Effective Date: January 24, 2025
At SJD4L Enterprises, LLC (“SJD4L”, “WE”, “US”, OR “OUR”), we are committed to protecting your privacy. We take great care with your personal information that we gather when you access or use www.Data4Living.com, along with any related websites, applications, and Service (each individually and collectively referred to as a “Service” Or “Data4Living™ Service”).
This Privacy Policy is meant to help the users of our Service (“Users”, “you,” or “your”) understand how we treat your Personal Data. In addition to Users who create a Data4Living™ account to use the Service, for purposes of this Privacy Policy, “Users” also includes users of our Service who do not have a Data4Living™ account (for example, if you visit our websites or download a Data4Living™ application without creating a Data4Living™ account) (“Visitors”).
BY USING OR ACCESSING THE SERVICE IN ANY MANNER, YOU AGREE TO THIS PRIVACY POLICY, OUR TERMS OF SERVICE, OUR BIOMETRIC INFORMATION POLICY, AND THE TERMS OF ANY AGREEMENT BETWEEN YOU AND SJD4L (COLLECTIVELY, THE “AGREEMENT”), AND YOU HEREBY CONSENT THAT WE WILL COLLECT, USE, AND SHARE YOUR INFORMATION IN THE WAYS DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, YOU MAY NOT USE THE SERVICE. IF YOU USE THE SERVICE ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD, PARENT OR GUARDIAN), YOU REPRESENT THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL TO ACCEPT THIS PRIVACY POLICY ON THE INDIVIDUAL’S BEHALF.
Any use of the Service is subject to our Terms of Service, which incorporates this Privacy Policy). You may print a copy of this Privacy Policy by clicking here.
Capitalized terms are defined below, in our Terms of Service or in our Biometric Information Privacy Policy
Privacy Policy Table of Contents
Financial Privacy and Information
Categories of Personal Data We Collect
Categories of Sources of Personal Data
Commercial or Business Purposes for Collecting Personal Data
Other Permitted Purposes for Processing Personal Data
How We Disclose Your Personal Data
Tracking Tools, Advertising, and Opt-Out
Controlling Your Personal Data and Notifications
California Rights and Disclosures
Region Specific Resident Disclosures
Changes to this Privacy Policy
REGIONAL PRIVACY DISCLOSURES NOTICE
We do not collect information as an agent or representative of healthcare providers. This Privacy Policy does not apply to demographic, health, or health-related information that qualifies as “protected health information” (“PHI”) under the Health Insurance Portability and Accountability Act (“HIPAA”). HIPAA provides specific protections for the privacy and security of PHI and limits how PHI may be used and disclosed. Please review your healthcare provider’s Notice of Privacy Practices to understand how your PHI may be handled by them.
Financial Privacy and Information
We do not collect information as an agent or representative of financial institutions. This Privacy Policy does not apply to information that qualifies as “nonpublic personal information” (“NPI”) under the Gramm-Leach-Bliley Act (“GLBA”) or to data regulated under other financial privacy laws.
If your use of our services involves activities such as financial transactions or credit reporting, additional laws may apply:
- Bank Secrecy Act (BSA) and Anti-Money Laundering (AML): Financial institutions or other covered entities may collect or share information to verify your identity, monitor transactions for suspicious activity, or comply with other BSA/AML obligations.
- Fair Credit Reporting Act (FCRA): Information related to your creditworthiness, credit history, or other consumer report data may be governed by the FCRA, and we recommend reviewing your financial institution’s policies regarding the use and protection of this information.
Please consult the relevant institution’s Privacy Policy or applicable legal notices to understand how these laws affect your information.
Personal data provided by a User to the Data4Living™ Service is governed by this Privacy Policy. For example, we collect personally identifiable information (“PII”) and other sensitive data when you:
- create an account,
- post reviews,
- provide device/IP information or Web Analytics data while browsing our websites, or
- direct your healthcare provider or financial institution to disclose regulated information to the Data4Living™ Service (e.g., pursuant to a HIPAA Authorization, an access request under healthcare privacy laws, or a financial data-sharing consent under applicable regulations such as GLBA or FCRA).
Such disclosures may include protected health information (“PHI”) or nonpublic personal information (“NPI”) that is subject to additional privacy protections under laws such as HIPAA, GLBA, and FCRA. In these cases, we do not act as a regulated party. For example, we do not act as a Covered Entity or Business Associate under HIPAA or as a regulated entity under GLBA or FCRA. We recommend reviewing the privacy policies of your healthcare provider or financial institution for more details on their practices.
