Information we collect, process, and use is protected through technical processes and organizational policies.
California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act (CCPA) creates new consumer rights for residents of the state of California relating to the access to, deletion of, and sharing of personal information that is collected by businesses. Under this act, California consumers have the right to know what personal information is collected, used, shared, or sold, and they have the right to:
- Request personal information held by businesses be deleted
- Opt out of the sale of personal information.
You can learn more here.
To opt-out and have your data deleted, please contact email@example.com.
Personal Data We Collect and Use
The ways in which we collect, process, and secure information varies depending on the nature of the Services we offer, the type of data and activity you are performing, and legal and regulatory requirements.
We and our third-party service providers collect personal information about you from a variety of sources, including from you directly (e.g., when you fill out forms available on our website to provide contact information or other personal information as part of a request for information, or when you register an account with us to access our Services), data we generate about you in the course of our relationship with you (e.g. data collected from cookies and other similar technologies as described below), and data we collect about you from other sources, including commercially available sources such as public databases (where permitted by law).
Personal Data We May Collect Directly From You
- First Name
- Last Name
- Email Address
- Company Name
- Address (City, State, and Zip Code)
- Transaction Details (e.g. when you make a purchase)
- Communications (e.g. when you participate in forums or message boards)
Personal Data Generated by Us
We may generate the following types of personal data about you in the context of your use of our Services:
- Records of our interactions with you
- Internal notes, including notes about your inquiry into our Services
- Email notifications
- Purchase data from our Services
Personal Data We Collect About Your Use of Our Services
The following are examples of other categories of data that we automatically collect from you over time and across different websites when you use the Services, including through the use of ‘cookies” and other online tracking technologies:
- Data that we generate about you as a result of your use of the Services (e.g. our understanding of your interests as a result of your use of the Services and whether you are a regular or occasional user of the Services);
- Information about your usage of our Services (e.g. the pages you visit when using the Services, how often you use the Services, the search terms you enter on the Services, and the page you access before and after accessing the Services;
- Technical data collected from your computer or mobile device (e.g. your IP address, browser type, operating system);
Personal Data We Obtain From Other Sources
The following are examples of the personal data we collect from other sources, including, but not limited to publicly available databases, joint marketing partners, testing agencies, academic institutions, and the federal government.
- Date of birth
- Phone number
- Mobile number
- Unique device ID
- Advertising preferences (e.g. products purchase or interaction with advertisements online)
When we use tracking technologies, Arcalea does not combine your data with data from third parties but rather only uses Arcalea’s own data for its business purposes. In other instances, we may not specifically track you in understanding certain aspects of our marketing campaigns but instead use probabilistic modeling to estimate certain measurements relating to our app or campaign.
How We Use Google Analytics
For analytics, we use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics may set cookies on your browser or mobile device or read cookies that are already there to collect information. Google Analytics may also receive information about you from apps you have downloaded that partner Google. Google Analytics collects information such as how often you use our Website or web application and how you use our Website or web applications. We use the information provided by Google Analytics to improve our Websites, web applications, and Services. We do not combine the information collected through the use of Google Analytics with personally identifiable information (“PII”).
Information We Process
In addition to data obtained from visitors to our website, Arcalea processes data for clients when their employees or representatives provide it to us. Our clients control the types of data that we process on their behalf. While the data from clients varies, it is generally about users who are customers or potential customers, including:
- Personally identifiable information (PII) such as name, email address, telephone number
- Individually identifiable information such as site usage and the equipment and software used to interact with client advertising and web presence
How We Use Data
Arcalea uses collected information to provide, maintain, and improve Services for our customers.
Arcalea may share personal data with trusted third parties, including service providers who assist business operations, and with businesses in the furtherance of providing services to their customers. We may also share personal data as required by law, or if we have a good faith belief that we need to disclose data to comply with official or legal investigations.
How We Protect Data
We implement technical and organizational measures designed to ensure a level of security appropriate to the risk of the personal data we process. These measures are to ensure the ongoing confidentiality and integrity of personal data. Arcalea stores its service data at physically secure data centers using Amazon Web Service and the Google Cloud Platform.
All employees adhere to privacy policies as a condition of employment. These policies govern data confidentiality, information security, and acceptable use policies.
Any contractor with data responsibilities adheres to Arcalea’s Privacy Policies as a condition of contractual obligation.
Personal Data Retention
Personal information is maintained only for legitimate business needs and is anonymized or deleted after such time.
When Arcalea processes personal data, we adhere to applicable privacy laws by acting in good faith, using appropriate technical processes, and organizational policies, including the Confidentiality & Non-Disclosure Agreement, the Information Security and Acceptable Use Policy, and the GST Marketing Briefs. Our policies and practices reinforce the responsible handling and disposition of any data, including personally identifiable information (PII), used during the fulfillment of business. In addition, Arcalea uses a PCI 4.0-compliant ecosystem for payment processing.
Children’s Online Privacy Protection Act Compliance (COPPA)
Our Website, Products, and Services are all directed to people who are at least 18 years old or older. We do not knowingly collect personal information from children under 13. If you believe we might have received information from a child under 13, please contact us at firstname.lastname@example.org. We are in compliance with the requirements of the COPPA (Children’s Online Privacy Protection Act), and we do not collect any information from anyone under 13 years of age.
If you are a data subject in the European Economic Area (“EEA”), you have certain rights related to your data usage.
- The right to access, rectify, or erase any personal data we have collected about you.
- The right to data portability
- The right to restrict our processing of personal data.
To maintain compliance with GDPR, we process data for ourselves and third parties in a lawful, fair, and transparent manner. We limit this usage for legitimate business purposes described above and capture and use data limited to these purposes. For any data subject request, contact us at email@example.com.
We will respond to your request within 30 days.
This statement is effective as of May 1, 2023.