Privacy Policy

Last Updated      02 June 2021

1. We respect your privacy

1.1 Paperform ("we" or "us") respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This Policy sets out how we collect, use, transfer and otherwise treat your personal information. Your personal information may be collected via the Paperform website (the "Website"), custom forms built by our customers through our Website, or may be provided to us by third parties. By visiting and using our Website, you acknowledge and agree to the practices described in this Privacy Policy.

1.2 For the purposes of this Privacy Policy, "personal information" is defined as information or data that Paperform has in its records which allows you as an individual to be identified directly or indirectly and “Services” refers to use of our Website by our customers to build custom forms with a range of features including taking payments, booking and scheduling functionality, custom emails, integrations and more.

1.3 This Privacy Policy describes the following general aspects of our collection and processing of personal information concerning you:

1. We respect your privacy
2. How we collect and use your personal information
3. How we use automated decision making
4. Children's information
5. Disclosure of your personal information
6. International transfer of your information
7. Security of your personal information
8. How long we retain your personal information
9. Your rights in respect of your personal information
10. Complaints about privacy and how to contact us
11. Changes to this Privacy Policy
12. Technology used in collecting personal information
13. Third party sites 
14. Technology used in collecting personal information
15. Third party sites

2. How we collect and use your personal data

2.1 Paperform is used by "Visitors", "Customers" and "Respondents." For the purpose of this Privacy Policy, Visitors are any persons who visit our Website, Customers are persons that create forms and Respondents are persons who answer or respond to those forms. In relation to the personal information of Customers, Paperform may act as a data controller or processor for the purposes of the GDPR, depending on the nature of their engagement with you. If your information is provided to us on behalf of another business, we are acting as a processor for that business (which is a controller). However, if we determine the means and purposes of processing of that personal information we will be acting as a controller. Where we process the personal information of Respondents, Paperform mostly acts as a data processor for the purposes of the GDPR, as we only process that personal information on behalf of the Customer and as instructed by the Customer, unless otherwise described herein.

For the purposes of the GDPR, you acknowledge that by providing your personal information to us, either as a Visitor, Customer or as a Respondent, that the collection of such personal information takes place outside the European Economic Area ("EEA") and that it is necessary for the provision of the Services to Process such personal information outside the EEA and that such personal information may then be stored on servers in the United States. In relation to the collection of such personal information you acknowledge that both these scenarios do not constitute a "transfer" of personal information from within the EEA to outside the EEA by us.

Paperform will, from time to time, receive and store personal information entered onto our Website, provided to us directly or given to us in other forms. We may also collect information you provide while interacting with us. Paperform collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our website and when we provide our services to you. We may also receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.

2.2 Visitors

We may process personal information from Visitors on the basis of fulfilling our legitimate interests of improving and developing the quality of our products and services. Under this basis, we may collect such personal information from Visitors, including the following:

(a) Usage data about the Visitors whenever the Visitors interacts with Paperform's Website.

(b) Data from the device and application the Visitor uses to access Paperform's Website, such as Visitor's IP address, browser type and operating system.

(c) Information about the source that referred the Visitor to the Website such as a link on a website or in an e-mail.

(d) Aggregated and other pseudonymous data about Visitors through the use of cookies, page tags and other tracking services.

On the basis of fulfilling our legitimate interests in being able to respond to your questions, we may process such personal information as your name, email address, and/or other contact information. If we did not process your personal information in this manner, we would be unable to receive or provide answers to your questions.

2.3 Customers

On the basis of fulfilling our contract with you, or the preparatory steps in relation to such contract, we may process such personal information as your name, phone number, address, email address, and/or financial or credit card information to enable us to send information, provide updates and process your product or service order. If we did not process your personal information in this manner, we would be unable to provide you with our products and services.

On the basis of fulfilling our legitimate interests in the proper delivery of our products, services and communications to you as well as developing and growing our business, we process personal information in the following manner:

We may request the collection of: feedback pertaining to your experience with Paperform's Services and/or Website, information about the purpose for which you use our services, content changes or email preferences, or communications with our customer support.

