Last Updated: December 31, 2022
UNITED STATES
This Privacy Policy applies to our Website, https://www.bluelabs.com (“Site”) and the services available through our Site as referenced below. This Privacy Policy is intended to disclose how BlueLabs, Inc. (“BlueLabs” herein) collects, uses and discloses personal information about users of our Site, as well as to explain the choices and right individuals have regarding their personal information.
If you are a California consumer, as defined in the California Consumer Privacy Act of 2018, additional rights are granted. Please refer to our California Privacy Addendum, below.
- THE INFORMATION WE COLLECT
We collect information directly from individuals online, as well as automatically through the use of our Site. The personal information that BlueLabs processes comes from our clients, from various public or private sources, or is collected by us from individuals directly. We apply our data science methods to the data sets that we have obtained from various sources, in order to build analytic models to predict political, civic, and other behavior, and to provide strategic guidance, aggregate information, and predictive models to our clients. In addition to our Privacy Policy, the personal information that we obtain from our clients or from public or private sources is subject to the privacy policies of the entity that shared the information with us or that released or licensed the information to us, as applicable.
Our clients’ information is the sole property of our clients, and the rights we have with respect to our clients’ information are the rights that they grant to us. We use and share personal information that our clients share with us in the manner requested or authorized by our clients and consistent with the restrictions placed on that information by our clients.
We use and share personal information that we obtain from public sources in a manner that is consistent with the restrictions placed on that information by the entity that released it. We use and share personal information that we license from private sources in a manner that is consistent with the restrictions placed on that information by the entity that licensed it to us.
Information Collected Directly
From individuals: Information that we collect directly from individuals and then process using our data science methods (“Modeling Data”) includes information that they provide when they respond to surveys conducted by us or by our vendors on our behalf. This personal information may include name, address, phone number, email address, date of birth and commercial purchasing history.
When we use personal information for our own purposes, we do so to improve our data science practices and our business; to maintain the accuracy of our information; to monitor and protect our business; to perform security screenings; to investigate, prevent, or take action relating to illegal activities or violations of our policies; and for other research, development, and analytical purposes.
We also may collect the following information directly from a person that we do not process using our data science methods (“Non-Modeling Data”): We may collect and store a person’s name and email address if they submit inquiries or comments to us or sign up to receive our newsletter. We may also store information that they provide through additional communications initiated by them, including phone calls, letters, emails and other electronic messages, or in other circumstances described in this Privacy Policy.
From third parties: This may include information about a person that we receive from our clients, obtain from public sources, or license from private sources. Examples of information we receive from our clients include information collected through a mobile application or other methods about a person’s visits, purchases, returns, deliveries, coupons, loyalty clubs, and so on. Examples of public sources of information include census information, voter registration records, real property records, court records, assessor information, tax rolls, telephone directories, and web directories and information.
We may combine information collected directly from a person and from third-party sources.
Information Collected Automatically
We also may collect information that a person’s computer or mobile device provides in connection with their use of the Site, such as browser type, type of computer or mobile device, browser language, IP address, mobile carrier, phone number, unique device identifier, requested and referring URLs, the content individuals view on our Site or services, and the date and time of their access. Visitors may be able to disallow our use of certain location data through their device or browser settings.
Website tracking enables us to analyze Site use and to continuously optimize the website for visitors based thereon. Statistical tools are used for this purpose, such as to record how often a page has been opened.
1. Cookie Information
We and our service providers and contractors (collectively referred to as “service providers’) use cookies and other mechanisms to track information about use of our Site and services. We or our service providers may combine this information with other information we collect about a person.
Cookies. We or our service providers may use cookies to track visitor activity on our Site and services. A cookie is a text file that a website transfers to a device for record-keeping purposes. We or our service providers may use cookies to track user activities on our Site and services, such as the web pages they view and time they spend on those pages. The help section on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site and users of our services who disable cookies may not be able to browse certain areas of the Site or services. Clear GIFs, Pixel Tags and Other Technologies. Clear GIFs are tiny graphics with a unique identifier, similar in functionality to cookies, which are embedded invisibly on web pages. We or our service providers may use clear GIFs (also known as web beacons, web bugs, pixel tags, or action tags, among other names), in connection with our Site to perform functions like tracking the activities of visitors to our Site, helping us manage content, and compiling statistics about usage of our Site or services. We or our service providers may also use clear GIFs in emails to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Embedded Scripts. We use embedded scripts, which is code designed to collect information about how visitors interact with a website, such as the website which linked them to our Site.