Categories of Personal Data We Collect
Each table below details the categories of Personal Data that we may collect about you. Please note that multiple tables may apply to you depending on how you interact with us or our Service. “Personal Data” means any information that identifies or relates to a particular individual, and includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, or regulations. For each category of Personal Data, these subsections also set out the source of that Personal Data, our commercial or business purpose for collecting that Personal Data, and the categories of third parties with whom we share that Personal Data. More information regarding those sources and categories are set forth below.
Category and Examples of Personal Data | Source of Data | Business or Commercial Purpose(s) for Collection | Third Parties with Whom We Disclose Data |
Online Identifiers such as IP Address, IP-address- based location data, device ID, domain server, type of device/operating system/browser used to access the Service | · You · Third Parties | · Providing, Customizing, and Improving the Service · Marketing the Service | · Service Providers · Analytics Partners · Ad Networks · Parties you authorize, access, or authenticate |
Web Analytics such as webpage interactions, Web analytics, referring webpage/source through which you access the Service, non-identifiable request IDs, statistics associated with the interaction between your device or browser and the Service | · You · Third Parties | · Providing, Customizing, and Improving the Service · Marketing the Service | · Service Providers · Analytics Partners · Ad Networks · Parties you authorize, access, or authenticate |
User Demographic Data such as your gender and date of birth, that you specifically provide us | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Geolocation Data, including IP address-based location information and zip code, city or address as provided by you | · You · Third Parties | · Providing, Customizing, and Improving the Service · Marketing the Service | · Service Providers · Analytics Partners · Ad Networks · Parties you authorize, access, or authenticate |
Other Identifying Information That You Voluntarily Choose to Provide such as in emails, letters, or other communications you send us | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Category of Personal Data | Source of Data | Business or Commercial Purpose(s) for Collection | Third Parties with Whom We Disclose Data |
Personal Identifiers such as first and last name, email address, phone number, mailing address, zip code | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Commercial Information such as your payment card type, last four digits of your payment card, billing contact information | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers (specifically, our current payment processing partner, Stripe). |
Other Identifying Information That You Voluntarily Choose to Provide such as social media credentials or in emails, letters, or other communications you send us | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Sensitive Personal Data | |||
Provider information | · You · Third Parties | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Analytics Partners · Parties you authorize, access, or authenticate |
Health information such as health conditions, Healthcare Providers visited, reasons for visit, dates of visit, medical history, and other health information you provide us | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Health Insurance information, such as: insurance plan, member ID, group ID, payer ID | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Sensitive Demographic Data, such as gender identity (specifically status as transgender or non-binary), race, sexual orientation | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate |
Biometric Information | · You | · Providing, Customizing, and Improving the Service · Corresponding with You | · Service Providers · Parties you authorize, access, or authenticate · See our Biometric Information Policy |
Categories of Sources of Personal Data
Categories of Sources of Personal Data | |
From You | |
When You Provide Information Directly to Us | · When you create an account or use our interactive tools and Service. · When you provide information about yourself. · When you provide information in free-form text boxes through the Service, through responses to surveys and questionnaires, or post reviews. · When you send us an email or otherwise contact us. · When you upload Content. · When you direct your healthcare provider or financial institution to provide information about you. |
When Personal Data is Automatically Collected When You Use the Service | · Through Cookies (defined below). · If you download and install certain applications and software we make available, we may receive and collect information transmitted from your device for the purpose of providing you the relevant Service. This includes information such as when you are logged on and available to receive updates or alert notices. · If you access our Service through a mobile device or a location-enabled browser, we may collect information about your location and the device you use, as applicable. |
From Third Parties | |
Service Providers | · We may use service providers to analyze how you interact and engage with the Service, or to help us provide you with customer support. · We may use service providers to obtain information to generate leads and to create user profiles. |
Analytics Partners | · We may work with analytics partners to provide us analytics on website traffic or the usage of the Service. · We use this data to optimize and market our Service. |
Healthcare Providers | · We may receive certain data from your Healthcare Provider(s) to provide you with information at your request. |
Financial Providers | · We may receive certain data from your Financial Provider(s) to provide you with information at your request. |
Social Networks | · If you provide your social network account credentials to us or otherwise sign in to the Service through a third-party site or service, you understand some content and/or information in those accounts may be transmitted into your account with us. |
Advertising Partners | · We receive information about you from some of our service providers who assist us with marketing or promotional Service related to how you interact with our Service, advertisements or communications. |
Commercial or Business Purposes for Collecting Personal Data
- Providing, Customizing, and Improving the Service
- Creating and managing your account or other user profiles.