On the basis that you have provided your consent to have your personal information processed, we process your personal information in order to:

send you promotional, advertising and other marketing materials or communications including newsletters, surveys and/or promotions.

You may revoke your consent at any time by contacting us, as provided below. Revoking your consent will prevent us from processing your information for the purposes in which we sought consent, but will not affect any other processing of information or the other services we provide to you. Revoking your consent will also not affect the lawfulness of our processing of your personal information for the period before you withdrew your consent, however it may mean that we are unable to provide you with our Services.

2.4 Respondents

Respondents, when completing a form, may divulge personal information or data. Paperform is not responsible for the content of the Customer's form, and all processing of Respondents' personal information will be subject to the Customer's own privacy policy.

The Customer is responsible for and manages the processing of data collected from the forms it creates and all Respondents and/or Customers who divulge personal information of third parties are solely responsible for obtaining the consent (if required) and notifying such third parties before divulging their personal information to us. Please contact the Customer directly if you have any questions about the form created by the Customer or the Customer's privacy policy.

While we process personal information on behalf of the Customer, we may still gather certain types of information on Respondents in order to provide our Services. The information we collect includes:

  • the information Respondent enters into a form, before the Respondent completes or submits the form in order to prevent the inadvertent loss of Respondent's response; and
  • Respondent's e-mail address if the Customer provides it to us to send the Respondent an invitation to complete a form by e-mail.

If we did not process Respondent's information in this manner, we could not provide these features.

We collect and store this information from Respondents to fulfill both our contract with the Consumer and our legitimate business interests in the proper delivery of our products and Services.

We may also process additional personal information from Respondents on the basis of fulfilling our legitimate interests of improving and developing the quality of our products and Services, and better understanding your needs in an effort to provide our clients with the highest level of services. Under this basis, we may collect such additional personal information from Respondents, including the following:

(a) Usage data about the Respondent whenever the Respondent interacts with Paperform's Services.

(b) Data from the device and application the Respondent uses to access Paperform's Services, such as Respondent's IP address, browser type and operating system.

(c) Information about the source that referred the Respondent to Paperform such as a link on a website or in an e-mail.

(d) Aggregated and other pseudonymous data about Respondents through the use of cookies, page tags and other tracking services.

2.5 Generally

We may process personal information on the basis of our legitimate interest to protect our organization and our customers from cyber threats and fraud in the following manner:

Pursuant to Recital (49) of the GDPR, organizations have a recognized legitimate interest in collecting and processing personal information to the extent strictly necessary and proportionate for the purposes of ensuring network and information security. According to said Recital (49), network and information security means the ability of a network or of an information system to resist events, attacks or unlawful or malicious actions that could compromise the availability, authenticity, integrity and confidentiality of stored or transmitted data, or the security of the related services offered by, or accessible via those networks and systems. Therefore, we process your personal information to the extent necessary and proportionate for the purposes of detecting, blocking, reporting and mitigating cyber-threats.

On the basis of fulfilling our legal requirements:

We may use personal information in order to comply with or respond to a request or requirement pursuant to law, regulation, or from a governmental or judicial body, or to help prevent fraud or for risk management purposes.

We may also use personal information collected for other legal purposes such as to protect our copyright, trademarks, legal rights, property or safety of Paperform, our Website, our Services, our customers or third parties.

We may process personal information on the basis of our legitimate interest of reorganizing or making changes to our business in the following manner:

In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organization, we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or re-organization. We may also need to transfer your personal information to that re-organized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this policy.

3. How we use automated decision making

We do not utilize any automated decision making.

4. Children's information

This Website is not directed to nor is it intended for any individuals under the age of 18, EU individuals under the age of 16 or US individuals under the age of 13 (each individually a "Child" or collectively "Children") and we do not knowingly solicit or collect information from Children. If you are a Child, do not use or provide any information on this Website. If we learn we have collected or received personal information from a Child, we will delete that information. If you believe we might have any information from or about a Child, please contact us as provided below.

