CCPA Privacy Notice

Last Modified: December 27, 2022

APPLICABILITY: The California Consumer Privacy Act of 2018 (“CCPA”), the California Privacy Rights Act of 2020 effective January 1, 2023 (“CPRA”), any other California privacy laws, and this CCPA Notice apply to visitors, users, and independent contractors, and others who are California residents (“consumers” or “you”). Any terms defined in the CCPA and CPRA have the same meaning when used in this CCPA Notice. This CCPA Notice applies to California residents’ Personal Information, which we collect directly or indirectly while you are using our service or in order to provide our services, or employee and business-to-business Personal Information.

This CCPA Notice is an integral part of Ryze Privacy Policy, and thus, definitions used herein shall have the same meaning as defined in the Privacy Policy.


PART I: A COMPREHENSIVE DESCRIPTION OF THE INFORMATION PRACTICES:

(A) CATEGORIES of PERSONAL information WE COLLECT

We collect Personal Information which is defined under the CCPA as any information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device, all as detailed in the table below. The definition of Personal Information further includes Sensitive Personal Information (“SPI”) as detailed in the table below.

Personal Information does not include: Publicly available information that is lawfully made available from government records, that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; information excluded from the CCPA’s or CPRA’s scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA) and the Driver’s Privacy Protection Act of 1994.

Ryze have collected the following categories of Personal Information within the period of the last twelve (12) months:

Category Examples Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

Yes.

Online identifiers, Internet protocol address, real name, email address, account name.

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

Yes.

Name, email address, address, telephone number.

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

No.

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes.

Conversion related to our Partner’s products or services (where you were directed to a Partner Site from our website), associated with Unique Identifier.

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

No.

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Yes.

User's interaction with our website and advertisements.

G. Geolocation data.

Physical location, approximate location derived from IP address or movements.

Yes.

Approximate location derived from IP address or provided by the user.

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

No.

I. Professional or employment-related information.

Current or past job history or performance evaluations.

No.

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

No.

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

No.

L. Sensitive personal information.

Government-issued identifying numbers, financial account details, genetic data, precise geolocation, race or ethnicity, religious or philosophical beliefs, union membership, mail, email, text messages, biometric data, health data, and sexual orientation or sex life.

No.


(B) CATEGORIES OF SOURCES OF PERSONAL INFORMATION

We collect Personal Information from the following sources:

  • From activity on our website: For example, when we collect your Usage Data automatically from analytic tools.
  • Directly from you: For example, from forms you complete (such as the Data Subject Request), or when you contact us.
  • From third-parties: For example, when you interact with our advertising campaigns.

(C) USE OF PERSONAL INFORMATION

We may use the Personal Information collected (as detailed in the table above and our Privacy Policy), for the following purposes:

  • To fulfill or meet the reason you provided the Personal Information (support, respond to an inquiry, receive a quote from a Partner, etc.);
  • Monitor and improve our Services;
  • Provide our Services;
  • Track traffic in order to calculate conversion and business transactions with our Partners;
  • Analyzing our Services and your use of the Services and website for internal statistics and to improve our Services;
  • Advertising and marketing campaigns;
  • Respond to law enforcement, comply with our legal obligations and enforce our rights; or
  • As otherwise as detailed in our Privacy Policy.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.


(D) DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE

We may disclose your Personal Information to a contractor or service provider for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. We further restrict the contractor and service provider from selling or sharing your Personal Information. In the preceding twelve (12) months, we disclosed the following categories of Personal Information for a business purpose:

Category (corresponding with the table above) Category of Recipient Business Purpose
1

Category A

Category B

Category D

Category F

Category G

Cloud Computing and Storage

Storage, hosting.

2

Operating Systems

Operating the services

3

Government Entities/Law Enforcement

Subject to a lawful request

4

Category A

Category D

Category F

Category G

Data Analysis Vendors

Providing analytic data on the use of our website and Services.

5

Category A

Category B

Category F

Category G

Service Providers

Improving the Services, development and optimization

6

Category A

Category B

Customer Support Providers

Customer and technical support

7

Category A

Category B

Security Service Providers

Debugging, security, fraud prevention.

8

Category A

Category B

Category D

Partners

To provide the Services.


(E) SALE OR SHARE OF PERSONAL INFORMATION

We do not “sell” information as most people would commonly understand that term, we have not (in the previous 12 months), do not, and will not, disclose your Personal Information in direct exchange for money or some other form of payment.

For retargeting and analytic purposes, when we promote our Services, we use third-party tools that are able to market and advertise our Services online (“Advertising Campaigns”), measure those Campaigns, identify individuals that are interested in our Services, etc. this is done by placing cookies, pixel or other tracking technology on our website and sharing with these vendors the online identifiers and online behavior information.

The CCPA defines “sharing” as “communicating orally, in writing, or by electronic or other means, a consumer’s personal information” to “a third party for cross-context behavioral advertising, whether or not for money or other valuable consideration”. In other words, we may share your Personal Information with a third party to help promote our Services, conduct our Advertising Campaigns, and understand your use of our website.

In the preceding twelve (12) months, we “sell” or “share” the following categories of Personal Information for a business purpose:

Category (corresponding with the table above)

Category Recipient

Purpose of Sale or Share

Category A

Category F

Marketing tools and vendors.

Share for targeted advertising.


(F) CHILDREN UNDER AGE 16

We do not knowingly collect information from children under the age of 16.


(G) DATA RETENTION

In general, we retain the Personal Information we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you express your preference to opt-out, where applicable.

