APPLICATION OF OUR PRIVACY STATEMENT
This Privacy Statement applies to the collection of personal data by Highly Valued, Inc. (“Valued”, “we”, “us”, “our”). This statement is not intended to apply to the collection or use of personal data by Valued’s customers (“Customers”) through their use of the Valued application (the “Services”).
Valued collects information at the discretion of our customers in the course of the use of the Services. A Customer’s collection or use of personal data is specific to their use and implementation of the Services, for any question about the use of Valued by any particular customer please consult relevant Customer’s privacy statement, privacy notice. Valued does not have a direct relationship with our Customers’ customers or end-users.
INFORMATION WE COLLECT
We collect information, including personal data, when you use our Services. We collect this information when you fill out forms or engage with us directly. We also collect this information via cookies. We use this information to communicate with you, to market, provide, maintain, protect and improve our Services, and to develop new or enhanced versions of the Services.
Information you share with us
If you choose to share your data with us, we will collect the following information:
- If you decide to create a Valued account, you must enter your first and last name, email address, and password through our online Application.
- Information and share additional information like postal address, phone number, company name, and payment information.
- IP address may be shared anonymously with third parties for advertising purposes but is not otherwise used to track visitors, implicit location information from IP address may be used for analytics.
- Email addresses may be collected from individuals who have not created account for email newsletter and direct marketing purposes.
- We may collect aggregate data about the performance of newsletter (e.g. click rates, open rates) and advertising channels.
You may use application or device controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for specific products or features, those products or features may not be available or may not function correctly.
Information collected through social media
We have pages on social media sites like Twitter and LinkedIn (“Social Media Pages”). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.
Information collected via technology
We automatically collect certain information via technology when you use the Services:
- IP Address, Location, Website Activity, and Browser Information. When you visit our Site or use our Applications, some information is automatically collected. We collect information about the type and language of the operating system running on your device, your internet protocol address (“IP Address”), the browser type you used during your visit, and the website you visited just before ours. We also collect information about which web-elements or objects you interact with, metadata about your activity on the Site, changes in your user state, and the duration of your visit.
- Cookies. Valued collects information about your use of our Services via cookies.
Information obtained from third-party sources
When we collect information in connection with our business relationship with you, we may also purchase data about you from third parties.
We protect information obtained from third parties according to the practices described in this Privacy Statement, plus any additional restrictions imposed by the third party providing the data. These third-party sources include, for example:
- Applications and services, such as social networks that make users’ information available to others;
- Service providers that help us determine your device’s location based on its IP Address to customise certain products to your physical location;
- Partners with which we offer co-branded services or engage in joint marketing activities; and
- Publicly available sources, such as open government databases or other information in the public domain.
Information created or generated
We infer new information from the information we collect, including using automated means to make inferences about your likely preferences or other personal information. For example, we may infer your city, state, and country location based on your IP Address.
COOKIES AND TRACKING TECHNOLOGIES
Cookies are small text files we send to individuals’ computers when they visit our Sites. Cookies make our Sites work more efficiently and effectively and help us improve our Site, the relevance of our marketing activities, and your experience while using the Services.
Some of the cookies we use may provide us with information about you. The text in a cookie often consists of a string of numbers and letters that uniquely identifies your computer, but it can contain other information as well.
- Capturing session information for authentication purposes
- Tracking visits to our Site and performance of marketing materials
SHARING OF INFORMATION
We share personal data with your consent or as necessary to complete your transactions or to provide the services you have requested or authorised. For example, when you provide payment information to make a purchase, we will share that information with banks and other entities as necessary for payment processing, fraud prevention, or other related financial services. We also share personal data as follows:
- Affiliates and Subsidiaries. Our subsidiaries and affiliates share standard information systems and process information as needed to provide our products and operate our business.
- Third-Party Service Providers. With third parties who work on our behalf for the purposes described in this Privacy Statement. These services may include providing cloud computing infrastructure, website crash reporting, analytics, email delivery, and providing customer support or account administration.
- Professional Advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
- Authorities and Others.
- Lawful Requests. To comply with laws or to respond to lawful requests and legal process, provided that Valued will use all reasonable effort to notify you, where practical and permitted by applicable law or regulation, if Valued has received a lawful request for your information.
- Protection of Rights and Property. To protect the rights and property of Valued, our agents, customers, and others, including to enforce our agreements and policies.
- Emergency. In an emergency, including to protect the personal safety of any person.
- Business Transferees. For a corporate transaction (or negotiation of a corporate transaction) involving a proposed or actual sale or transfer of all or a part of our business or assets (corporate transaction may include, for example, any merger, financing, acquisition, divestiture or dissolution transaction or proceeding). We may transfer your personal data in the event of an insolvency, bankruptcy, or receivership.
PERSONAL DATA SECURITY
In compliance with applicable laws, Valued maintains administrative, technical, and physical safeguards designed to help protect your personal data to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please contact firstname.lastname@example.org for any questions about Valued’s security practices.
YOUR INFORMATION CHOICES AND CHANGES
In addition to the choices outlined in other parts of this Privacy Statement, you also have control over the following:
- Access, Correction, and Deletion. If you wish to request access to or correction or deletion of personal data about you that we hold, you have some controls available to you from the Services. You can also contact our Privacy Program at email@example.com.
- Email Communications. You may opt-out of receiving promotional or marketing emails from Valued by following the instructions in those emails. If you opt-out, we may still send you non-promotional emails, such as emails about account status.
CALIFORNIA PRIVACY RIGHTS
This section applies only to California residents. It describes how we collect, use, disclose and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act but does not include data exempted from the scope of the CCPA.
Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute and, in certain cases, we may decline your request as permitted by law.
- Information. You can request information about the categories of Personal Information that we have collected; the categories of sources from which we collected Personal Information; the business or commercial purpose for collecting, sharing and/or selling Personal Information; the categories of any Personal Information that we sold or disclosed for a business purpose; and the categories of any third parties with whom Personal Information was sold, shared or disclosed for a business purpose.
- Access. You can request a copy of the Personal Information that we have collected about you.
- Deletion. You can ask us to delete the Personal Information that we have collected from you.
- Correction. You can ask us to correct inaccurate Personal Information that we have collected about you.
- Opt-out. You can opt-out of the sharing of your Personal Information for cross-contextual behavioral advertising purposes and/or from the sale of your Personal Information for monetary or other valuable consideration.
- Nondiscrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.
How to Exercise Your Rights
- Right to information, access, correction, and deletion. You can request to exercise these rights by emailing us at firstname.lastname@example.org.
- Right to opt-out of the “sale” or “sharing” of your Personal Information. You can request to opt-out of the “sharing” of your Personal Information by clicking the Your Privacy Choices link in the footer of this webpage. Your request to opt-out will apply only to the browser and the device from which you submit the request. We do not “sell” Personal Information as defined by the CCPA.
- Opt-Out of Interest-Based Advertising via Global Privacy Control. Global Privacy Control (“GPC”) is a browser setting that notifies websites of a user’s privacy preferences, i.e., not to share or sell personal data without their consent, by sending a signal to each website a user visits. We respond to a GPC signal on the browser and our website automatically honors requests to opt-out of interest-based advertising sent via GPC signal. For more information, you can visit the Global Privacy Control website.
Identity verification. We need to verify your identity to process your requests to exercise your rights to know, access, deletion, and correction, and we reserve the right to confirm your California residency. To verify your identity, we may require you to log into your account if you have one, provide identifiers we can match against information we may have collected from you previously, confirm your request using the email address used to make the request, provide government identification, or provide a declaration under penalty of perjury, where permitted by law.
Authorized agents. Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of a valid power of attorney given to your authorized agent pursuant to applicable state law. If you have not provided your agent with such a power of attorney, we may ask you and/or your agent to take additional steps permitted by law to verify that your request is authorized, such as information required to verify your identity and that you have given the authorized agent permission to submit the request.
Information practices. The following describes our practices currently and during the past 12 months:
Categories of Shared Information
Categories of Third-Party Recipients
Purpose for Disclosure
● Identifiers and Contact Information
● Analytics or other Electronic Network Activity
Contact Marketing Platforms
Contact and content marketing
EUROPEAN DATA PROTECTION RIGHTS
If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that information:
- You can request access to, and rectification or erasure of, personal data;
- If any automated processing of personal data is done with your consent or under a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format;
- You can object to, or obtain a restriction of, the processing of personal data under certain circumstances; and
- For residents of France, you can send us specific instructions regarding the use of your data after your death.
To make such requests or contact our Privacy Program) at email@example.com. We process data as a processor on behalf of our customers. If you are a customer of our Customer, you should contact them. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
We may rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the Services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
EU-U.S. PRIVACY SHIELD AND SWISS-U.S. PRIVACY SHIELD
Where personal data originating in Europe is directly transferred to Valued by its customers, or transferred by Valued to external (sub-)processors, Valued enters into Standard Contractual Clauses (“SCCs”) with such parties. Additionally, Valued has in place technical and organizational safeguards to comply with its legal obligations to protect personal data.
Valued is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield Framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage. Valued complies with the Principles for all onward transfers of personal data from the European Union, the United Kingdom, and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to each Privacy Shield Framework, Valued is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Valued may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the data controls, Valued commits to resolve any complaints about your privacy and our collection, use, or disclosure of your personal data. If you have any inquiries or complaints regarding this Privacy Statement or our compliance with Privacy Shield, you should first contact Valued at the contact information set forth below.
You may have the right to access or submit requests to review, correct, update, or delete your personal data. You can ask to review or correct personal data that we maintain about you by sending a written request to firstname.lastname@example.org. We may limit or deny access to personal data where providing such access is unreasonably burdensome, expensive under the circumstances, or as otherwise permitted by the Privacy Shield Principles.
LOCATION OF PERSONAL DATA
The personal data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. We exclusively use data centers in the United States. The storage location is chosen to operate efficiently and improve performance. We take steps designed to ensure that the personal data we collect under this Privacy Statement is processed in accordance with this Privacy Statement and applicable law wherever the data is located.
Location of Processing European Personal Data. We transfer personal data from the European Economic Area, United Kingdom and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protection, please visit https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
RETENTION OF PERSONAL DATA
We retain personal data for as long as necessary to provide the products and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. These needs can vary for different information types in the context of different Services. Accordingly, our actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the information, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
Our Services are not intended for use by anyone under 16 years of age. If you are a parent or guardian of a child from whom you believe we have collected Personal Information in a manner prohibited by law, please contact email@example.com. If we learn that we have collected Personal Information through our Services from someone under 16 years of age without the consent of the child’s parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.
CHANGES TO THIS PRIVACY STATEMENT
Valued may change this Privacy Statement from time to time to reflect changes in our offerings, how we collect, use, or disclose personal data, or applicable law. If we make any changes to this Privacy Statement, we will change the “Last Updated” date above. If we make any material changes, we will provide notice or obtain consent regarding such modifications as may be required by law.
HOW TO CONTACT US
If you have a privacy concern, complaint, or a question for Valued please contact our Privacy Program at firstname.lastname@example.org.
European contact email (email@example.com) and address.