5. Disclosure of your personal information

5.1 Paperform may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers, analytics and email service providers or subcontractors insofar as reasonably necessary to perform the tasks we request of them and they are not authorized by us to use or disclose your information except as necessary to perform services on our behalf or to comply with legal requirements. Personal information is supplied to a third party when it is required for the delivery of our services.

These third parties are included below with a link to their privacy policies:

Certain service providers will use the personal information we provide them to determine your social media account information and ascertain your approximate geographic location. Some of your personal information may be used for marketing purposes, including being shared with advertising platforms for the purposes of identifying current or potential Customers.

We have contracts in place holding these companies to the same standards of confidentiality by which we are governed.

5.2 Paperform may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.

5.3 Paperform may also disclose your personal information to third-parties when necessary to protect the copyright, trademarks, legal rights, property or safety of Paperform, our Website, our Services, our customers or third parties.

5.4 If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to disclose to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases based on our legitimate business interests, as discussed above. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.

5.5 By providing us with personal information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this Privacy Policy.

6. International transfer of your information

6.1 Paperform is domiciled in the United States and therefore, your personal information may be accessed by staff or other persons in, transferred to, and/or stored at, countries located outside the EEA in which data protection laws may be of a lower standard than in the EEA. Furthermore, information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of the United States of America. These countries may include, but are not limited to Australia, Singapore, and the United States of America. When you create a form or submit information on a form you consent to such transfer of information to these locations.

6.2 Where we transfer personal information from inside the EEA to outside the EEA, we may be required to take specific additional measures to safeguard the relevant personal information. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries which have not had these approvals (see the full list here, we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.

7. Security of your personal data

7.1 Paperform is committed to ensuring that the information you provide to us is secure and will implement technical and organizational measures to do so. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorized access, modification and disclosure.

7.2 The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us, over the Internet. Once we have received your personal information, we will take measures to safeguard against unauthorized disclosures of information.

8. How long we retain your personal information

8.1 Paperform will not hold your personal information for any longer than is necessary for the purposes for which it was obtained, unless it is otherwise necessary to hold your personal information to meet our legal requirements, as discussed above. For example, we may retain certain personal information to comply with regulatory requirements regarding the retention of such data. We shall periodically review and delete/erase personal information that we hold.

9. Your rights in respect of your personal information

9.1 Rights of Access and Rectification: Subject to certain exceptions, you may request details of your personal information held by Paperform in accordance with the provisions of the Privacy Act 1988 (Cth) Paperform has the right to request the payment of a small administrative fee for the provision of information.

9.2 To the extent that you are based in the EEA, you may also enjoy certain rights under the GDPR including the right to:

  • ask us to provide you with information regarding the personal information we process concerning you;
  • rectify, update or complete inaccurate or incomplete personal information concerning you;
  • delete or request the erasure of personal information concerning you that we no longer have a lawful ground to use;
  • in certain circumstances, require us to restrict the way in which we process your personal information;
  • withdraw any consent you may have given for us to process personal information concerning you;
  • object to our processing of personal information concerning you on the basis of our, or of third-parties', legitimate interests;
  • obtain a copy of the personal information that you have provided to us.

If you would like a copy of your personal information stored within Paperform's system or you believe that the personal information we have on record for you is inaccurate, out of date, incomplete, irrelevant or misleading, please e-mail

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g., the prevention or detection of crime) and our interests (e.g., the maintenance of legal privilege). Where your exercise of any of the rights above is dependent on our action, we will abide by our legal obligation to take reasonable measures to ascertain your identity and the legitimacy of your request, and may ask you to disclose to us any information necessary for that purpose. We will respond to legitimate requests usually within a month of our receipt of the request.

9.3 Pursuant to any such requests, we may retain certain data necessary to prevent fraud or future abuse or as otherwise required or permitted by law, including to comply with legal obligations we are subject to, as well as to establish, exercise and defend our legal claims.