We determine the retention period of each category of Personal Information we collect, according to the criteria explained below:

  • For as long as it remains necessary in order to achieve the purpose for which the Personal Information was initially collected. For example, if you contacted us, we will retain your contact information at least until we will address your inquiry.

  • To comply with our legal and regulatory obligations. For example, if you request to exercise your rights, we need to retain certain information indicating we have fulfilled our legal obligations.

  • To resolve a claim we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.

Please note that except as required by applicable law, we will not be obligated to retain your Personal Information for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.


PART II: YOUR RIGHTS UNDER THE CCPA AND HOW YOU CAN EXERCISE THEM

(H) YOUR RIGHTS UNDER THE CCPA

If you are a California resident, you may exercise certain rights related to your Personal Information. You may exercise your rights free of charge except as otherwise permitted under applicable law. We may limit our response to your request to exercise of these privacy rights as permitted under applicable law, all as detailed herein and the Data Subject Request Form available HERE.

California Privacy Right Details

The Right to Know What Personal Information the Business Has Collected.

The right to know what Personal Information the business has collected about the consumer, including the categories of Personal Information, the categories of sources from which the Personal Information is collected, the business or commercial purpose for collecting, selling, or sharing Personal Information, the categories of third parties to whom the business discloses Personal Information, and the specific pieces of Personal Information the business has collected about the consumer.

Deletion Rights.

The right to request the business to delete Personal Information that it has collected from the consumer, subject to certain exceptions.

Correct Inaccurate Information

The right to request to correct inaccurate Personal Information that a business maintains about a consumer.

Opt-Out of Sharing Personal Information for Cross-Contextual Behavioral Advertising

The right to opt-out of the “sharing” of your Personal Information for “cross-contextual behavioral advertising” (also referred to as “interest-based advertising” or “targeted advertising”.)

Opt-Out from Selling Personal Information

The right to opt-out of the sale of Personal Information by the business.

Limit The Use or Disclosure of Sensitive Personal Information

Under certain circumstances, If the business uses or discloses SPI, you have the right to request to limit the use or disclosure of SPI by the business.

Opt-Out of The Use of Automated Decision Making

In certain circumstances, you have the right to opt-out of the use of automated decision making in relation to your Personal Information.

Non-Discrimination

The right not to receive discriminatory treatment by the business for the exercise of privacy rights under the CCPA, including an employee’s, applicants, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights, denying a consumer goods or services, charging different prices or rates for goods or services, providing you a different level or quality of goods or services, etc. We may, however, charge different prices or rates, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to us by your Personal Information.

Data Portability

The right to request a copy of your Personal Information, including specific pieces of Personal Information, including, where applicable, to obtain a copy of the Personal Information you provided to a business in a portable format.


To learn more about your California privacy rights, please visit https://oag.ca.gov/privacy/privacy-laws.

(I) HOW CAN YOU EXERCISE THE RIGHTS?

We provide a cookie banner and consent management that incorporates a browser setting that notifies our website of your privacy preferences regarding automated collection of Personal Information through use of cookies. You may opt out of “sharing” or “selling” of your Personal Information associated to our use of third party analytic and marketing cookies, through our Cookie Setting tool.

You may further exercise your rights by using the Data Subject Request Form (“DSR Form”) available HERE. The DSR Form further provides instructions for submitting, general description of the process, verification requirements, and the information we will request you to provide.


(J) AUTHORIZED AGENTS

“Authorized Agents” may submit opt out requests on a consumer’s behalf. If you have chosen to use an authorized agent to submit requests, or if you are an authorized agent and you wish to submit a request on behalf of a consumer, please follow the procedure detailed below which required prior to acceptance of any requests by an authorized agent on behalf of a California consumer. Usually, we will accept requests from qualified third parties on behalf of other consumers, regardless of either the consumer or the authorized agent’s state of residence, provided that the third party successfully completes the following qualification procedures:

  1. When a consumer uses an authorized agent to submit a request to know or delete Personal Information, a business may require that the consumer will:

    • Provide the authorized agent signed permission to do so or power of attorney.

    • Verify their own identity directly with the business.

    • Directly confirm with the business that they provided the authorized agent permission to submit the request.

  2. A business may deny a request from an authorized agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

(K) NOTICE OF FINANCIAL INCENTIVE

We do not offer financial incentives to consumers for providing Personal Information.


(L) CONTACT US

Ryze Beyond Ltd.

dpo@ryzebeyond.com


(M) PRIVACY NOTICE UPDATES

This privacy notice was last updated on the date indicated on the header above. As required under the CCPA, we will update the CCPA Notice every 12 months. The last revision date will be reflected in the “Last Modified” heading at the top of this CCPA Notice.


PART III: OTHER CALIFORNIA RIGHTS AND OBLIGATIONS

Direct Marketing Requests:

California Civil Code Section 1798.83 permits California resident to request certain information regarding disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please use the Data Subject Request Form available HERE.

Do Not Track Settings:

“Do Not Track” signal is a privacy preference you can set in your web browser to indicate that you do not want certain information about your web page visits tracked and collected across websites. For more details, including how to turn on Do Not Track, visit: www.donottrack.us. Cal. Bus. and Prof. Code Section 22575 requires us to notify you how we deal with the “Do Not Track” settings in your browser. As of the effective date above, there is no commonly accepted response for Do Not Track signals initiated by browsers. Therefore, we do not respond to the Do Not Track settings.

California’s “Shine the Light” law (Civil Code Section § 1798.83):

Permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send us the Data Subject Request Form available here.