Last Updated and Effective as of: March 10, 2023
Please note that our privacy practices are subject to the applicable laws of the regions in which we operate. Accordingly, some additional region-specific terms will only apply to individuals in those locations, or as required by applicable laws.
- We collect Personal Information (as defined below) from users of our Website and Services when it is voluntarily provided to us and use it for the purposes for which it was provided (see Information We Collect Directly From You and How We Use Your Information).
- We automatically collect information (which may include Personal Information) from users of our Website and Services for advertising and analytical purposes and in order to provide the Services and this Website (see Information We Collect Automatically and How We Use Your Information).
- We may obtain Service Data from our clients and their vendors, which we process on behalf of our clients in accordance with our contracts with them (see Service Data Processing).
If you have questions, you can always contact us using the information in the section below titled Contact.
INFORMATION WE COLLECT DIRECTLY FROM YOU
We may collect information, including Personal Information, when you provide such information to us directly, such as when you send us an email, or otherwise interact with us on the Website or in connection with the Services. “Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be, directly or indirectly, with you. Such information may also be referred to as “personal data” or “personally identifiable information” under applicable laws, which may provide their own definitions. Categories of Personal Information we collect directly from you include identity data (e.g., name or other similar identifiers), and contact data (e.g. address, email address, telephone number). We may also collect other information that you directly provide us including marketing and communications data (e.g., your preferences in receiving marketing from us).
INFORMATION WE COLLECT AUTOMATICALLY
ArcSpan, our service providers, or our third-party partners may also automatically collect information, including Personal Information, from you when you visit our Website and use or interact with our Services through cookies and other tracking technologies. While some of this information (like a device ID or cookie ID) does not enable us to directly identify you or other users (e.g., we do not know your name or contact information), that information may still be considered Personal Information under applicable privacy laws. Such information may include data collected by the following methods:
- Cookies and Similar Technology
As you use the Internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as “clickstream data,” can be collected and stored by a website’s server. Clickstream data can tell us the type of computer and browsing software you use and the address of the website from which you linked to the Website or interacted with our Services. We may collect and use clickstream data as a form of aggregate information to anonymously determine how much time visitors spend on each page of our Website (or other Services), how visitors navigate throughout the Website and Services, and how we may tailor our web pages to better meet the needs of visitors. This information will be used to improve our Website and our Services.
- Site and Platform Analytics
- Service Data
For more information regarding information we or our clients collect in connection with our Service, please see the Service Data Processing section below.
We use Personal Information and other information as described herein including for the following purposes:
- To contact you about and provide you and our clients with our Services;
- To create, maintain, customize, and secure your account with us, and to personalize your experience on the Website or Services;
- To operate the Website and to provide you with any specific services that you have requested;
- To deliver content and product and service offerings relevant to your interests;
- To provide you advertising for products and services that may be of interest to you;
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and fulfillment;
- To help maintain the safety, security, and integrity of our Website, Services, databases and other technology assets, and business;
- For internal research; for technological development and demonstration; and to improve, upgrade, or enhance our Website and Services;
- For detecting security incidents; protecting against malicious, deceptive, fraudulent, or illegal activity; and prosecuting those responsible for that activity;
- To investigate suspected fraud, harassment, or other violations of any law, rule, or regulation, or the policies for the Website;
- As required by law or legal process;
- To respond to your direct inquiries;
- To add you to our mailing lists and send you emails from time to time; and
- For any additional purposes that you specifically consent to.
With respect to our Services as they apply to the Service Data that our clients or vendors provide us or allow to be collected, we do not process or use Service Data on our own behalf but rather at the direction and for the benefit of our clients.