9.4. We will use reasonable means to ensure that the personal information you provided us remains accurate. You can review and change your personal information by logging into the Website and visiting your Account Details page. In order to assist us in maintaining the accuracy of your personal information, you should notify us of any changes to the personal information you have provided to us.

9.5 Paperform reserves the right to refuse to provide you with your personal information stored within Paperform's system, or to accede to your data protection rights under the GDPR in certain circumstances set out in the Privacy Act and the GDPR.

10. Business Transitions

In the event we go through a business transition, including without limitation any merger, acquisition, partnership, business reorganization, debt finance, or sale of association assets, or in the event of an insolvency, bankruptcy, or receivership (together a "Business Transition"), we may use information collected in accordance with this Privacy Policy and subject to its restrictions, as part of any such Business Transition. In such instances, your information can be part of the assets transferred.

11. Data Retention and Destruction

We will retain personal information for as long as necessary to accomplish our purposes for such data as set forth in this Privacy Policy. You can request that your information be deleted by contacting us at the address provided at the bottom of this Privacy Policy. At the time your information is deleted, we will destroy your personal information using reasonable data destruction practices. We may, however, retain certain information to comply with legal or contract obligations or to facilitate law enforcement requests.

12. Complaints about privacy and how to contact us

12.1 If you have any questions, comments and/or complaints about our privacy practices, please feel free to contact us at:

Address: Post Office Box 4
Summer Hill, NSW 2130
Phone: +61424619055

For Data Subjects in the EU:

We appointed as representative according to Art 27 GDPR. If you want to make use of your GDPR data privacy rights, please visit: 

Maetzler Rechtsanwalts GmbH & Co KG
Attorneys at Law
c/o Paperform Pty. Ltd.
Schellinggasse 3/10, 1010 Vienna, Austria

Please add the following subject to all correspondence:
GDPR-REP ID: 15066192

We take complaints very seriously and will respond shortly after receiving written notice of your complaint. You also have the right to complain to your local data protection supervisory authority.

13. Changes to this Privacy Policy

13.1 Paperform reserves the right to review, alter, update and/or remove portions of this Privacy Policy in the future. We may modify this Privacy Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy. Changes to this Privacy Policy are effective as of the last updated date provided above. By using our Website and/or the Services, you accept the version of this Privacy Policy in place at that time.

14. Technology used in collecting personal information

14.1 When you visit our website

When you come to Paperform's Website ( we may collect certain information, including, without limitation the type of browser used to access the Paperform Website, a users' operating system, the website visited immediately before coming to the Paperform Website. This information is used in an aggregated manner to analyze how people use the Paperform Website so that we can improve our Services.

14.2 Cookies

Paperform may use Cookies on the Website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of Paperform's Website.

Paperform's Website may use Cookies to analyze website traffic and help provide a better website/visitor experience. In addition, Cookies may be used to display relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on Paperform's Website or third party websites you visit. For information on how you can exercise your options regarding these advertisements, please see the below links:



14.3 Do Not Track "DNT" Signals

There are different ways you can prevent tracking of your online activity. One of them is setting a preference in your browser that alerts websites you visit that you do not want them to collect certain information about you. This is referred to as a Do-Not-Track ("DNT") signal.

We exclude users from our internal analytics processing in response to DNT signals.

14.4 Third-Party use of cookies and other tracking technologies.  

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

15. Third party sites

15.1 The Paperform Website may include links to third party websites. Paperform does not control nor does it have control over third party websites. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. By using the Paperform Website and Services, or by choosing to integrate the Services with third party services, you agree and acknowledge that Paperform is not responsible for the availability of third party websites and is not responsible and/or liable for any content, advertising, products or other materials on or available from these third party websites. You further acknowledge and agree that Paperform shall not be responsible and/or liable, directly, or indirectly, for any damage or loss caused or alleged to be caused by or in connection with your use of or reliance on any such content, goods or services available on or through any third party website.

15.2 Please be aware that Paperform is not responsible for the privacy practices of third party websites. Paperform encourages its users to be aware, when they leave the Website, to read the privacy statements of each and every website that collects personal identifiable information.


