- The Types of Information We Collect
When you visit and browse the Sites, you may provide us with information, and we will collect certain information automatically.
- Information You Provide to Us
In order to access certain services provided via the Sites or to request certain information from First Breach via the Sites, you will be required to provide certain personal information. This includes your name, postal address, e-mail address, telephone number, date of birth, social security number, driver’s license number, passport or other government identification number, or other information about yourself. If you choose to not provide us with information, you might not be able to gain access to certain information and services on the Sites, which rely on such information.
- Information We Collect Automatically
We also collect certain information about you automatically. For example, when you visit the Sites, we collect your IP address, your geolocation, your browser type, your operating system, the pages you view on the Sites, the duration of your visit, the pages you view immediately before and after you access the Sites, and the search terms you enter on the Sites. We collect this information using cookies, web beacons, and similar technological tools, as discussed below.
Cookies. Cookies are small files that a website sends to your computer or device while you are viewing the website, or other technical methods to track visitor usage, including web beacons, which are small pieces of data that are embedded in images on the pages of a website.
You may be able to have your browser warn you when a cookie is sent, and you may be able to turn off all cookies. You can do this through your web browser settings. Each browser is different, so look at your browser Help menu to learn the correct way to modify your cookie settings. If you turn cookies off, you won’t have access to many features that may improve your browsing, like the features mentioned above, and some of our services may not function properly.
Web beacons. We, along with our third-party partners, may use technologies called Web beacons that communicate information from your Internet browser to a web server. Web beacons can be embedded in web pages, videos, or emails, and can allow a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the Web beacon, the IP address of your computer, and the URL of the web page from which the Web beacon was viewed. We and our partners use Web beacons for a variety of purposes, including analyzing the use of the Services and in conjunction with cookies to provide content and ads that are more relevant to you.
Other local storage. We, along with third-party partners, may use other kinds of local storage, such as Local Shared Objects (sometimes referred to as “Flash cookies”) and HTML5 local storage in connection with the Sites. These technologies are similar to the cookies discussed above in that they are stored on your computer and can be used to store certain Usage Data about your activities and preferences. However, these objects are stored in different parts of your computer from ordinary browser cookies. Many Internet browsers allow you to disable HTML5 local storage or delete information contained in HTML5 local storage using browser controls.
Other technical methods may involve HTML e-mails that we send visitors to the Sites to determine whether such visitors have opened those e-mails and/or clicked on links in those e-mails.
If you communicate with our employees and other staff members via email, telephone, or other electronic channels, our information technology systems record details of those communications, sometimes including their content, for compliance and record-keeping purposes.
- Additional Information Collection Practices
The Sites may contain links to websites operated by third-parties, and your personal information may be collected by those third-parties when you use their websites.
Should you choose to visit these third-party sites, you should review their privacy policies to ensure you understand and are comfortable with their practices concerning your information. We do not accept, and do disclaim, any responsibility for the privacy policies and information collection, use, and sharing practices of any third-party website (whether or not such site is linked on or to the Sites). These links are provided to you for convenience purposes only, and you access them at your own risk.
Some of our third-party partners may ask you to provide personal information on their websites and may share such personal information with us, as governed by their respective privacy policies.
We will link the information that we collect automatically with the information you provide us, and we will combine the information we collect online with information we collect offline or that is collected by third-parties.
- A. How We Use the Information We Collect
We use information we collect about you primarily to: provide services to you in accordance with any contract with you, communicate with you, and manage and improve our services for you, as permitted by applicable laws. We do not sell your personal information.
We use your personal information to:
- respond to your requests for forms, literature, or information, on the basis that it is in our business interests to respond to your requests, and you have requested that we do this;
- manage and administer customer services.
- improve the Sites and learn about how visitors use the Sites. This is necessary for us to improve the services we offer through the Sites, and benefits you as it helps us make the Sites more usable and appealing;
- comply with legal obligations; and
- protect our rights, your rights, and the rights of others, as this may be necessary to meet our own high standards of business practice.
We may use information for any purpose if the information does not identify you and cannot be combined with other information accessible to us to identify you. For example, we may prepare aggregated reports about how visitors tend to interact with the Sites for research about the use of the Sites and how the Sites could be improved, from which your interactions with the Sites cannot be singled out.