Some of our clients find that advertising is more effective and relevant when it is targeted to your interests and behaviors. In connection with our processing of Service Data relevant to your possible interests and behaviors, some of our third-party partners may set and/or access cookies or other data collection technologies that collect information (not including your name, address, or telephone number) about your visits to this, our clients’ and other websites, mobile websites and/or mobile applications across your various devices, in order to determine whether you have seen their advertisements and/or match those devices together by creating a profile revealing likely associations or connections between them. That profile is used to determine the likelihood that you are the same user visiting the websites or applications on different devices, and to provide more tailored advertising, marketing, measurement, analytics, and research about goods and services of interest to you across those various devices. Such information may form part of the Service Data that clients provide for us or our vendors to process.
As noted above, we may collect information that is not Personal Information (“Non-Personal Information”). Non-Personal Information may include anonymous or aggregate data, or information lawfully made available from federal, state, or local government records. Because Non-Personal information does not personally identify you, we may collect, use, and disclose such information for any purpose permitted by law. For example, we may aggregate or de-identify Personal Information so that the information does not personally identify you or anyone else, such as by using Personal Information to calculate the percentage of our customers who live in a particular area. We reserve the right to develop and derive aggregate data (meaning information that relates to a group or category of individuals, from which individual identities have been removed) from Personal Information in order to enhance and maintainthe Website, and such aggregate data will be treated as non-personal information.
HOW WE DISCLOSE OR SHARE YOUR INFORMATION
Besides using your Personal Information ourselves, we may send your Personal Information and other information to other companies, affiliates, and third parties in the following instances:
- Service Providers and Vendors. We may disclose your Personal Information to third parties who may use your information to provide us services such as website hosting, data analysis, infrastructure provision, information technology services, customer service, e-mail delivery services, auditing, and anti-fraud monitoring. These third parties may have access to Personal Information that is necessary to perform their functions, but they are only permitted to do so in connection with performing services for us. They are not authorized by us to use the information for their own benefit..
- Legal Compliance and to Defend Our Rights. We may disclose Personal Information and other information as we believe necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
- Business Transfers. We may disclose your Personal Information and other information to third parties in connection with a corporate restructuring, acquisition, or divestiture.
- Aggregated or Non-Personal Information. We may disclose aggregated information or Non-Personal Information to unaffiliated third parties, such as business partners, manufacturers, distributors, and retailers, in a form in which the disclosed information will not contain nor be linked to any Personal Information, including without limitation to improve and enhance your experience using the Website and Services, and for our market research activities.
Please note that if you specifically consent to additional uses of your Personal Information, we may use your Personal Information in a manner consistent with that consent. Moreover, please see the provisions above for additional information about how we may use and disclose Service Data.
HOW WE PROTECT YOUR INFORMATION
The security of your information is very important to us. We attempt to provide for the secure transmission of your information from your devices to our servers by utilizing encryption software. However, due to the inherent open nature of the Internet, we cannot guarantee that communications between you and ArcSpan, or information stored on the Website, our Services, or our servers, will be free from unauthorized access by third parties such as hackers, and your use of the Website or Services demonstrates your assumption of this risk. We have put in place reasonable physical, electronic, and managerial procedures to safeguard the information we collect. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us at firstname.lastname@example.org.
We will retain your information for as long as your account or inquiry is active or as needed to provide you with the Website or Services and for a reasonable time thereafter in accordance with our standard procedures or as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements. Even if we delete some or all of your information, we may continue to retain and use anonymous or aggregated data previously collected. Please note that we will not be liable for disclosures of your data due to errors or unauthorized acts of third parties.
LINKS TO OTHER WEBSITES AND SOCIAL NETWORKING SERVICES
As a convenience to you, we may provide links to third-party websites, apps, or services from within the Website or Services. We are not responsible for the privacy practices or content of these third-party sites, and by providing a link we are not endorsing or promoting such third party sites. When you navigate away from our Website or Services, you do so at your own risk. We encourage you to read the policies and terms of every website, app, or service you visit.
The Website or Services may integrate with social networking services. We do not control such services and are not liable for the manner in which they operate. While we may provide you with the ability to use such services in connection with our Website or Services, we are doing so merely as accommodation and, like you, are relying upon those third-party services to operate properly and fairly.