Third-Party Analytics. We use service providers, such as Google Analytics, to evaluate the use of our Site and our services. We or our service providers use automated devices and applications to evaluate use of our Site and services. We or our service providers use these tools to help us improve our Site, services, performance, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons, to perform their services.
Our Site distinguishes between cookies that are strictly necessary for the technical functions (functional cookies) and cookies that are not strictly necessary for the technical functions (optional cookies). It is generally possible to use the website without activating optional cookies.
Functional cookies
- Functional cookies help make the Site usable by enabling basic functions such as page navigation and access to secure areas within the Site. The Site cannot function properly without these cookies.
- These cookies are deleted after the end of the user’s visit.
Website tracking (optional cookies)
- We track Site activity. The necessary cookies and tracking will only be activated if the user has given his/her consent beforehand. An exception to this is the cookie that stores the current status of your privacy settings (selection cookie). It is set due to legitimate interest.
2. Cookie Opt-Out
You can prevent cookies from being saved by changing the preferences of your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this Site to its full extent. Furthermore, you can prevent the data generated by the cookie and related to use of the Site (including your IP address) from being transmitted to Google and then processed by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=us.
3. Managing cookies and Website Tracking
You can manage cookie and tracking settings in their browser. If you want to disable all cookies, you must go to your browser settings and disable cookies. You should note that this may affect the functionality of this website.
Please note: The settings you make only relate to the browser that was used.
4. Third Party Collection
The following third parties collect personal information about you when you visit our website:
LinkedIn
LinkedIn Ads
Cloudflare (for security purposes)
Twitter
Vimeo
Google Analytics
Bootstrap
5. Control of Personal Information and Marketing Opt-Outs
BlueLabs is committed to providing individuals with access to their personal information. If a person believes that BlueLabs may be processing information about them and wish to have access to that information, we can provide them with that information or at least an explanation of why we cannot do so in the particular context, such as when only our client or vendor has the right to provide such access, or if responding to the request would be unreasonably expensive. As described above, much of the personal information that we analyze belongs to third parties, and BlueLabs does not have the right to provide anyone with access to that personal information, except as allowed by the third-party owner. Depending on the privacy policies of the third party that owns the personal information, a person may be able to review, modify, or request the removal of personal information by contacting that third party.
If a person sends us a request to review, modify, or remove their personal information, and that information is owned by a third party, we will let them know the appropriate third party to whom they should direct their inquiry.
If a person sends BlueLabs a written request to review their personal information, and that information is owned by BlueLabs, we will generally make available the information we collect from them for their review, so long as they provide sufficient detail to allow us to identify the personal information being sought and provide sufficient information in order for us to verify their identity before providing them with their personal information. If a person sends us a request to remove their personal information, and that information is owned by us, we will remove their information from our database, after verifying their identity. In addition, in the case of personal information owned by Blue Labs and collected by us or our vendors via telephone surveys, we comply with applicable legal requirements regarding appropriate use of information collected from persons registered with the National Do Not Call Registry.
Here are some other ways a person can control BlueLabs’ use of their personal information:
Opt Out of Promotional Email Communications. A person may opt out of promotional emails, including newsletters, that they receive directly from us by clicking on the unsubscribe link in the email. Please note that we are unable to remove individuals from third party e-mail lists. If a person previously added their contact information to the mailing list of one of our clients or partners, including vendors who conduct surveys on our behalf, and later withdraw their permission, they will have to contact that third party (or use an opt-out link provided in an email communication from that third party) to request removal from their mailing list.
Opt Out of Interest-Based Advertising. We may use third-party service providers, such as Google’s AdSense and AdWords, to help us provide advertisements that are tailored a person based on interests that they have expressed on our Site or elsewhere (“Interest-Based Ads”). Any advertisements served by these third-party service providers and their affiliated companies may be controlled using cookies. These cookies allow these providers to display ads based on a person’s visits to this Site. Any tracking done by these providers through cookies and other mechanisms is subject to their own privacy policies. Some browser settings allow individuals to limit or remove the Interest-Based Ads delivered to them.
Please note that even if a person opts out of receiving marketing communications from us, we may still send them communications about their account or any products or services they have purchased from us, and we will still respond to their inquiries and requests for information.
If you would like to exercise any of the foregoing rights, please contact us at privacy@bluelabs.com.