In addition to our Privacy Policy, this Privacy Notice for California Residents supplements the information contained in our Privacy Policy above and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We have provided this notice in compliance with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.

Information We Collect (CCPA)

Our Website and Service collects Personal Information as described below. Within the last twelve (12) months, our Website and our Service have collected the following categories of Personal Information from consumers:

(Note: in this table, Yes indicates that a given category of data was collected, and No indicates that a given category of data was not collected.)

Category and Examples

Collected on the Website?

Collected from Customers?

Collected on our Service from users?

A: Identifiers




A real name, Internet Protocol address, email address, or other similar identifiers.



B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))




A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.



C: Protected classification characteristics under California or federal law




Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).



D. Commercial information




Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.



E. Biometric information




Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.



F. Internet or other similar network activity




Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. 



G. Geolocation data




Physical location or movements.



H. Sensory data




Audio, electronic, visual, thermal, olfactory, or similar information.



I. Professional or employment-related information




Current or past job history or performance evaluations.



J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).




Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.



K. Inferences drawn from other Personal Information.




Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.



To summarize the above, we collect Personal Information about Consumers to our Website, in selling subscriptions to our Service and in connection with our Service.      

With respect to the Categories in the table above regarding our Services, we aggregate information from large groups of visitors, in an anonymous and de-identified way, and these aggregations may rely on algorithmic inferences drawn from information collected on those Websites, as listed in other categories above. We use such information to create compilations of aggregated data and/or statistics and reports.

Note that “Personal Information” does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, including:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

We obtain the categories of Personal Information listed above from the following categories of sources:

  • Directly from our Customers or their agents. For example, when Consumers interact with our Services integrated on our Customers’ websites or services, or from documents that our Customers provide to us related to our Services.
  • Indirectly from our Customers or their agents through their use of our Service.
  • Directly and indirectly from activity on our Website or a Customer Website.

Use of Personal Information (CCPA)

We may use or disclose the Personal Information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason for which the information is provided.
  • To provide you with information, products or services that you request from us.
  • To provide Customers with information regarding you and products or services of Customers.
  • To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
  • To improve our Website and present its contents to you.
  • For testing, research, analysis and product development.
  • As necessary or appropriate to protect the rights, property or safety of us, our Customers or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our or a Customer’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us or a Customer is among the assets transferred.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without updating this notice.

Sharing Personal Information (CCPA)

We may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed Personal Information for a business purpose.

We disclose your Personal Information for a business purpose to the following categories of third parties:

  • Our affiliates.
  • Service providers.
  • Third parties to whom you or your agents authorize us to disclose your Personal Information in connection with products or services we provide to you.

In the preceding twelve (12) months, we have not sold any Personal Information.

Your Rights and Choices (CCPA)

The CCPA provides California residents with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights (CCPA)

You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and verify your request, we will disclose to you:

  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purpose for collecting or selling that Personal Information.
  • The categories of third parties with whom we share that Personal Information.
  • The specific pieces of Personal Information we collected about you (also called a data portability request).
  • (Applicable if we sell or disclose your Personal Information for a business purpose) Two separate lists disclosing:
  • Sales, identifying the Personal Information categories that each category of recipient purchased; and
  • Disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

Deletion Request Rights (CCPA)

You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights (CCPA)

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:

  • Contacting us via: 

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format (CCPA)

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination (CCPA)

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services. Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Changes to This Privacy Notice (CCPA)

We may revise this privacy notice from time to time in our sole and absolute discretion. If we decide to change our privacy notice, we will post the revised statement on our Website. If changes are significant and materially affect your rights under this privacy notice, we may provide a more prominent notice on our Website or Services. As we may make changes at any time without notifying you, we suggest that you periodically consult this privacy notice. Please note that our rights to use any information collected will be based on the privacy notice in effect at the time the information is used.

Contact Information (CCPA)

If you have any questions, comments or concerns about the privacy notice or would like to request additional information regarding our privacy practices, please contact us at: