection and use of personal information as well as your rights and choices regarding your data.

For information about the Terms of Use governing the use of FictionMe, please refer to our App Terms of Use.

If you have any questions, concerns, or requests regarding your personal information or this Privacy Policy, please contact us at [email protected] or via mail address: Bonimor Limited LLC, Richardou Leontokardou, 11 ANNEX COURT, Flat/Office 101 4046, Limassol, Cyprus.

1. Who we are

1.1. FictionMe is a platform provided by Bonimor Limited, a company registered in Cyprus under company number HE431640 (“FictionMe”, “we”, “our”, “Platform”). Our registered office is situated at Richardou Leontokardou, 11 ANNEX COURT, Flat/Office 101 4046, Limassol, Cyprus. 

2. Types of Data that we process

2.1. Data that you provide us voluntarily

2.1.1. You have the option to share data with us through various means. For instance, we collect and securely store the data you provide when you register a user profile ("Profile") or when you interact with FictionMe emails or report any issues related to our Service. This data encompasses:

2.1.2. Profile Data: If you register at FictionMe via third parties like Facebook and Google, they send us information that is necessary for your use of our Services, such as your name, email address, gender and birthdate. Additionally, you have the choice to furnish additional data on your Profile (e.g. your Profile’s photo, location data).

2.1.3. Because you have control over your Profile, you can access and manage these details at any time by visiting your "Profile" page. This provides you with the opportunity to correct or update your data (excluding your name, profile’s photo and email address) whenever you log in to FictionMe. We do, however, strongly advise against including personal data in your Profile that you do not wish to be publicly accessible. Furthermore, we do not recommend sharing email addresses, instant messaging details, phone numbers, credit card information, national identity numbers in your Profile, as doing so may expose them to potential misuse or abuse. It's important to exercise caution when sharing sensitive information about yourself on your Profile, such as details regarding your religion, health, sexual preferences, or ethnic background. If you choose to provide us with sensitive data about yourself, please be aware that you are making this information public to other users.

Do not  grant access to your Profile to third parties, or transfer your Profile to anyone else. In the event that you suspect unauthorized access to your account, promptly report it to FictionMe. Please note that FictionMe bears no responsibility in cases where your account is accessed by unauthorized parties as a result of internet hacking or due to mismanagement of your account on your part.

2.2. Automatically collected information

Please note that this data is collected automatically as part of your interaction with our Services to improve your user experience and provide you with relevant content and features.

2.3. Payment Information: We do not retain or store any credit or debit card details, either electronically or in physical form. All financial transactions, including payments and similar activities conducted on the FictionMe Platform, are handled by a third-party payment processor, such as Apple or Google ("Payment Processor"). Any purchases you make through our Platform are also subject to the terms and conditions, as well as the privacy policies, of the Payment Processor. However, we may receive data related to credit card transactions, including the transaction date, time, amount, and the type of payment method used. It is important to note that FictionMe assumes no responsibility for the security or performance of the Payment Processor. Additionally, FictionMe reserves the right to change our Payment Processors at any time without prior notice to you. 

3. Children’s Data

3.1. Our App is not intended for individuals under the age of 18, and we do not knowingly collect personal data from individuals in this age group. If we become aware that a child under 18 has provided us with personal information without parental consent, we take immediate steps to delete such information.

4. Your Data controllers and Data Processors

4.1. The first thing you should know is information about your data controller and processors. The data controller is an entity that determines the purposes and means of the processing of the data. The data processor is an entity that processes the data on behalf of the controller.

4.2. In this current case, your data controller is Bonimor Limited.

4.3. When processing your data, we may use the following data processors:

4.4. Where there will be a necessity, we may also engage third-party services and may share the data with them. That will help us operate, provide, improve, integrate, customize, support, and market our service and the Website. We share the data, in particular, for purposes indicated in section 5 hereof. The types of third parties we share information with include, in particular: cloud storage providers; data analytics providers; measurement partners; marketing partners; payment processing providers; communication services providers, etc. By providing us with the services, those providers will also be your data processors.

4.5. We may also use and disclose the data to enforce the Agreement, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.

4.6. We might also disclose your Personal Data to our affiliated companies, group entities, or subsidiaries (as relevant) for the purposes of either (a) customizing content and enhancing your user experience, or (b) providing promotions and organizing events related to our own products and services, as well as those of third parties.

4.7. If we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission, or (ii) the European Commission adequacy decisions about certain countries (details available here).

4.8. Our Platform may contain links to other websites. This privacy policy only applies to this Platform and doesn't cover other sites that we link to. If you go to another website, read the privacy policy on that website to find out what it does with your information.

5. How do we use the data we collect?

5.1. We use your personal information for the following purposes:

6. Legal basis for collecting and processing your Data

6.1. At FictionMe Platform, we process your personal information based on the following legal grounds:

6.1.1. Consent: We process personal information that you voluntarily provide to us based on your explicit consent. This includes information you provide when signing up for our services, filling out forms, or engaging with certain features.

6.1.2.Legitimate Interest: Information collected automatically during your interactions with our services is processed based on our legitimate interest. This includes data such as usage patterns, device information, and analytics that help us improve our services and tailor them to your needs.

6.1.3.Contractual Necessity: We may also process your personal information when it is necessary for the performance of a contract with you. This includes information required for the fulfillment of our services and obligations as outlined in our contractual agreements.

7. Your Privacy rights

7.1. Being a data subject, you have the following rights:

a) a right to request us to access your data: you can ask us what personal information of yours is being processed as well as for the clarifications on the information described above, i.e. purpose of collecting and processing, period of processing, third parties that have access to information. To exercise the right please contact us at [email protected]

b) a right to request us to rectify your personal information: you can ask for all the inaccurate personal information concerning you being corrected. You can also complete the personal information if you feel there is a need to do so. To exercise the right please contact us at [email protected] or use a specific area of your account on the App;

c) a right to request us to erase personal information: you can request us to erase such data if its processing is no longer necessary in relation to the purposes for which it was collected as well as if there are no legal grounds for the processing. In most cases we will erase it unless otherwise will be required by legislation. To exercise the right please contact us at [email protected]

d) a right to request us to restrict the processing of your data: for example, if you contest the accuracy of your data being processed or in case we will not be interested to process your personal information any longer, but you will want us to do this on different reasons, for example, to bring some claim for somebody and instead of the erasure of information its processing will be just restricted. To exercise the right please contact us at [email protected];

e) a right to withdraw your consent for the collection and processing of your data by us at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To exercise the right please contact us at [email protected];

f) a right to lodge a complaint with supervisory authority in the EU Member State where you reside or are employed. For more detailed information about your rights, please refer to the supervisory authority in your respective EU Member State or country.; and

g) a right to data portability. To exercise the right please contact us at [email protected].

7.2. We will provide information on action taken on your request related to your rights specified above within one month of receipt of the request for the longest. That period may be extended by two further months if we are overwhelmed by the number of requests. We will inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.

8. Promotion of Other Services on FictionMe Platform

8.1. We may present advertisements for third-party services, utilizing the data you provide us through your interactions with our Service. This may include information like your coin purchases on our Platform or the duration of your usage of the Service. Our tailored system enables us to understand when and which ads you encounter, as well as which ads you engage with. This helps us offer you more helpful and pertinent advertisements. For instance, by knowing which ads you have already viewed, we can avoid showing you the same ones repeatedly.

8.2. We may send marketing-related emails to our users who have provided their consent or who have engaged with our services. These marketing-related emails may include information about new features and enhancements to our services, special promotions, discounts, and offers, relevant updates and announcements.

8.3. If you wish to stop receiving marketing-related emails, either (i) from us regarding our Service or (ii) from third parties promoting similar services, you have the option to opt out of receiving these electronic communications. It's important to be aware that even if you choose to opt out of marketing-related emails, we may continue to send you essential administrative messages that are necessary to facilitate the provision of our Service.

9. Data retention and location of processing your Data

9.1. Your personal data will only be kept for the duration necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is mandated or allowed by applicable law.

9.2. Once we no longer have a legitimate business necessity to process your personal data, we will take appropriate measures. This may entail either the deletion of your data or rendering it anonymous. In cases where immediate deletion is not feasible, such as when data resides in backup archives, we will securely maintain the information in isolation, preventing any further processing. This secure state will persist until a point in time when deletion becomes possible.

9.3. We consistently evaluate our data retention policies to ensure they remain in compliance with the principles of privacy laws and other relevant data protection regulations.