6. Employment Applicants, Employees, and Contractors
If you are an employment applicant or employee of BlueLabs, we collect information, including personal contact information, education and work history, as well as Social Security numbers, in order to process and consider user’s application. We will not sell personal information from employment applications or employees to unaffiliated third-parties for marketing purposes. The information on applications and employees may be shared with background check services, our affiliates, and used for certain regulatory, compliance, security, and legal purposes. We may de-identify and anonymize personal information and use such anonymous information for internal purposes, such as to review our hiring practices and talent acquisition efforts. Employees should review the Employee Privacy Notice to learn more about the personal information collection from there, as well as their consumer privacy rights.
2. OUR USE OF PERSONAL INFORMATION
Data science involves the use of complex analysis across large data sets to identify correlations and insights in the data. While we may help our clients identify desired audiences, the messages they convey to these audiences are their responsibility; our clients don’t speak for us and we don’t speak for our clients.
When we use personal information for our own purposes, we do so to improve our data science practices and our business; to maintain the accuracy of our information; to monitor and protect our business; to perform security screenings; to investigate, prevent, or take action relating to illegal activities or violations of our policies; and for other research, development, and analytical purposes.
We may use Non-Modeling Data in the following additional ways:
• to respond to inquiries;
• to contact individuals or, for example, to send them our newsletters or provide them with information about the Site or our services;
• to market our services;
• to track usage of the Site;
• to improve the Site;
• to help us better understand how users access and use the Site, and other administrative purposes;
• to help us better understand how users access and use the Site, and other administrative purposes;
• to display relevant advertising; or
• to comply with legal obligations; and/or
• where necessary, for the administration of our general business, payment, accounting, recordkeeping and legal functions.
BlueLabs is entitled to undertake all commercial operations and all measures that relate to its business objective, or which appear directly or indirectly conducive to it, as well as occasional advertising measures.
Whenever we use any third-party owned data, we rely on that third party to tell us how their own privacy policies limit our use of personal information, consistent with our contracts with that third party. These third parties are responsible for determining the privacy and protection of their information, and any inquiries about the use of personal information by a third party should be directed to it.
We will only use your personal information for the purposes for which we have collected it, unless we reasonably determine we need to use it for another reason and that reason is compatible with the original purpose. For example, we consider de-identification, aggregation, and other forms of anonymization of personal information to be compatible with the purposes listed above and in your interest, because the anonymization of such information reduces the likelihood of improper disclosure of that information.
If you wish to receive an explanation as to how the processing for a particular purpose is compatible with the original purpose, please contact us via the information specified in the Contact section below.
3. RETENTION
We will retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, whether we can achieve those purposes through other means, and the applicable legal requirements.
4. DISCLOSURE OF PERSONAL INFORMATION
Our services provide individual-level data insights to our clients, and so our services directly involve sharing personal information and insights gained from personal information with our clients. To the extent that we transfer personal information to a client that we obtained from sources other than that client, we ensure that the client enters into appropriate contractual covenants with us to provide the same level of protection of personal information that we provide, and to agree to the same limits on use and sharing of personal information that apply to our own use and sharing of personal information.
We may rely on third-party service providers to provide technologies or services for us in connection with our data science services or a person’s use of the Site, such as administration of services, communications and hosting services, advertising and media purchase services, network security, technical and customer support, tracking and reporting functions, quality assurance testing, and other functions. We may share information from or about a person with these third-party service providers so that they can perform their services. These third-party service providers may share information with us that they obtain from or about a person in connection with providing their services.
We may also share personal information in responding to requests from law enforcement officials, government bodies or judicial authorities, in addressing matters of personal or public safety, national security, litigation, investigations (including data security incident investigations), and other legal matters where the information is pertinent. In the event of a sale, transfer, or reorganization of BlueLabs, or of some of our assets or lines of business, or in the context of related business negotiations, we may also share personal information with the relevant parties. We also use personal information for historical, statistical, and business planning purposes.
We may also remove personally identifying information to create anonymous information that we may share with any third parties.
We will not rent or sell your personal information for monetary consideration, nor will we share it with third parties for their marketing purposes. If this policy changes in the future, we will notify you and allow you the opportunity to opt-in.
5. OTHER COOKIES AND SIMILAR DEVICES
Some of our service providers may use cookies, pixels, log files and other mechanisms to gather information about your use of our Site. You will need to view their Privacy Policies to determine the precise tracking devices they use.
6. DIRECT MARKETING
As noted, we may send periodic promotional emails to you, and where required by law, we will obtain your consent to do so. You may opt out of such communications at any time by following the opt-out instructions contained in the email or email us at privacy@bluelabs.com. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any services you have requested or received from us.
7. WEBSITE CONTENT ACCESSIBILITY
We strive to adhere to the Web Content Accessibility Guidelines for the visually impaired (such as screen readers, speech-recognition software, etc.). The Site text converts to sound for the visually impaired who uses assistive technology, and our videos have the capability to add captions for the hearing impaired.
8. THIRD PARTY LINKS AND WEBSITES
Our Site may contain links to other websites whose information practices may be different than ours. Visitors should consult the other website’s privacy notices as we have no control over information that is submitted to or collected by these third parties.
9. CO-SPONSORED EVENTS
BlueLabs posts information about programs and events that are sponsored by or co-sponsored by other firms or organizations. Should users choose to register electronically for any of these events or submit user’s information to these third parties, BlueLabs will have no control over the third-party sponsors’ use of this information, and this Privacy Policy will not apply.
10. OUR COMMITMENT TO SECURITY
We employ security measures to prevent unauthorized access to information that we collect online. However, we cannot guarantee the security of user’s personal information.
11. MINORS
We do not collect personal information from any person we know to be under the age of 13, and we will delete any personal information collected that we later know to be from a person under the age of 13. Our Site and services are not targeted to children under 13 years of age. If you believe a child under the age of 13 has disclosed personal information to us, please contact us at privacy@bluelabs.com and specify the customer and information you believe to be from the child under 13.
12. DATA METRICS
During 2022, we received no requests for information.
13. HOW TO CONTACT US
If you have any questions or concerns about the Privacy Policy or its implementation, you may contact us at 833-300-1924. If at any time you decide that we should no longer hold any of your personal information, or you wish to change the use to which any such information can be put, please let us know by emailing us at privacy@bluelabs.com.
14. REVISIONS TO THIS PRIVACY POLICY
We reserve the right to revise this Policy or any part of it from time to time. Please review the Policy periodically for changes. If we make material changes, we will endeavor to provide notice ahead of such changes, such as by email or through a notice on https://www.bluelabs.com.
BLUELABS BRITISH COLUMBIA PRIVACY ADDENDUM
Personal information that BlueLabs receives from residents of British Columbia, Canada, is subject to the provisions of British Columbia’s Personal Information Protection Act (“PIPA”) and may be subject to comparable provincial or federal privacy law in Canada. This section of our Privacy Policy (this “BC Privacy Policy”) describes additional privacy policies that govern how BlueLabs collects, uses, and discloses the personal information that is collected from residents of British Columbia.
As used in this BC Privacy Policy, “personal Information” means information about an identifiable individual, but does not include the name, position, name or title, business telephone number, business address, business e-mail or business fax number of the individual. It also does not include the work product information of the individual.
This BC Privacy Policy outlines the principles and practices BlueLabs will follow in order to protect personal information for residents of British Columbia. BlueLabs will ensure the accuracy, confidentiality and security of personal information, and will follow the legal requirements to allow individuals to request access to and correction of their personal information.
If you are not satisfied with the resolution proposed by BlueLabs, you will be advised as to the appropriate procedure to elevate your concern.
I. SCOPE
This BC Privacy Policy does not impose any limits on the collection, use or disclosure of personal information that:
• is covered by one of the exceptions in Sections 12, 15 and 18 of PIPA to collection, use and disclosure of personal information without consent; or
• was collected prior to January 1, 2004, where the personal information is used and disclosed in order to fulfill the same reasonable purposes for which it was collected.
This BC Privacy Policy does not apply to personal information if the Freedom of Information and Protection of Privacy Act applies or the federal Access to Information and Privacy Act applies to the personal information.
II. DEFINITIONS
As used in this BC Privacy Policy, the following terms have the following meanings:
“Collection” means the act of gathering, acquiring, or obtaining personal information from any source, including third parties, by any means.
“Consent” means voluntary agreement to the collection, use, or disclosure of personal information for reasonable purposes, which are made known to the individual. Consent can be express or implied. Express consent can be oral or given in writing but is always unequivocal. Implied consent is consent that can be reasonably inferred from the action or inaction of an individual.
“Disclosure” means making personal information available outside BlueLabs.
“Use” means the treatment, handling, management, and retention of personal information within BlueLabs.
