Effective Date: January 10, 2020
Information We Collect and Receive
The Website collects information about you when you access or interact with the Website, or otherwise transmit information to us (such as signing up for a mailing list or sending a payment through the Website). We may also obtain information about you from our affiliates and business partners and from publicly available information. The information the Website collects includes:
- When you create an account with the Website, or use the Website to pay a bill or transmit files, you supply us with Personal Information such as name, mailing address, email address, phone number, payment information such as credit card numbers, and other information as necessary for the particular use.
- When you visit the Website, we collect information about your use and interaction with the Website. For example, we may collect your IP address, the type of web browser and operating system used to access the Website, the time and duration of your visits, and information about the content and webpages you view and the features you access on the Website.
- Any other information you send or otherwise communicate to us.
Do Not Track Signals. The Website does not respond to Do Not Track (“DNT”) signals. Third party applications and plugins, such as social media integration, may treat DNT signals differently.
No Information From Children Under Age 18. The Website is not directed to children under the age of 18. If we learn that we have collected Personal Information from a child under the age of 18, we will promptly delete that information. If you believe we have collected Personal Information from someone under age 18, please email us at email@example.com, or call us at 303.402.1600.
How We Collect and Use Information
Personal Information. We use Personal Information for business purposes including providing information to clients and potential clients, processing payments, and maintaining, evaluating and improving the Website. We may also use it to communicate with you, fulfill requests for information, deliver services, and provide user support.
Google Analytics. We use Google Analytics to help analyze how the Website is used. The information generated by the cookie about your use of the Website (including IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of the Website and compile statistical reports on Website. For more information regarding how Google Analytics protects your data, please visit Google’s website at https://support.google.com/analytics/answer/6004245?hl=en.
How We Share and Disclose Information
Disclosure to Third Party Providers and Subprocessors. The Website may engage third party service providers or data subprocessors to assist in providing analytics, data storage, and other services. It may also use third parties to provide, maintain, and improve the Website. A current list of the subprocessors we use to support delivery of the Website may be requested by emailing firstname.lastname@example.org.
Disclosure to Unaffiliated Third Parties. We may disclose your Personal Information to respond to legal requirements, to protect or enforce our rights and policies, to protect or enforce the rights of a third party, to prevent harm to a person or as required or permitted by law, including, without limitation, to comply with a subpoena or court order.
Disclosure of Non-Personal Information. We may disclose your anonymized or de-identified information to any party including potential business partners, advertisers, investors, users, and other third parties.
Disclosure to Corporate Affiliates and Successors. We may disclose Personal Information and other data to its parent, subsidiaries or other affiliates, if any. If the Website is part of a merger, acquisition, reorganization, sale of some or all of its assets, or similar transaction, or takes steps in contemplation of such transactions (e.g., due diligence), Personal Information and other data may be shared or transferred with a new or prospective owner, subject to standard confidentiality agreements.
Data Storage and Retention
The Website takes the privacy of your information seriously. We use industry standard physical, technical and administrative security measures and safeguards to protect the confidentiality and security of Personal Information. However, since the Internet is not a 100% secure environment, we cannot guarantee the security of any information you transmit to us. Further, it is your responsibility to protect the security of your account and login information. Please note that content you store or transmit through the Website, or e-mails and other communications you send to us, are not encrypted.
General Data Protection Regulation. The GDPR provides certain rights to online users located in European Union countries (“EU Data Subjects”). An EU Data Subject has the right to access or rectify their Personal Information that BHGR processes. Subject to certain exceptions, an EU Data Subject has the right to request that BHGR erase that Personal Information or restrict the processing of it. When technically feasible, BHGR will, at the EU Data Subject’s request, provide that person’s Personal Information to them or transmit it directly to another data controller. EU Data Subjects also have the right to file a complaint with the appropriate data protection authority. EU Data Subjects may exercise their rights, and ask any other related questions, by emailing email@example.com.
BHGR relies on the legitimate interests (except as where otherwise noted, such as in the cookie consent banner below) described above for processing EU Data Subjects’ Personal Information including: providing access and functionality through the Website, processing payments, improving the Website, and communicating with existing and potential users about additional services that may interest them.
