CALIFORNIA PRIVACY NOTICE
Last Updated: January 1, 2020
This California Privacy Notice explains how California Closet Company, Inc. and its corporate affiliates (“we,” or “us,” or “our”) collect Personal Information of California residents based on your interactions with us, including on our websites, applications, forums, blogs (each a “Site”), and other online or offline offerings and your other interactions with us (collectively, the “Services”). By visiting each Site and using the Services, you agree that we may collect and use information about you as set forth in this Privacy Notice.
We note that we are providing this Privacy Notice in accordance with the requirements of the California Consumer Privacy Act of 2018 (the “CCPA”), a law which requires business to make certain disclosures concerning how they collect, use, and share “Personal Information” (as defined below) and to grant California residents certain rights with respect to their Personal Information.
The rights described in this Privacy Notice therefore do not apply to Personal Information that is exempted from the requirements of the CCPA. This includes information of our business contacts collected in the course of our business-to-business contacts (e.g., information about an individual acting in his or her capacity as a representative of an entity); Personal Information about employees, job applicants, and independent contractors; and Personal Information subject to the Fair Credit Reporting Act. Where exceptions to the CCPA apply to a request you submit, we will provide you with an explanation.
The Personal Information We Collect, From Where We Collect It, Why We Collect It, and With Whom We Share It
We collect, process and store various types of Personal Information. For purposes of this Notice, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. It does not include de-identified or aggregate information, or public information lawfully available from governmental records.
The following chart describes the categories of Personal Information covered by this Notice that we may collect about you and have collected in the past 12 months and, for each category, where and why we collected it, and the categories of entities with which we shared the Personal Information. As you will see, our services are provided through independently-owned and operated franchises and we obtain information from them.
|Categories of Consumers’ Personal Information||Categories of Sources||Purpose(s) for Collection of Consumers’ Personal Information||Categories of Third Parties With Which Personal Information Was Shared for a Business Purpose|
|Personal Identifiers – such as name, postal address, Internet Protocol address, mobile ad ID address, email address, driver’s license number, estimated home value, estimated household income, phone numbers, or other similar identifiers||
||Service providers (vendors that provide services to us in connection with the operation of our business, which can include vendors that process payments and customer approvals, verify customer information, manage customer information, facilitate scheduling, facilitate email communications, advertising and marketing, manufacture and fulfillment of orders, provide security services, cloud-based data storage, host our webpage and assist with other IT-related functions, advertising and marketing, provide analytics information, legal and accounting services, among other business functions)
|Protected Characteristics – such as age (over 40); sex/gender; or marital status;||Third-party data sources||Marketing and internal analysis||Service Providers|
|Commercial information – such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies||
|Internet or other electronic network activity information, including browsing and search history,||Consumers interacting with our Sites||
|Audio information||Consumers directly||
|Inferences drawn from Personal Information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||Third-party data source||Marketing||Service Providers|
We Do Not Sell Your Personal Information
In the last 12 months we have not sold any Personal Information. We do not and will not sell Personal Information.
Additional Information about How We Collect and Share your Personal Information
With respect to each of the categories of data above, we may also collect and share Personal Information with third parties to comply with legal obligations; when we believe in good faith that an applicable law requires it; at the request of governmental authorities or other third parties conducting an investigation; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of our business, third parties, visitors to our Sites, users of our Services, or the public. We may also share Personal Information with any person to whom we transfer any of our rights or obligations under any agreement, or in connection with a sale, merger or consolidation of our business or other transfer of our assets, whether voluntarily or by operation of law, or who is otherwise deemed to be our successor or transferee.
Cookies. Cookies are small text files placed in visitors’ device browsers to store their preferences. Most browsers allow you to block and delete cookies. You may set your browser to notify you when you receive a cookie. Many web browsers also allow you to block cookies. If you block cookies you may not be able to access certain parts of a Site. You can disable cookies from your computer system by following the instructions on your browser.
Pixel Tags/ Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded on the Site that collects information about users’ engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.
Our uses of such Technologies fall into the following general categories:
Operationally Necessary. This includes Technologies that allow you access to our Services that are required to identify irregular behavior, prevent fraudulent activity and improve security or that allow you to make use of our functions;
Performance Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;
Functionality Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services and keeping track of your specified preferences or past pages viewed;
Advertising or Targeting Related. We may use Technologies to develop and deliver content on our Services, including ads relevant to your interests.
CCPA Rights of Individuals
Your Right To Request Disclosure of Information We Collect and Share About You
You can request the following information from us, with respect to the Personal Information that we have collected about you in the 12 months prior to our receipt of your request:
- The categories of Personal Information we have collected about you.