“Personal information” means information about an identifiable individual, excluding the individual’s contact information or their work product information.
“Contact information” means information to enable an individual, at a place of business, to be contacted and includes the name, position, name, or title, business telephone number, business address, business e-mail, or business fax number of the individual.
“Work product information” means information prepared or collected by an individual or group of individuals as part of the individual’s or group’s responsibilities or activities related to the individual’s or group’s employment or business but does not include personal information about an individual who did not prepare or collect the personal information.
III. ACCOUNTABILITY
BlueLabs is accountable for the protection of the personal information under its control and has designated as its Privacy Officer, Jessica Jollie.
IV. COLLECTING PERSONAL INFORMATION
Unless the purposes for collecting the personal information are obvious, and a person voluntarily provides their personal information for that obvious purpose, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection. BlueLabs’ work empowers organizations to make the most of their outreach resources through individual-level, data-driven targeting and optimization.
During the course of carrying out this work with political entities, BlueLabs may collect personal information. We will only collect this information by fair and lawful means and where it is necessary to, fulfill the following purposes:
• We will collect personal information by telephone survey for the purposes of building analytic models to predict political and civic behavior.
V. CONSENT
BlueLabs will obtain consent to collect, use, or disclose personal information except whereas noted in this BC Privacy Policy, we are authorized or required to do so without consent.
Consent can be provided orally, in writing, or electronically, or it can be implied where the purpose for collecting, using or disclosing the personal information would be considered obvious to a reasonable person and a person voluntarily provides their personal information for that purpose.
Consent may also be implied where a person is given notice and a reasonable opportunity to opt out of their personal information being used or disclosed and they do not opt out.
Subject to the personal information being necessary to provide the service or product or where the withdrawal of consent would frustrate the performance of a legal obligation, a person can withhold or withdraw their consent from BlueLabs to use their personal information for particular purposes. If a person chooses to withdraw their consent to the collection, use, and disclosure of their personal information, BlueLabs will advise them of the consequences of the withdrawal.
VI. USING AND DISCLOSING PERSONAL INFORMATION
BlueLabs will only use or disclose personal information where it is necessary to fulfill the purposes for which it was collected, or for a purpose reasonably related to those purposes.
BlueLabs may disclose personal information where required or authorized by law, without consent.
To the extent that we enter into contracts or other arrangements with third parties, which involve the transfer of personal information, we will ensure that the third party enters into appropriate covenants with us to provide the same level of protection over personal information that BlueLabs provides.
In some cases, BlueLabs may seek consent for the use and disclosure of personal information after it has been collected, but before it is used or disclosed, for example, where BlueLabs wants to use personal information for a purpose not previously identified to that person.
BlueLabs does not, as a condition of supplying products or services, require individuals to consent to collection, use, or disclosure of personal information beyond what is necessary to provide the product or service.
BlueLabs does not attempt to obtain consent for collecting, using, or disclosing personal information by providing false or misleading information regarding the purposes for the collection, use, or disclosure of personal information or by using deceptive or misleading practices. BlueLabs will not sell, rent, or lease personal information to third parties unless we have obtained a person’s explicit consent to do so.
VII. RETAINING PERSONAL INFORMATION
If BlueLabs uses personal information to make a decision that directly affects a person, BlueLabs will retain that personal information for at least one year, so that they have a reasonable opportunity to request access to it.
Subject to the above, BlueLabs will retain personal information only as long as necessary to fulfill the identified purposes, or to fulfill a legal or business purpose.
VIII. ENSURING ACCURACY OF PERSONAL INFORMATION
BlueLabs will make reasonable efforts to ensure that personal information is accurate and complete if it will likely use it to make a decision that directly affects that person, or if BlueLabs is likely to disclose it to another organization.
BlueLabs will not routinely update personal information. To the extent that a person believes that the personal information they provided to BlueLabs may no longer be accurate or complete, they may advise BlueLabs to update its records. A request to update personal information must be made in writing, by phone or email, and provide sufficient detail to identify the personal information and the correction being sought. Requests to update or correct personal information should be forwarded to BlueLabs at privacy@bluelabs.com.
If a person successfully demonstrates to BlueLabs that their personal information is inaccurate or incomplete, BlueLabs will correct the personal information as required.
IX. SECURING PERSONAL INFORMATION
See the “Data Security” section above in our overall Privacy Policy for data security policies that apply also to personal information collected from residents of British Columbia.