9.4. You have the right to limit our processing of your data by submitting a data erasure request or a notice prohibiting the processing of your data. It's important to note that taking such action will prevent us from processing your data and may result in the deletion of your data, which could lead to a loss of access to the Platform. Additionally, it may impede our ability to respond to your inquiries.

9.5. Our servers are located in the USA.

10. Push notifications

10.1. From time to time, we may send you push notifications exclusively through our App, pertaining to updates about the App or notifications related to our services. You have the flexibility to customize these communications and notifications through your device settings, allowing you to opt-out of receiving them if you wish.

11. How to Delete Your Profile

11.1. If you wish to permanently delete your account, please reach out to us via email at [email protected], and we will assist you in the process. Once your account is deleted, you will no longer have access to some or all of our products or services. At your request, we will remove your personal data, except where it is required to be retained by law.

11.2. We are committed to helping you erase your account data, including payment records for unlocking chapters. It's important to note that once your account is permanently removed, reactivation is not possible, and you will be unable to retrieve your reading history, spending records, or unlocking activity, including any remaining coin balance.

12. Protection of your Data

12.1. We are continually enhancing and maintaining a comprehensive range of security measures, including physical, organizational, contractual, and technological safeguards, to safeguard your Personal Data against potential risks such as loss, theft, unauthorized access, disclosure, copying, use, or alteration. Access to your Personal Data is restricted to employees who have a bona fide "need-to-know" or whose responsibilities reasonably necessitate access to such data.

Changes and updates

13.1. This privacy policy may undergo periodic updates. An updated version will be identifiable by the revised "Last Revised" date and will take effect as soon as it becomes accessible. In the event of significant changes to this privacy policy, we may notify you by prominently displaying a notice of these alterations or by directly sending you a notification. We strongly encourage you to routinely review this privacy policy to stay informed about how we are protecting your information.

14. Contact information

14.1. If you have any questions regarding this Policy, please contact us at [email protected] or via mail address: Bonimor Limited LLC, Richardou Leontokardou, 11 ANNEX COURT, Flat/Office 101 4046, Limassol, Cyprus.

CALIFORNIA RESIDENT NOTICE

Under the California Consumer Privacy Act of 2018 (CCPA) California residents shall have the right to request: a) the categories of personal information that is processed; b) the categories of sources from which personal information is obtained; c) the purpose for processing of user personal data; d) the categories of third parties with whom we may share your personal information; e) the specific pieces of personal information that we might have obtained about a particular user provided that the data given in the request is reliable enough and allows to identify the user.

PERSONAL INFORMATION. All about the categories of information, its sources and purposes of processing is described above. Be informed that according to CCPA personal information does not include de-identified or aggregated consumer information.

DATA SHARING. Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

OPT-OUT OPTIONS. If you don’t want us to process your personal information any more, please contact us through [email protected]. Please be informed that such opt out may impact App’s further operation without functional data and you will be advised to remove the App from your device. If you don’t want us to share device identifiers and geolocation data with service providers, please check your device settings to opt out as described above. 

REQUESTS. To submit a verifiable consumer request please contact us through the email [email protected]. When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.

We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.

We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

CALIFORNIA PRIVACY RIGHTS

  • The right of access means that you have the right to request that we disclose what Personal Information we have collected, used and disclosed about you in the past 12 months. Please, note that we shall not be required to provide personal information to you more than twice in a 12-month period.

  • The right to prohibit sale of information means that you have the right to request that we stop the processing of your data for direct marketing purposes either by asking us to cease processing all data about you or asking us not to send you direct marketing communications. We generally do not sell your Personal Information for profit.

  • The right of correction means that you have the right to request that we correct any inaccurate personal information that we maintain about you.

  • The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights.

  • The right to opt out of automated decision-making technologies means your right not to be subject to a decision that is based solely on automated processing (where a decision is taken about you using an electronic system without human involvement) which significantly impacts your rights. No decision will be made by us about you solely on the basis of automated decision making which has a significant impact on you.

  • The right to restrict the use of your sensitive information means directly contacting us to stop such processing of your sensitive personal information for such purposes. We do not process any sensitive personal information to infer characteristics about you.