- How We Share the Information We Collect
- Service Providers
Sometimes we engage companies that act on our behalf in association with the operation of the Sites. For example, such companies may deliver products or services, improve the functionality of the Sites, collect information about you, communicate with you, or store information for us. They may be involved in providing payment processing, shipping, web analytics, data processing, advertising or email distribution, or administering sweepstakes, contests and other promotions that may require registration and other services. In some cases, these companies may need to access information about you. Service providers may only use the information we provide them for the purpose of carrying out their service and may not otherwise use or share your information.
- Analytics Providers
- Additional Sharing Practices
We may share information about you with third-parties when you engage in certain activities on the Sites that are sponsored by third-parties. For example, you may choose to purchase products or services offered by a third-party or elect to receive information or communications from a third-party. When you engage in such third-party offerings, we may share information (e.g., your e-mail address) with third-parties in association with the offerings. We disclose this information to third-parties for the purposes and on the basis described above (see Section 4).
In addition, from time to time, we partner with other organizations or companies to provide co-sponsored or co-branded promotions, services, or events, and we will share your information with our co-sponsor(s) and partners to the extent necessary for the partnership to function. Your information will not be shared with any third-party for a co-sponsored or co-branded promotion, service or event unless you expressly signup for or otherwise register for the co-sponsored or co-branded event.
- Additional Sharing Practices
From time to time we may share your information with our affiliates and subsidiaries, or with our attorneys, banks, auditors, and other service providers in connection with the purposes described above (see Section 4).
We may disclose information when we believe in good faith that such disclosures:
- are required by law, including, for example, to comply with a court order or subpoena, or in response to a law enforcement agency’s request;
- will support our detection, prevention, or response to fraud or intellectual property infringement;
- will help protect your safety or security, including the safety and security of property that belongs to you; and
- will protect the safety and security of the Sites, databases, and/or third-parties, including the safety and security of tangible and/or intangible property that belongs to us or to third-parties.
We may also share information about you to the extent reasonably necessary to proceed with the consideration, negotiation, or completion of a merger, reorganization, or acquisition of our business, or a sale, liquidation, or transfer of some or all of our assets.
The above-described disclosures are provided on the basis that they are either necessary to comply with our legal obligations or they are necessary to meet our legitimate interests in managing our business efficiently and for developing future business.
Additionally, we reserve the right to share with third-parties information that does not identify you (and cannot be combined with other information accessible to us to identify you) for any purpose.
- The Security Measures We Take to Safeguard Information
We take seriously our responsibility to protect the information we collect or receive. We have implemented commercially reasonable technical, administrative, and physical security measures to protect the information that we collect or receive. From time to time, we review and consider updates for our security procedures. Please be aware that, despite our ongoing efforts, no security measures are perfect or impenetrable.
- Children’s Information
The Sites are intended for use by those over 18. Minors under the age of 16 may not use the Sites.
We do not knowingly solicit or collect personal information on the Sites from children under the age of 16. If we learn that, despite these measures, a child under the age of 16 has submitted personally identifiable information to us through the Site, we will take reasonable measures to delete such information from our records and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required by law).
- Do Not Track
Your browser and other mechanisms may have a “do-not-track” setting that sends signals to websites with the technology to receive them, to express your preferences regarding online tracking. We do not currently have the technology to respond to such signals. Third-parties, such as our analytics providers, may collect data that relates to you on the Sites, across time, and over other websites. We cannot control third-parties’ responses to do-not-track signals or other such mechanisms. Third-parties’ use of data relating to you and responsiveness to do-not-track signals is governed by their respective privacy policies.
- California Privacy Rights
If you are a California resident, you have the right to request information from us regarding the manner in which we share with third-parties certain categories of information that identifies you for the third-parties’ direct marketing purposes and the identities of the third parties with whom that information is shared. If you wish to exercise those rights, please email us at firstname.lastname@example.org.
Beginning January 1, 2020, California residents may exercise certain privacy rights pursuant to the California Consumer Privacy Act of 2018. Your right to submit certain requests as a California resident are described below. Please note that when submitting a request, you will be asked to provide information to verify your identity before action is taken. You may designate an authorized agent to make the requests below on your behalf. An authorized agent must submit proof to us that he or she has been authorized by you to act on your behalf, and you will need to verify your identity directly with the Company.
Right To Request More Information
If you are a California resident, you have the right to request more information regarding the following, to the extent applicable:
- The categories of personal information we have collected about you.
- The categories of sources from which we have collected your personal information.
- The business or commercial purpose why we collected or, if applicable, sold your personal information.