You should be aware that Personal Information which you voluntarily include and transmit online in a publicly-accessible blog, social network, or otherwise online may be viewed and used by others. We are unable to control such uses of your Personal Information, and by using such services you assume the risk that the information provided by you may be viewed and used by third parties.
If you submit personal information to us, that information may be processed in a jurisdiction where privacy laws may be less stringent than those in your country of residence. By submitting your personal information to us, you agree to the transfer, storage, and processing of such information in foreign jurisdictions including, but not limited to, the United States. Please note that personal information transferred to the United States is subject to access by law enforcement. Where applicable, we may use model clauses approved by the laws of your jurisdiction (such as Standard Contractual Clauses approved by the European Commission) for cross-border data transfers.
Our Website and Services are intended for users ages 18 and over. We do not knowingly collect Personal Information from minors. When we become aware that Personal Information (or other information that is protected under applicable law) from a child under 16 (or such other age as may be restricted under local law) has been collected, we will use all reasonable efforts to delete such information from our database. If you believe we might have any Personal Information from or about a child under 16, please contact us at email@example.com.
If you receive a marketing email from us, you may unsubscribe from any future marketing emails by sending an unsubscribe request to firstname.lastname@example.org or by clicking the “unsubscribe” link in a marketing email that you receive from us. We will process your request within a reasonable time after receipt.
The online advertising industry provides a service through which you may opt out of receiving targeted ads from certain data partners and other advertising partners that participate in self-regulatory programs. You can opt out of targeted advertising from certain providers that participate in the Digital Advertising Alliance (DAA) program at www.aboutads.info/consumers. Other providers are members of the Network Advertising Initiative, and you can opt out of interest-based advertising by those members by visiting http://optout.networkadvertising.org/. Please note that by opting out, you will continue to see generic advertising that is not tailored to your specific interests and activities.
For clarity, cookie-based opt-outs must be performed on each device and browser that you wish to have opted out. For example, if you have opted out on your device browser, that opt-out will not be effective on your mobile device. Additionally, if you opt out on one of your devices, that opt out may not be effective on all of your devices. You must separately opt out on each device.
For targeted advertisements delivered through mobile apps, you can download and install the DAA’s AppChoices app (available in Google Play or the Apple App stores) on your device to opt out of targeted advertising by certain providers and can also select a system level advertising preference feature on your device (such as “Limit Ad Tracking” on Apple devices or “Opt-out of Interest-based ads” on Android devices).
To learn more or to reset the advertising identifier on your iOS and Android device, click on the following links:
- iOS – https://support.apple.com/en-us/HT202074
- Android – https://support.google.com/ads/answer/2662922?hl=en
As noted above, cookie-based opt-outs may not be effective on some mobile services. Users may opt out of certain advertisements on mobile applications or reset advertising identifiers via their device settings. You may learn more from the NAI about how to opt out on a mobile device by clicking this link: https://thenai.org/opt-out/mobile-opt-out/.
If you want to stop or restrict the placement of cookies or flush any cookies that may already be on your computer or device, please refer to and adjust your web browser preferences. Further information on cookies is available at www.allaboutcookies.org. By deleting our cookies or disabling future cookies, you may not be able to access certain areas or features of our Website or some of its functionality may be affected.
CALIFORNIA PRIVACY RIGHTS AND OTHER APPLICABLE STATE LAWS
The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”), provides California residents with specific rights regarding their Personal Information. Other states may also provide specific rights to their residents under their respective state laws, including the Virginia Consumer Data Protection Act of 2021, the Colorado Privacy Act of 2021, Connecticut Public Act No. 22-15, “An Act Concerning Personal Data Privacy and Online Monitoring,” the Utah Consumer Privacy Act of 2022, and all other equivalent or similar laws and regulations in the United States relating to Personal Data and privacy, and as each may be amended, extended or re-enacted from time to time (“Other State Laws”).