- Providing you with the products, the Service, and information you request.
- Meeting or fulfilling the reason you provided the information to us.
- Providing support and assistance for the Service.
- Improving the Service, including testing, research, internal analytics, and product development.
- Personalizing the Service, website content, and communications based on your preferences.
- Fraud protection, security, and debugging.
- Marketing the Service
- Marketing and selling the Service.
- Showing you advertisements, including interest-based or online behavioral advertising.
- Corresponding with You
- Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about the Data4Living™ Service.
- Sending emails and other communications that display content that we think will interest you and according to your preferences including notifying you about certain resources or Service.
Other Permitted Purposes for Processing Personal Data
In addition, each of the above referenced categories of Personal Data may be collected, used, and disclosed with the government, including law enforcement, or other parties to meet certain legal requirements and enforcing legal terms including: fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities; protecting the rights, property or safety of you, SJD4L or another party; enforcing any agreements with you; responding to claims that any posting or other content violates third-party rights; and resolving disputes.
Data that is Not Personal Data or PHI
We may create aggregated and/or de-identified data from the Personal Data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified, or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build, and improve the Service and promote our business, provided that we will not share such data in a manner that could identify you.
We may also use screen recording tools to understand and analyze how individuals navigate and use our website. This technology will record mouse movements, clicks and similar actions, but we do not disclose any personal data with the screen recording tools and we do not link such information to your Personal Data.
In addition, we may use artificial intelligence (“AI”) tools to enhance or operate certain functions of the site, such as chat and customer service features.
How We Disclose Your Personal Data
In certain circumstances, we may disclose your Personal Data with the following categories of service providers and other third parties for the indicated business purposes:
Categories of Third Parties With Whom We Share Personal Data | Business Purpose for Sharing Data |
Service Providers | |
Payment Processors | · Our payment processing partner (currently Stripe,) collects your voluntarily provided payment card information necessary to process your payment. · Please see Stripe’s terms of service and privacy policy for information on its use and storage of Personal Data. |
Security and Fraud Prevention Consultants | · Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity. |
Hosting, Technology and Communications Providers; Fulfillment Providers; Data Storage Providers; Analytics Providers; Insurance Verification Providers; Staff Augmentation Personnel; Virtual Care Providers | · To perform operational Service (such as hosting, billing, fulfillment, data storage, security, insurance verification, web service analytics) and/or make certain Service, features or functionality available to our Users. · Debugging to identify and repair errors that impair intended functionality. · Short-term, transient use of Personal Data that is not used by another party to build a User profile or otherwise alter your user experience outside the current interaction. · Maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic Service, or providing similar Service on behalf of the business or service provider. · Undertaking internal research for technological development and demonstration. · Undertaking activities to verify or maintain the quality or safety of our Service. |
Selected Third Party Recipients | |
Analytics Partners | · To track how users found or were referred to the Service and otherwise interact with the Service. |
Ad Networks | · Ad customizing and serving. · Auditing related to a current interaction and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards. |
To Your Provider | · To a provider (e.g., healthcare provider or financial institution) per your request. |
Health Information Exchanges | · Health Information Exchanges and related organizations that collect and organize User information (such as Regional Health Information Organizations) to make your information more securely and easily accessible to your Healthcare Providers. The goal of such organizations is to facilitate access to health information to improve the safety, quality, and efficiency of patient-centered care. More information on Health Information Exchanges can be found here. |
Other Uses that You Authorize | · Any information that you may reveal in a review posting or online discussion, or forum is intentionally open to the public and is not in any way private. We recommend that you carefully consider whether to disclose any Personal Data in any public posting or forum. What you have written may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict. |
Third-Party Business Partners You Access Through the Service | · We will disclose certain Personal Data if you choose to use any service to log in to the Service. This includes logging in via social media platforms such as a Google or Facebook account. · To meet or fulfill the reason you provided the information to us. |
Legal Obligations
We may disclose any Personal Data that we collect with third parties in conjunction with any of the activities set forth under “How We Disclose Your Personal Data” sections above.
Business Transfers
All Personal Data may be transferred to a third party if we undergo a merger, acquisition, bankruptcy, or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.
Tracking Tools, Advertising, and Opt-Out
The following sections provide additional information about how we collect your Personal Data.