- The categories of third parties with whom we shared your personal information in the past 12 months.
- The specific pieces of personal information we have collected about you.
- The categories of personal information that we have shared with third parties about you for a business purpose.
- If applicable, the categories of personal information that we sold about you and the categories of third parties who received your personal information in the sale.
You may submit a request for the information above by contacting us email@example.com. In connection with submission of your request, we may take steps to verify your identity as outlined, and you will need to verify your identity before action is taken.
Right To Request Deletion Of Your Personal Information
You also have the right to request that we delete your personal information collected or maintained by us. Once we receive your request, we will let you know what, if any, personal information we can delete from our records, and we will direct any service providers with whom we shared your personal information to also delete your personal information from their records. There may be circumstances where we cannot delete your personal information or direct service providers to delete your personal information from their records. For example, if we need to: (1) retain your personal information to complete a transaction or provide goods or services; (2) detect security incidents; (3) protect against unlawful activities; (4) identify, debug or repair errors; or (5) comply with a legal obligation. You may submit a request to delete your personal information by emailing us at firstname.lastname@example.org. You will need to verify your identity before action is taken.
Verification of Requests
Upon submission of a request for information or a request to delete information, we will take reasonable steps to confirm that the person submitting the request to know or request to delete is the person to whom the information relates, and to prevent unauthorized access or deletion of information. The specific steps taken to verify the identity of the requesting person may vary based on the nature of the request, including the type, sensitivity and value of the information requested, the risk of harm posed by unauthorized access or deletion, the likelihood that fraudulent or malicious actors may seek the information, the robustness of personal information provided to verify your identity, the nature of our business relationship with you, and available technology for verification.
We will generally try to avoid requesting additional information from you for the purpose of verification, we may need to do so if we cannot verify your identity based on the information already maintained by us. If we request additional information to verify your identity, it will be for that purpose only, and will be deleted as soon as practical after processing the request, except as otherwise provided by law. We are not obligated to provide information if we are not able to verify that you are the consumer about whom the information is requested.
The following generally describes the verification processes we use:
- For requests to delete personal information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the personal information and the risk of harm posed by unauthorized deletion. We will act in good faith when determining the appropriate standard to apply.
If there is no reasonable method by which we can verify your identity, we will state so in response to a request to know or delete personal information, including an explanation of why we have no reasonable method to verify your identity.
Right to Non-Discrimination for the Exercise of California Resident’s Privacy Rights
By exercising any of the above listed privacy rights conferred by the California Consumer Privacy Act of 2018, you have the right not to receive discriminatory treatment by us. This means that, consistent with California law, we will not deny providing goods or services to you, charge you different prices or provide a different level or quality of goods and services to you unless those differences are related to the value of your information.
- Your Choices and Rights
If you no longer wish to receive marketing materials from us, you can let us know by contacting us at email@example.com. Subject to local law, you may have certain additional rights regarding your personal information. These may include the following rights to: access your personal information; rectify the information we hold about you; erase your personal information; restrict our use of your personal information; object to our use of your personal information (as described above); receive your personal information in a usable electronic format and transmit it to a third-party (also known as the right of data portability); and lodge a complaint with your local data protection authority, and withdraw any consent you have given to uses of your personal information. If you would like to discuss or exercise the rights you may have, feel free to contact us at firstname.lastname@example.org.
- Where is Information Processed?
We process information collected via the Sites in and subject to the laws of the United States, which may not provide the same level protection for your information as your home country. The information may be available to the United States government or its agencies under a lawful order made in the United States. In addition, we may transfer your information outside the United States to our affiliates, business partners, and service providers located in other countries.
In some cases, your personal information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union or other applicable laws. However, we have put in place appropriate safeguards (such as standard contractual clauses approved by the European Commission) in accordance with applicable legal requirements to ensure that your data is adequately protected.
- How Long is Information Retained?
We retain your personal information for as long as we have a relationship with you and for a period after our relationship with you has ended. When deciding how long to keep your personal information after our relationship with you has ended, we take into account how long we need to retain the information to fulfill the purposes described above and to comply with our legal obligations. We may also retain personal information to investigate or defend against potential legal claims in accordance with the limitation periods of jurisdictions where legal action may be brought.
- How to Contact Us
If you have any questions regarding this policy or our privacy or data protection practices, please feel free to contact us at email@example.com.
Last Updated: July 2, 2021