  • The right of deletion means that you have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions. Please note that under the CCPA we are under no obligation to comply with your request if we need to maintain your information if we need it to, among other things: (a) complete the transaction for which the personal information was collected, or (b) fulfill the terms of a written warranty or product recall; (c) detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity; (d) debug to identify and repair errors that impair existing intended functionality; (e) comply with the California Electronic Communications Privacy Act; (f) enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business; (g) comply with a legal obligation.

  • Otherwise use the personal information internally in a lawful manner that is compatible with the context in which the consumer provided the information, etc.

  • The rights to portability means your right to receive your personal information  in an electronic and structured form to you or to another party. 

SALE OF DATA. We do not sell any of your personal data to third parties.

COLORADO RESIDENT NOTICE

This section applies only to Colorado residents in addition to the rest of this Privacy Policy. We process personal data in compliance with the Colorado Privacy Act that requires us to disclose the following additional information related to our privacy practices.

If you are unable to access this Privacy Policy due to a disability or any physical or mental impairment, please contact us and we will provide you with the required information in an alternative format that you can access.

PERSONAL INFORMATION. All about the categories of information, its sources and purposes of processing is described above.

DATA SHARING. Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

REQUESTS. To submit a verifiable consumer request please contact us through the email [email protected]. When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.

We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.

We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

COLORADO PRIVACY RIGHTS.

  • The right of access means the right to know if a controller is processing the consumer’s data.

  • The right to portability provides the ability for you to receive the data in their right to access in a portable and machine-readable format, where technically feasible, that enables you to transmit the data to another entity without hindrance. Please note that you may only exercise the right to data portability twice per calendar year.

  • The right to opt-out means your right to object to the processing of your personal data for such purposes as (1) the sale of your personal data. Please note that we do not sell any of your personal data to third parties; (2) Targeted advertising, or (3) Profiling to help make decisions that produce legal or similarly notable effects concerning a consumer.

  • The right of correction means your right to request that we rectify inaccurate information about you.

  • The right of deletion means that you can ask us to delete or stop processing your personal data.

  • The right of appeal means that if you are not satisfied with resolving your privacy request, you can initiate an appeal procedure described below.

HOW TO EXERCISE YOUR PRIVACY RIGHTS. You can exercise any of your privacy rights specified above using any of the ways described in the Section “Contact information”. Please, specify clearly what you want to exercise and identify yourself. Please note that we are not required to comply with the request if we are unable to authenticate your request using commercially reasonable efforts.

If you send us a request we will reply to you within 45 calendar days free of charge, except that, for a second or subsequent request within a twelve-month period, we may charge a reasonable fee.

If we refuse to take action on your request, you can follow the appeal procedure within 30 days after receiving such refusal sending your appeal to this email  [email protected] adding in the subject of email “Appeal to answer on privacy request”.

We are obliged to consider your appeal within 45 after receipt of the appeal and inform you of any action taken or not taken in response to the appeal. We can extend this term by 60 additional days where reasonably necessary, taking into account the complexity and number of requests serving at this time.

If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form.

AUTHENTICATION. For the purpose of safeguarding your Personal Data against unauthorized access or deletion, we may need to authenticate your credentials before accepting a request pertaining to your rights. If you do not possess an account with us or if we suspect unauthorized access to your account, we may request additional personal information from you to verify your identity. If after these steps  we are unable to verify your identity, we reserve the right to decline your rights request.

SALE OF DATA. We do not sell any of your personal data to third parties.

VIRGINIA PRIVACY NOTICE

The following section pertains exclusively to residents of Virginia. It outlines our practices regarding the collection, utilization, and sharing of Personal Data belonging to Virginia residents, in our capacity as a business operating under the Virginia Consumer Data Protection Act ("VCDPA"). Additionally, it outlines your rights in relation to your Personal Data. Please note that the term "Personal Data" used in this section holds the definition ascribed to it by the VCDPA, with the exception of information exempted from the VCDPA's scope.

PERSONAL INFORMATION. All about the categories of information, its sources and purposes of processing is described above.

DATA SHARING. Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

REQUESTS. To submit a verifiable consumer request please contact us through the email [email protected]. When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.

We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.

We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

VIRGINIA PRIVACY RIGHTS. As a resident of Virginia, we would like to inform you about your privacy rights, which are outlined below. While we respect and uphold these rights, it is important to note that they are not absolute, and there may be instances where we are unable to fulfill your request in accordance with applicable laws and regulations.

  • Correct inaccuracies in the consumer’s personal data that is collected by the controller.