The Service use cookies and similar technologies such as pixel tags, web beacons, clear GIFs, mobile identifiers, and JavaScript (collectively, “Cookies”) to enable our servers to recognize your device and web browser and tell us how and when you visit and use our Service. We do this to analyze trends, learn about and advertise to our user base, and operate and improve our Service. For example, we use Cookies to tailor the Service or customize advertisements on and off of our Service by tracking navigation habits, measuring performance, storing authentication status so re-entering credentials is not required, customizing user experiences with the Service, and for analytics and fraud prevention. Cookies are small pieces of data – usually text files – placed on your computer, tablet, phone, or similar device when you use that device to visit our Service. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s).
We use the following types of Cookies:
- Essential Cookies. Essential Cookies are required to provide you with features or Service you have requested. For example, certain Cookies enable you to log into the secure areas of our Service. Disabling these Cookies may make certain features and Service unavailable.
- Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Service, maintain your preferences over time and recognize you when you return to our Service. These Cookies help us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
- Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Service such as by collecting information about the number of visitors to the Service, what pages visitors view on our Service, how long visitors are viewing pages on the Service, mouse clicks, mouse movements, scrolling activity, and text typed into the Service. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns to help us improve our campaigns and the content for those who engage with our advertising. For example, Google LLC (“Google”) uses cookies in connection with its Google Analytics Service. Google’s ability to use and share information collected by Google Analytics about your visits to the Service is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of cookies by visiting the Google advertising opt-out page or the Google Analytics Opt-out Browser Add-on page.
- Retargeting/Advertising Cookies. Retargeting/Advertising Cookies collect data about your online activity and identify your interests to provide advertising on and off of our Service that we believe is relevant to you. For more information about this, please see the section below titled “Information about Interest-Based Advertisements.”
- Web Beacons. Web Beacons (e.g., clear GIFs or pixel tags) are tiny graphic image files embedded in a webpage or email that may be used to collect information about the use of our Service, the web Service of selected advertisers, and the emails, special promotions, or newsletters that we send. The information collected by Web Beacons allows us to analyze how many people are using the Service, using selected publishers’ web Service or opening emails, and for what purpose. Also, it allows us to enhance our interest-based advertising (discussed further below).
- Mobile Device Identifiers. Mobile device identifiers help us learn more about our Users’ demographics and internet behaviors. Mobile device identifiers are data stored on mobile devices that may track mobile devices and data, activities occurring on and through it, and the applications installed on it. Mobile device identifiers enable the collection of Personal Data, such as media access control, address, location, and tracking data, including without limitation IP address, domain server, type of device(s) used to access the Service, web browser(s) used to access the Service, referring webpage or other source through which you accessed the Service, other statistics, and information associated with the interaction between your browser or device and the Service.
- Cross Device Matching. To determine if users have interacted with content across multiple devices and to match such devices, we may work with partners who analyze device activity data and/or rely on your information (including demographic, geographic, and interest-based data). We may also provide de-identified data to these partners to supplement this analysis. Based on this data, we may display targeted advertisements across devices that we believe are associated or use this data to further analyze usage of Service across devices.
You can opt-out of all unessential Cookies at any time here or by emailing us at [email protected]. You can also decide whether to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on your browser software) allowing you to decide on acceptance of each new Cookie in a variety of ways. You may also be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. You can also delete all Cookies that are already on your device. Although you are not required to accept our Cookies, if you block, reject, or delete them, you may have to manually adjust some preferences every time you access the Service, as some functionalities may not work.
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find more information about Cookies, including how to manage and delete Cookies, please visit here or by emailing us at [email protected].
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications, and Service that you do not wish such operators to track certain of your online activities over time and across different websites. We generally do not support “Do Not Track” requests sent from a browser at this time. To find out more about “Do Not Track,” you can visit here. However, if you are a resident of state with an applicable privacy law, we treat opt-out preference signals as a means of opting out of the sale or sharing of personal data, or of opting out of the processing of personal data for targeted advertising, as applicable, to the extent such signals are present and readable.