Additionally, under California Civil Code Section 1798.83 (“Shine the Light”), California residents have the right to request in writing from businesses with whom they have an established business relationship: (a) a list of the categories of personal information, as defined under Shine the Light, such as name, email address, and mailing address, and the type of services provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes; and (b) the names and addresses of all such third parties. To request the above information, please contact us by email at email@example.com. If you do not want your personal information disclosed to any third party who may use such information for direct marketing purposes, then you may opt out of such disclosures by sending an email to us at firstname.lastname@example.org.
If you are a Nevada resident, you have the right to request that we do not sell your covered information (as those terms are defined in N.R.S. 603A) that we have collected, or may collect, from you. We do not sell your covered information, however, if you would like to make such a request you may do so by contacting us at email@example.com.
EU/EAA, UNITED KINGDOM AND SWITZERLAND RIGHTS
IF YOU ARE SITUATED IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM OR SWITZERLAND, THIS SECTION APPLIES TO OUR COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL DATA AND ADDITIONAL RIGHTS YOU HAVE UNDER APPLICABLE LAW.
We will only use your personal data, as that term is defined under the General Data Protection Regulation (“GDPR”), when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where you have consented to a certain use of your personal data.
- Where we need to comply with a legal or regulatory obligation.
To the extent permitted under applicable laws, we will also process, transfer, disclose, and preserve personal data when we have a good faith belief that doing so is necessary.
ArcSpan is the data controller of all personal data collected through our Website. To contact us, please see the section titled Contact.
If you are situated in the UK or EU and have any complaints regarding our privacy practices, you have the right to make a complaint at any time to your local supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority so please contact us in the first instance. If you have a complaint, please contact our privacy manager can be contacted here: firstname.lastname@example.org.
In some cases, we act as a processor on behalf of our business customers who use our services. This means that we are a service provider that processes personal data on behalf of and on the instructions of our business customers. Our business customers act as data controllers for such data. These business customers: (a) determine the purposes for which we process personal data; and (b) are responsible to applicable data subjects for the processing of their personal data.
As data controllers, our business customers are responsible for disclosing the rights of data subjects with respect to their personal data and other information regarding the collection and use of that personal data, in accordance with GDPR and other applicable laws requiring such disclosures. If you wish to exercise any of your rights in regards to such information under the GDPR, please contact the relevant business that acts as the data controller of your personal data.
Provision of personal data and failure to provide personal data:
Where we need to collect personal data by law or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services). In this case, we may not be able to provide certain services to you.
Collection of personal data from third party sources:
We may obtain personal data and other information about you through public sources or through our third-party partners who help us provide our products and services to you. We will obtain cookie data about you from Google Analytics.
Withdrawing your consent:
If we are relying on your consent to process your personal data, you have the right to withdraw your consent at any time by contacting us at email@example.com.
We may transfer personal data from the EU to the USA and other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For more information about how we transfer your data, please contact us at firstname.lastname@example.org.
Use of your personal data for marketing purposes:
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising:
- Promotional offers from us: We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or used our services and, in each case, you have consented to our use of your personal data for marketing purposes.
Data Subject Rights:
If you are a situated in the EU, under the GDPR, as a data subject, you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
To exercise your rights under the GDPR, please contact us at email@example.com. Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.
IAB Europe Transparency & Consent Framework:
ArcSpan Technologies participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Our identification number within the framework is 1193.
For questions or concerns relating to privacy, we can be contacted at: firstname.lastname@example.org.
Our Website is maintained in the United States of America. If you are located outside the U.S., by using the Website, you authorize the export of your information to the U.S. and its storage and use as specified in this policy. Please note that Personal Information transferred to the United States is subject to access by law enforcement. If you have any questions about the transfer of your data to the U.S., please contact us at email@example.com.