From time to time, personal information may be disclosed outside of Canada, where it may be subject to the lawful access requirements of the jurisdiction.
X. PROVIDING ACCESS TO PERSONAL INFORMATION
Individuals have a right to access the personal information that is held by BlueLabs. This right is subject to exceptions which are set out in PIPA.
In order to obtain access to personal information, a person must make a written request that provides sufficient detail to allow BlueLabs to identify the personal information being sought.
Individuals may be required to provide sufficient personal information to identify themselves in order to enable BlueLabs to verify their identity before providing their personal information. They may also be asked more specific questions about the type and amount of personal information that they are seeking.
BlueLabs will make the information available within 30 working days. If BlueLabs is seeking an extension in order to respond to a request, BlueLabs will provide written notice of the extension.
In responding to a person’s access request, BlueLabs will provide them their personal information that is under its control, information about the ways in which the personal information has been and is being used by BlueLabs, and the names of the individuals and organizations to whom the personal information has been disclosed by BlueLabs.
If BlueLabs refuses in whole or in part to provide a person access to their personal information, we will notify them in writing. The notification will include providing them the reasons for the refusal, in particular, the exceptions in PIPA upon which we are relying, and will advise them of any recourse which is available to them as a result of BlueLabs’ refusal.
BLUELABS CALIFORNIA PRIVACY ADDENDUM
The California Consumer Privacy Act of 2018 (“CCPA”), effective January 1, 2020, provides certain California residents with the additional rights. We reserve the right to update this Addendum at our discretion in response to CCPA legal developments.
Your Additional Rights Under The CCPA
Policy Date. This policy in its entirety was last updated on December 31, 2022.
Personal Information. As used in this Addendum, “personal information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household; it does not include publicly available information made lawfully available by state or federal governments or de-identified information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked directly or indirectly to a particular individual.
Right to Know and Access. You have the right to know and access the following personal information, obtained or handled by us in the 12 months prior to your request:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- The business or commercial purpose for collecting your personal information;
- The categories of third parties with whom we have shared your personal information;
- The specific pieces of personal information we have collected about you, if you so request; and
- Whether we sell your personal information to third parties for their own direct marketing purposes.
Greater details of the each of the foregoing categories are set forth in our Privacy Policy, which is incorporated here by reference in its entirety.
Your rights to know and access are free and may be requested up to twice a year.
Right to Correction. You have the right to correct any inaccurate personal information in our records, and to have us direct our service providers, contractors and third parties to correct any inaccurate personal information from their records.
In determining the accuracy of the personal information that is the subject of your request to correct, we shall consider the totality of the circumstances relating to the contested personal information. We may deny your request to correct if we determine that the contested personal information is more likely than not accurate based on the totality of the circumstances.
Right to Delete. You have the right to request that we delete the personal information we have collected from you (and direct our service providers to do the same). There are a number of exceptions, however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:
- Complete your transaction;
- Provide you a good or service;
- Perform a contract between us and you;
- Protect your security and prosecute those responsible for breaching it;
- Fix our system in the case of a bug;
- Protect the free speech rights of you or other users;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;
- Comply with a legal obligation; or
- Make other internal and lawful uses of the information that are compatible with the context in which you provided it.
If we are unable to delete the information you have requested to be deleted, we will provide you with the basis of our denial of your request.
If we delete information you have requested be deleted, we may keep a record of your request for up to two years.
Right to Opt-Out of Sale or Sharing. You have the right to opt-out of the sale or sharing of your personal information to any outside party. We currently do not sell your information to any outside party for monetary consideration and will notify you through our Privacy Policy if this policy changes. You may use this form to exercise your right opt-out right.
Right to Limit Use and Disclosure of Your Sensitive Personal Information. We do not collect sensitive personal information. If we did, you would have the right to limit our use of your “sensitive” personal information to that which is necessary to provide our goods and services to you.
Right to Non-Discrimination. You have the right not to receive discriminatory treatment for your exercise of any of the privacy rights conferred by the CCPA.
Right to Opt-Out by Using Opt-Out Preference Signals. We will process any opt-out preference signal that (a) is in a format commonly used and recognized by businesses (for example, in an HTTP header field) and (b) is sent from a platform, technology, or mechanism that makes it clear to the consumer, whether in its configuration or in disclosures to the public, that the use of the signal is meant to have the effect of opting the consumer out of the sale and sharing of their personal information (“Opt-Out Preference Signal”). We shall treat the Opt-Out Preference Signal as a valid request to opt-out of the sale or sharing of personal information for your browser or device, and, if known, for you.