We may serve advertisements and allow third-party ad networks, including third-party ad servers, ad agencies, ad technology vendors and research firms, to collect data on the Service and serve advertisements on and off of the Service. These advertisements may be targeted to users who fit certain general profile categories or display certain preferences or behaviors (“Interest-Based Ads”). Information for Interest-Based Ads (including Personal Data) may be provided to us by you or derived or inferred from the online activity or usage patterns of particular users on the Service and/or Service of third parties. Such information may include IP address, mobile device ID, operating system, browser, webpage interactions, geographic location, and demographic information, such as gender and age range. Such information may be gathered through tracking users’ activities across time and unaffiliated properties, including when you leave the Service. To accomplish this, we or our service providers may deliver Cookies, including Web Beacons, from an ad network to you through the Service. Web Beacons allow ad networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. This information helps us learn more about our Users’ demographics and internet behaviors. Web Beacons also enable ad networks to serve targeted advertisements to you when you visit other websites. Web Beacons allow ad networks to view, edit or set their own Cookies on your browser, just as if you had requested a webpage from their site.
Please note that even after opting out of Interest-Based Ads, you may still see SJD4L advertisements that are not interest-based (i.e., not targeted toward you).
The security of your Personal Data is important to us. We seek to protect your Personal Data from unauthorized access, use, and disclosure using appropriate physical, technical, organizational, and administrative security measures based on the type of Personal Data and how we process that data. We endeavor to follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and in storage.
For example, the Service uses industry-standard Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Data. We store and process your information on our servers in the United States and abroad. We maintain what we consider industry-standard backup and archival systems. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanisms; limiting access to your computer or device and browser; and signing off after you have finished accessing your account.
Although we work to protect the security of your account and other data that we hold in our records, for example, by making good faith efforts to store Personal Data in a secure operating environment that is not open to the public, please be aware that no method of transmitting data over the Internet or storing data is completely secure. We cannot and do not guarantee the complete security of any data you share with us, and except as expressly required by law, we are not responsible for the theft, destruction, loss, or inadvertent disclosure of your information or content.
We retain Personal Data about you and your uploaded Content as necessary to provide our Service or to perform our business or commercial purposes for collecting your Personal Data. When establishing a retention period for specific categories of data, we consider who we collected the data from, our need for the Personal Data, why we collected the Personal Data, and the sensitivity of the Personal Data. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, provide our Service, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in a de-identified and/or aggregated form where that information would not identify you personally.
For example:
- We retain your account information and credentials for as long as you have an account with us.
- We retain your device/IP data for as long as we need it to ensure that our systems are working appropriately, effectively, and efficiently.
The Service are not directed to or intended for use by anyone under 18 years of age. If you are a child under the age of 18, please do not attempt to register for or otherwise use the Service or send us any Personal Data. By accessing, using, and/or submitting information to or through the Service, you represent that you are at least the age of 18. As noted in the Terms of Service, we do not knowingly collect or solicit Personal Data from children under the age of 18. If we learn that we have received any Personal Data directly from a child under age 13 without first receiving their parent’s verified consent, we will use that Personal Data only to respond directly to that child (or their parent or legal guardian) to inform the child that they cannot use the Service. We will then subsequently delete that child’s Personal Data. If you believe that a child under 18 may have provided us with Personal Data, please contact us at [email protected].
If you are between the age 13 and 18, you may use the Service only with the consent of or under the supervision of your parent or legal guardian. If you are a parent or legal guardian of a minor child, you may, in compliance with the Agreement, use the Service on behalf of such minor child. Any information that you provide us while using the Service on behalf of your minor child will be treated as Personal Data as otherwise provided herein.
If you use the Service on behalf of another person, regardless of age, you agree that we may contact you for any communication made in connection with providing the Service or any legally required communications. You further agree to forward or share any such communication with any person for whom you are using the Service on behalf of.
Controlling Your Personal Data and Notifications
If you are a registered User of the Service, you can modify certain Personal Data or account information by logging in and accessing your account. If you wish to close your account, please e-mail us at [email protected]. SJD4L will use reasonable efforts to delete your account as soon as reasonably possible. Please note, however, that SJD4L reserves the right to retain information from closed accounts consistent with our internal data retention policies and procedures.
You must promptly notify us if any of your account data is lost, stolen, or used without permission.
California Rights and Disclosures
The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (“CCPA”), provides California residents with specific rights regarding their Personal Data. Please see the “Exercising Your Rights” section below for instructions regarding how California residents can exercise these rights. This section describes your CCPA rights and explains how to exercise those rights. If you have any questions about this section or whether any of the following applies to you, please contact us at [email protected] and indicate “California Rights” in the subject line of your communication. Because of the minimal Personal Data we collect and retain about Visitors, certain rights may not be afforded to you (as further described below). Additionally, please note that these rights are subject to certain conditions and exceptions under applicable law, which may permit or require us to deny your request. Lastly, we may process Personal Data of our customers’ end users or employees in connection with our provision of certain Service to our customers. If we are processing your Personal Data as a “service provider” under the CCPA, you may need to contact the entity that collected your Personal Data in the first instance to address your rights with respect to such data.