- The categories of sources from which we collected your Personal Information
- The business or commercial purposes for which we collected the Personal Information
- The categories of third parties with which we shared the information
- The specific pieces of Personal Information we collected
You can also submit a request to us for the categories of Personal Information that we have disclosed for a business purpose.
Your Right To Request Deletion of Personal Information We Have Collected From You
Upon your request, we will delete the Personal Information we have collected about you that is covered by the CCPA, except for situations where specific information is necessary for us to: provide you with a product or Service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; or comply with or exercise rights provided by the law. The law also permits us to retain specific information for our exclusively internal use, but only in ways that are compatible with the context in which you provided the information to us or that are reasonably aligned with your expectations based on your relationship with us.
Exercising Your Rights and How We Will Respond
To exercise any of the rights above, or to ask a question, contact us at 1-833-973-0699, click here, or use the contact details set out at the end of this Privacy Notice.
For access and deletion requests, we will provide a substantive response to your request as soon as we can, generally within 45 days from when we receive your request, although we may be allowed to take longer to process your request in certain jurisdictions or under certain circumstances. If we expect your request is going to take us longer than normal to fulfill, we will let you know.
Verification of Identity – Access or Deletion Requests
We will ask you for two pieces of Personal Information (typically phone number and email address used when transacting with us) and attempt to match those to information that we maintain about you.
If we are unable to verify your identity with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of the denial.
You may designate an agent to submit requests on your behalf. The agent can be a natural person or a business entity that is registered with the California Secretary of State.
If you would like to designate an agent to act on your behalf, you and the agent will need to comply with our agent verification process. You will be required to verify your identity by providing us with certain Personal Information as described above, depending on whether you hold an account with us or not and the nature of the information your require, which we will endeavour to match the information submitted to information we maintain about you. Additionally, we will require that you provide us with written confirmation that you have authorized the agent to act on your behalf, and the scope of that authorization. The agent will be required to provide us with proof of the agency relationship, which may be a declaration attesting to the agent’s identity and authorization by you to act on their behalf, signed under penalty of perjury. If the agent is a business entity, it will also need to submit evidence that it is registered and in good standing with the California Secretary of State. Information to identify and verify your agent can be submitted through the same mechanism and at the same time that you submit information to verify your identity.
Please note that this subsection does not apply when an agent is authorized to act on your behalf pursuant to a valid power of attorney. Any such requests will be processed in accordance with California law pertaining to powers of attorney.
Requests for Household Information
There may be some types of Personal Information that can be associated with a household (a group of people living together in a single dwelling). Requests for access or deletion of household Personal Information must be made by each member of the household. We will verify each member of the household using the verification criteria explained above.
If we are unable to verify the identity of each household member with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of our denial.
Our Commitment to Honoring Your Rights
We are committed to providing you with control over your Personal Information. If you exercise any of the rights explained in this Privacy Notice, we will continue to treat you fairly. If you exercise your rights under this Privacy Notice, you will not be denied or charged different prices or rates for goods or services, or provided a different level or quality of goods or services than others.
Personal Information of Minors
Our products and Services are not directed to minors under the age of 13 and we do not knowingly collect or sell the Personal Information of minors under 16.
Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
California Shine the Light
California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits California residents to annually request, free of charge, information about the Personal Information (if any) disclosed to third parties for direct marketing purposes in the preceding calendar year. We do not share Personal Information with third parties for their own marketing purposes.
How We Keep Your Personal Information Secure
We implement and maintain reasonable security appropriate to the nature of the Personal Information that we collect, use, retain, transfer or otherwise process. Our reasonable security program is implemented and maintained in accordance with applicable law and relevant standards. However, there is no perfect security, and reasonable security is a process that involves risk management rather than risk elimination. While we are committed to developing, implementing, maintaining, monitoring and updating a reasonable information security program, no such program can be perfect; in other words, all risk cannot reasonably be eliminated. Data security incidents and breaches can occur due to vulnerabilities, criminal exploits or other factors that cannot reasonably be prevented. Accordingly, while our reasonable security program is designed to manage data security risks and thus help prevent data security incidents and breaches, it cannot be assumed that the occurrence of any given incident or breach results from our failure to implement and maintain reasonable security.
By using the Services or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Site, by sending an e-mail to you, or by postal mail.
Changes to This Notice
We will review and update this Notice as required to keep current with rules and regulations, new technologies and security standards. We will post those changes on the Site or update the Privacy Notice modification date. In certain cases and if the changes are material, you will be notified via email or a notice on our Site.
We are committed to ensuring that our communications are accessible to people with disabilities. To make accessibility-related requests or report barriers, please contact us at 800-225-2567.
If there are any questions regarding this Privacy Notice or to request a copy of this Privacy Notice in another format you may contact us using the information below.