  • Confirm if the controller is actually processing their personal data or request a copy of the personal data.

  • Delete personal data provided by or obtained about the consumer. 

  • Obtain copies of the personal data collected by the controller. 

  • Opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or further profiling.

  • The right to restrict processing of your sensitive personal information. We do not process any sensitive personal information to infer characteristics about you.

  • You have the right to be free from discrimination related to your exercise of any of your Virginia privacy rights.

  • Appeal our valid refusal of your initial request. If we reject your request relating to any of the rights outlined in the above sections, you have the option to request a reconsideration of our decision.

HOW TO EXERCISE YOUR PRIVACY RIGHTS. You can exercise any of your privacy rights specified above using any of the ways described in the Section “Contact information”. Please, specify clearly what you want to exercise and identify yourself. Please note that we are not required to comply with the request if we are unable to authenticate your request using commercially reasonable efforts.

If you send us a request we will reply to you within 45 calendar days free of charge, except that, for a second or subsequent request within a twelve-month period, we may charge a reasonable fee.

If we refuse to take action on your request, you can follow the appeal procedure within 45 days after receiving such refusal sending your appeal to this email  [email protected] adding in the subject of email “Appeal to answer on privacy request”.

We are obliged to consider your appeal within 45 after receipt of the appeal and inform you of any action taken or not taken in response to the appeal. We can extend this term by 60 additional days where reasonably necessary, taking into account the complexity and number of requests serving at this time.

If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form.

AUTHENTICATION. For the purpose of safeguarding your Personal Data against unauthorized access or deletion, we may need to authenticate your credentials before accepting a request pertaining to your rights. If you do not possess an account with us or if we suspect unauthorized access to your account, we may request additional personal information from you to verify your identity. If after these steps  we are unable to verify your identity, we reserve the right to decline your rights request.

SALE OF DATA. We do not sell any of your personal data to third parties.

CONNECTICUT PRIVACY NOTICE

This notice outlines the manner in which we, acting as a "Controller" under Connecticut's Data Protection Act ("CTDPA"), collect, utilize, and disclose your personal data, as well as the rights you have concerning your personal data, including sensitive personal data. In this context, "personal data'' and "sensitive data'' carry the definitions provided in the CTDPA and do not encompass information excluded from the scope of the CTDPA.

PERSONAL INFORMATION. All about the categories of information, its sources and purposes of processing is described above.

DATA SHARING. Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

REQUESTS. To submit a verifiable consumer request please contact us through the email [email protected]. Before processing most requests, we will need to verify your identity and confirm that you are a resident of the State of Connecticut. When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.

We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.

If you are submitting a request on behalf of a Connecticut resident, including a minor child, we will also need sufficient information to verify that the individual is the person about whom we collected personal data, and that you are authorized to submit the request on their behalf.

We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

CONNECTICUT PRIVACY RIGHTS. As a resident of Connecticut, we would like to inform you about your privacy rights, which are outlined below. While we respect and uphold these rights, it is important to note that they are not absolute, and there may be instances where we are unable to fulfill your request in accordance with applicable laws and regulations.

  • Right to know. You have the right to verify whether we are processing your personal data or not.

  • Right to deletion. You have the right to request the deletion of your personal data under certain circumstances. If you make such a request, we will assess whether we are legally obligated to comply or if there are reasons that limit the scope of the deletion. If there are any reasons, we will provide you with an explanation in our response.

  • Right to access. The right to access and obtain a copy of personal data you previously provided to us, in a readily usable format that allows you to transmit the information to another entity without hindrance, to the extent technically feasible.

  • The right to opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or further profiling.

  • The right to ppt out of profiling. You have the right to choose not to have your personal data processed for profiling purposes that could lead to decisions with significant legal or similar effects on you. If you wish to exercise this right, you can opt out of such profiling activities.

  • The right to appeal our valid refusal of your initial request. If we reject your request relating to any of the rights outlined in the above sections, you have the option to request a reconsideration of our decision.

HOW TO EXERCISE YOUR PRIVACY RIGHTS. You can exercise any of your privacy rights specified above using any of the ways described in the Section “Contact information”. 

If we refuse to take action on your request, you can follow the appeal procedure within 45 days after receiving such refusal sending your appeal to this email [email protected] adding in the subject of email “Appeal to answer on privacy request”. If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form.