Access
If you have a Data4Living™ account, you have the right to request certain information about our collection and use of your Personal Data, including the following:
- The categories of Personal Data that we have collected about you.
- The categories of sources from which that Personal Data was collected.
- The business or commercial purpose for collecting or selling your Personal Data.
- The categories of third parties with whom we have shared your Personal Data.
- The specific pieces of Personal Data that we have collected about you.
If we have disclosed your Personal Data for a business purpose, we will identify the categories of Personal Data shared with each third-party recipient.
Deletion
If you have a Data4Living™ account, you have the right to request that we delete the Personal Data that we have collected from you. Under the CCPA, this right is subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Service or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.
Correction
If you have a Data4Living™ account, you have the right to request that we correct any inaccurate Personal Data we have collected about you. Under the CCPA, this right is subject to certain exceptions: for example, if we decide, based on the totality of circumstances related to your Personal Data, that such data is correct. If your correction request is subject to one of these exceptions, we may deny your request.
Processing of Sensitive Personal Data Opt-Out
If you have a Data4Living™ account, we may collect Personal Data that is considered “sensitive” under the CCPA. Because we may use or disclose Sensitive Personal Information for purposes other than those set forth in section 7027(m) of the CCPA regulations, California residents have the right to request that we limit the use or sharing of their Sensitive Personal Information (“Right to Limit”). The Right to Limit allows California residents to direct a business that collects Sensitive Personal Information to limit its use of this information to that use which is necessary to perform the Service or provide the goods reasonably expected by an average consumer who requests those goods or Service, to perform the Service set forth in paragraphs (2), (4), (5), and (8) of subdivision (e) of Section 1798.140, and as authorized in the CCPA regulations.
Personal Data Sharing or Selling
Under the CCPA, California residents have certain rights when a business “shares” or “sells” Personal Data with third parties for purposes of cross-contextual behavioral advertising. While we do not sell Users’ information to unaffiliated parties for money, we do share Cookies and other web data to advertising and marketing partners in a manner which might be considered “selling” or “sharing” your Personal Data as those terms are defined under the CCPA. Accordingly, we have shared and sold the foregoing categories of Personal Data for the purposes of cross-contextual behavioral advertising:
- User Demographic data (not Sensitive Demographic Data) such as gender or zip code;
- Online Identifiers
- Web analytics
As described in the “Tracking Tools, Advertising, and Opt-Out” section above, we have incorporated Cookies from certain third parties into our Service. These Cookies allow those third parties to receive information about your activity on our Service that is associated with your browser or device. Those third parties may use that data to serve you relevant ads on our Service or on other websites you visit. Under the laws of the CCPA, “sharing” of a User’s web analytics is also considered “selling.” You can opt out of such data selling and/or sharing by following the instructions in this section.
We share Personal Data with the following categories of third parties:
- Advertising partners
Once you have submitted an opt-out request, we will not ask you to reauthorize the sharing of your Personal Data for at least 12 months. To our knowledge, we do not share the Personal Data of minors under 16 years of age.
We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA.
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or Service, charge you different prices or rates, or provide you with a lower quality of goods and Service if you exercise your rights under the CCPA.
Financial Incentives
We value your data because it allows us to better understand your goals and preferences and improve our products and Service to better serve you. From time to time, we may offer a financial incentive for your participation in our user research. The financial incentive we offer is based on our good faith determination of the estimated value of your data. If you participate in the research, you may be asked to submit Personal Data in surveys, forms, or through your account. The Personal Data you submit in connection with this research will only be used internally to improve our product; we will never share or sell this data to third parties.
Through your participation in the research, we may collect the following categories of Personal Data about you:
- Identifiers, such as your name, address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
- Characteristics of protected classifications under California or federal law.
- Commercial information, such as products or Service you’ve purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Internet or other electronic network activity information, such as your browsing history, search history, and information regarding your interaction with an internet website, application, or advertisement.
- Geolocation data.
- Audio, electronic, visual, thermal, olfactory, or similar information. For example, we may collect your voice recordings.
- Professional or employment-related information.
- Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
- Any other Personal Data you may enter into a free-form field of our surveys or forms.
- Inferences drawn from any of the foregoing categories of Personal Data.