To comply with the GDPR’s requirements, BHGR collects and transfers EU Data Subjects’ Personal Information to other countries outside the European Union only: (1) consistent with an adequacy decision under Article 45 of the GDPR; (2) pursuant to suitable safeguards; or (3) consistent with another permissible transfer mechanism where appropriate. More information concerning these transfers is available by contacting firstname.lastname@example.org.
California Privacy Rights
Shine the Light. California’s “Shine the Light” law permits California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To obtain this information, please send an email message to email@example.com with “Shine the Light Request” on the subject line and in the body of your message. We will provide the requested information to you at your e-mail address in response. Please be aware that not all information is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.
CCPA. The CCPA provides certain rights to California residents regarding their Personal Information. A California resident has the right to request that BHGR disclose certain information, including: (1) the categories of Personal Information it has collected about that California resident, (2) the categories of sources from which the Personal Information is collected, (3) the business or commercial purpose for collecting or selling the Personal Information, (4) the categories of third parties with whom BHGR shares Personal Information, (5) the specific pieces of Personal Information it has collected about that resident, and (6) the categories of Personal Information that BHGR has sold about that resident and the categories of third parties to whom that information was sold.
A California resident has the right to request that BHGR delete their Personal Information. A California resident also has the right to “opt-out” of the sale of that resident’s Personal Information. Finally, a California resident has the right not to be discriminated against for exercising their privacy rights under the CCPA. Provided, however, that the CCPA does not prohibit BHGR from offering financial incentives, different prices, rates, levels or qualities of goods or services for the collection of Personal Information if that price or difference is directly related to the value provided by the consumer’s data.
To submit a request to exercise your rights as a California resident, please submit the details of your request by email to firstname.lastname@example.org, with the subject line “CCPA Consumer Request”, send a message through our online form, or call the toll-free number 303.402.1600 during normal business hours. BHGR will verify any consumer’s request through their account, or other methods if their account is not available. BHGR will confirm any delete request through a separate confirmation before deleting any information. A consumer may designate an authorized agent to submit requests on their behalf through their account or by contacting us directly.
BHGR has collected and/or disclosed for a business purpose within the last 12 months the categories of Personal Information about California consumers indicated below:
|Category||Examples||Collected||Disclosed for a Business Purpose|
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.||YES||YES|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||NO||NO|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES||YES|
|E. Biometric information.||Physiological, biological, or behavioral characteristics, including an individual’s deoxyribonucleic acid (DNA), that can be used, singly or in combination with each other or with other identifying data, to establish individual identity, including, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.||NO||NO|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES||YES|
|G. Geolocation data.||Physical location or movements.||NO||NO|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||YES||YES|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO||NO|
|K. Inferences drawn from other Personal Information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO||NO|
Sales of Information. BHGR has not sold any California consumers’ Personal Information within the last 12 months.
Sources of Information. BHGR has collected the above categories of California consumers’ Personal Information from the following sources, listed below with the corresponding categories of Personal Information in parenthesis:
- Directly from you. For example, when you or your employer communicate with us, or when you use the Website to make payments (A, B, D, F, & I).
- Indirectly from you from observing your actions on our website (A & F).
Purpose for Collection. BHGR collects California consumers’ Personal Information for the following business and commercial purposes, listed below with the corresponding categories of Personal Information in parenthesis.
- Auditing related to current interactions (A, B, D, F, & I).
- Detecting security incidents (A, B, D, F, & I).
- Debugging (A, B, D, F, & I).
- Undertaking activities to verify or maintain the quality or safety of the Website (A, B, D, F, & I).
- To maintain and improve the Website (A, B, D, F, & I).
- To communicate with current and potential business contacts (A, B, D, F, & I).
Categories of Third Parties We Disclose Information To. BHGR discloses for a business or commercial purpose information to the following third parties:
- Subprocessors, such as cloud hosting websites or payment processors, to facilitate the functioning of the website.
- Marketing services, to provide relevant advertising to potential and existing customers.
Third Party Websites
Questions and How To Contact Us
Berg Hill Greenleaf Ruscitti LLP
1712 Pearl Street, Boulder CO, 80302