If the opt-out preference signal conflicts with other privacy settings that you have submitted to us, we will process the opt-out preference signal but may notify you of the conflict and provide you with the opportunity to consent to the sale or sharing of your personal information.
If the Opt-Out Preference Signal conflicts with your participation in a financial incentive program, we may notify you of the conflict and request your affirmation that you intend to withdraw from the financial incentive program. If you affirm your intent to withdraw we shall process the Opt-Out Preference Signal. If you do not affirm your intent to withdraw, we will not process the Opt-Out Preference Signal.
Exercising Your California Privacy Rights. To request access to or deletion of your personal information, or to exercise any other data rights under California law, please contact us using one of the following methods:
Telephone: You may call us, toll-free, at 202-580-8885.
Website: You may visit our privacy homepage to authenticate and exercise rights via our website, www.bluelabs.com/privacy-policy/.
Email Webform: You may use this form.
If you are only requesting access to your information, you need only make the request through our website. If you are requesting deletion of your information, you may make your request through any of the above methods.
The Steps We Take to Verify Your Request. All of these rights are subject to strict verification requirements. We will take reasonable steps to verify your request. These steps include verifying your identity. In order for us to do so, you must provide the following information: date of birth, email address, mailing/physical address, and full legal name, along with why you are writing. If we cannot reasonably verify your request, we will be unable to provide the information you have requested.
Authorized Agent. If you have caused an authorized agent to make your request, please provide the following information: first and last name of the agent, physical address of the agent, email address of the agent, and a statement granting the agent the authority, along with why you are writing.
Response Timing and Format. We aim to confirm our receipt of your request for access, correction or deletion within 10 business days. If you have requested access, correction or deletion, we will provide you with requested information, to the extent specified above, correct the requested information, or delete what you have requested to be deleted, to the extent specified above, within 45 days of receiving your request. If we require more time, we will inform you of the reason and extension period in writing. If you have requested to be opted out of the selling and sharing of your personal information, we will do so within 15 business days of your request.
Not Covered by This Addendum
This Addendum does not address or apply to:
- Personal information that is exempt under Section 1798.145 of the CCPA,
- Personal information we collect about employees, contractors, job applicants, officers, directors or medical providers of our company, (employees should refer to the Employee Privacy Notice), or
Individuals who are not permanent California residents. Right of Children to Opt-In to the Sale of Personal Information.
We do not knowingly collect or sell the personal information of minors under 16 years of age without affirmative authorization. For minors who wish to opt-in to the sale of their personal information, we have established the following processes:
Minors between 13 and 16 years of age:
In the case of consumers between 13 and 16 years of age, we require the consumer to affirmatively authorize the sale of the consumer’s personal information. In order to opt-in minors in this age range, as part of the account registration process for our products which may be targeted toward minors, we require the consumer or consumer’s parent or guardian to verify the consumer’s identity by providing at least two data points with data points maintained by the business, which we have determined to be reliable for the purpose of verifying the consumer.
Minors under 13 years of age:
In the case of consumers who are less than 13 years of age, we require the consumer’s parent to affirmatively authorize the sale of the consumer’s personal information. In order to opt-in minors in this age range, as part of the account registration process for our products which may be targeted toward minors, we require that the consumer’s parent or guardian verify the consumer’s identity, which we have determined to be reliable for the purpose of verifying the consumer.
We reserve the right to require additional information or not complete your request if we cannot verify your identity. If you are a parent or guardian seeking to opt-out on behalf of their child, please contact us at 833-300-1924 or email us at privacy@bluelabs.com with the subject “Minor Opt-Out.”
Links to Third Party Websites. Our Platform may contain links to third-party websites. Those websites may have privacy policies that differ from ours. We are not responsible for those websites, and we recommend that you review their policies. Please contact those websites directly if you have any questions about their privacy policies.
Changes to This Privacy Policy. We may update this policy from time to time as our Platform changes and privacy law evolves. If we update it, we will do so online, and if we make material changes, we will let you know through the Platform or by some other method of communication like email. When you use our services you are agreeing to the most recent terms of this policy.
Contact Us. If you have any questions or concerns about your privacy or anything in this policy, including if you need to access this policy in an alternative format, we encourage you to contact us at privacy@bluelabs.com.
Policy Date. This policy was last updated on December 31, 2022.