Participation in the financial incentive is entirely optional. If you participate in a financial incentive, you agree that we are not required to comply with your right to know or delete Personal Data collected in exchange for the financial incentive. If you are a participant in a financial incentive we offer, you may withdraw from the financial incentive at any time by emailing us at the email address provided to you with your individual notice of the financial incentive.
Other California Resident Rights
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes. To submit such a request, please contact us at [email protected].
Region Specific Resident Disclosures
If you are a resident of Virginia, Colorado, Connecticut, Delaware, Illinois, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, Virginia, Washington State or another state or region (e.g., European Union) with a similar comprehensive consumer privacy law, you may have certain rights regarding your information. Please see the “Exercising Your Rights” section below for instructions regarding how to exercise these rights. Please note that in some cases, we may process Personal Data of our customers’ end users or employees in connection with our provision of certain Service to our customers. If we are processing your Personal Data as a “processor” (or similar term) under the applicable privacy law, you may need to contact the entity that collected your Personal Data in the first instance to address your rights with respect to such data. Also, because of the minimal Personal Data we collect and retain about Visitors, certain rights may not be afforded to you (as further described below). Lastly, please note that these rights are subject to certain conditions and exceptions under applicable law, which may permit or require us to deny your request.
Please read the information here for additional regional disclosures for residents of the European Union and the United Kingdom.
If you have any questions about this section or whether any of the following rights apply to you, please contact us at [email protected] and indicate “Region Specific Rights” in the subject line of your communication.
Access
If you are a User, you may have the right to request confirmation of whether we are processing your Personal Data and to access your Personal Data. Additionally, you may also request access to specific third parties to which we have disclosed the Personal Data of Users (subject to exceptions in accordance with the specific region, e.g., the Oregon Consumer Privacy Act.) To exercise this right, please email [email protected] with the subject “Specific Region Access Request.”
Correction
If you have a Data4Living™ account, you may have the right to correct inaccuracies in your Personal Data, to the extent such correction is appropriate in consideration of the nature of such data and our purposes of processing your Personal Data.
Portability
If you have a Data4Living™ account, you may have the right to request a copy of your Personal Data in a machine-readable format to the extent technically feasible.
Deletion
If you have a Data4Living™ account, you may have the right to delete your Personal Data.
Opt-Out of Certain Processing Activities
- You may have the right to opt-out to the processing of your Personal Data for targeted advertising purposes. As discussed in the “Personal Data Sharing or Selling” section of the “California Rights” section of this Privacy Policy , we process your Personal Data for targeted advertising purposes. To opt-out of our processing of Personal Data for targeted advertising purposes, please see the “Exercising Your Rights”
- You may have the right to opt-out to the sale of your Personal Data. We do not currently sell your Personal Data to others for monetary consideration.
- You may have the right to opt-out from processing your Personal Data for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects to you. However, we do not conduct such activities.
Appealing a Denial
If we refuse to take action on a request within a reasonable period of time after receiving your request in accordance with this section, you may have the right to appeal such decision. In such appeal, you must (1) provide sufficient information to allow us to verify that you are the person about whom the original request pertains and to identify the original request, and (2) provide a description of the basis of your appeal. Please note that your appeal will be subject to your rights and obligations afforded to you under the applicable state law that applies to you. We will respond to such appeal within 45 days of receiving your request. If we deny your appeal, you may have the right to contact the applicable regulators in your state.
You may appeal a decision by us using the following methods:
- Email us at: [email protected](title must include “Consumer Appeal”)
- Call us at: 603-566-7589
To exercise the rights under the CCPA or other state laws as described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data, and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We will only use Personal Data provided in a Valid Request to verify you and complete your request. If you are a Healthcare Provider with a profile on our Service, you do not need an account to submit a Valid Request.
We will respond to your Valid Request within the applicable time period required by law. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.
To the extent rights are afforded to you, you may submit a Valid Request using the following methods:
- If you have a Data4Living™ account, you can submit requests to access (by portable copy or otherwise), delete, correct through the “Privacy” tab in your account settings.
- If you have a Data4Living™ account, you can opt-out from or limit the processing of sensitive information through the “Data Privacy” tab in your account settings.
- All Users (including Visitors) can opt out from targeted advertising (which may constitute “selling” or “sharing” under certain privacy laws) by visiting our website.
If you have questions or difficulty submitting a Valid Request, you can call us at 603-566-7589 or email us at [email protected].
Changes to this Privacy Policy
We reserve the right to amend our Privacy Policy at our discretion and at any time. If we make material changes to the Privacy Policy, we will notify you by email or through a notice on our website homepage. Use of the information we collect is subject to the Privacy Policy in effect at the time such information is collected.
If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, your choices, and rights regarding such use, please do not hesitate to contact us at:
SJD4L Enterprises, LLC
31 Schwinn Drive
Nashua, NH 03062
e-mail: [email protected]
Telephone: 603-566-7589
REGIONAL PRIVACY DISCLOSURES NOTICE
This European Union (“EU”) and United Kingdom (“UK”) General Data Protection Regulation Privacy Notice (“GDPR Privacy Notice”) supplements SJD4L Enterprises, LLC’s (“SJD4L”, “We”, “Us”, or “Our”) Privacy Policy. When we offer goods and services to individuals in the European Economic Area (“EEA”) and the United Kingdom (“UK”), we are subject to the EU General Data Protection Regulation (“EU GDPR”) and the UK General Data Protection Regulation (“UK GDPR”). We treat the UK GDPR and the EU GDPR the same and, therefore, refer to each individually and collectively simply as GDPR. In the event of any differences between the two, we will abide by the stricter regulation. We reserve the right to change this GDPR Privacy Notice from time to time. Changes shall become effective on the date they are posted unless otherwise stated.
DATA PROTECTION PRINCIPLES
We adhere to the principles of data protection as outlined in the GDPR:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
ADDITIONAL DISCLOSURES FOR PEOPLE IN EUROPE AND THE UK.
“Personal Data”, “Process/Processing”, “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data Breach” and “Special Categories of Personal Data” shall have the same meaning as in the GDPR data protection laws. If GDPR data protection laws apply to the processing by SJD4L of Personal Data (referring to any information relating to an identified or identifiable natural person) related to you, then the following terms apply: Under GDPR data protection laws, generally you will be considered a “data controller” and SJD4L will be considered a “data processor”. In some situations, SJD4L may operate as a data controller. To the extent SJD4L is operating as a data controller, the following will apply. We may transfer your Personal Data to recipients who may be located anywhere in the world. We will only transfer your Personal Data from the EEA or UK to third countries (i.e., countries outside the EEA) based on appropriate safeguards or if otherwise authorized by applicable law.
Where we process Personal Data related to you as a data controller, the processing is based on the following lawful grounds:
- All processing of your Personal Data based on your consent;
- To process your account and payment details in performance of a contract with you; and/or
- To process your Personal Data, including your Personal Information, to comply with a legal obligation and to protect your and others’ vital interests.
We will further rely on our legitimate interests, which we believe are not overridden by your fundamental rights and freedoms, for the following purposes:
- Communications with you, including direct marketing where you are our customer or a user of our customer, or where you make contact with us through our website and other digital assets;
- Cybersecurity;
- Support, customer relations, service operations;
- Enhancements and improvements to yours and other users’ experience with our Services; and/or
- Fraud detection and misuse of a Service.
In addition to your rights under other sections in this policy, you have the following rights:
- AT ANY TIME, CONTACT US IF YOU WANT TO WITHDRAW YOUR CONSENT TO THE PROCESSING OF YOUR PERSONAL DATA. EXERCISING THIS RIGHT WILL NOT AFFECT THE LAWFULNESS OF PROCESSING BASED ON CONSENT BEFORE ITS WITHDRAWAL.
- Request to delete or restrict access to your Personal Data. We will review your request and use our judgment, pursuant to the provisions of applicable law, to reach a decision about your request.
- If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you may request to be informed that third parties that hold your Personal Data, in accordance with this policy, will act accordingly.
- You may ask to transfer your Personal Data in accordance with your right to data portability.
- You may object to the processing of your Personal Data for direct marketing purposes.
- You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting you.
- You have a right to lodge a complaint with a data protection supervisory authority of your habitual residence, place of work, or of an alleged infringement of the General Data Protection Regulation (GDPR).
THIRD-PARTY PROCESSORS
We may engage third-party processors to process your Personal Data on our behalf. These processors are bound by strict contractual obligations to process your data in compliance with GDPR requirements.
SUPERVISORY AUTHORITIES
The supervisory authority in the UK is the Information Commissioner’s Office (ICO) and the supervisory authority in the EU member states are the relevant Data Protection Authorities (DPAs).
CONTACT US If you have questions or concerns regarding privacy using the Services, please email our Data Protection Officer at [email protected].