CCPA

Privacy Policy

Supplemental Notice for California Consumers

Date Posted and Effective Date: December 14, 2021

 

This Supplemental Notice for California Consumers (“ Supplemental Notice ”) is a part of the Privacy Policy and supplements the information contained in the Privacy Notice.  This Supplemental Notice applies solely to visitors, users, and others who are residents of the State of California (as defined in Section 17014 of Title 18 of the California Code of Regulations).

The California Consumer Privacy Act of 2018 ( CCPA ) gives California residents the right to know what personal information AuditNet collects about them, including whether it is being sold or disclosed to third parties. The CCPA also grants certain rights to California residents, including the right to delete their personal information (subject to certain exceptions) and the right to prevent AuditNet from selling their personal information. Companies are also prohibited from retaliating or discriminating against consumers for exercising their rights under the CCPA.

This Supplemental Notice provides the information required under the CCPA and applies to both AuditNet’s online and offline activities. For more information about how we collect, use, and share information through our Site and Services, please review the body of our Privacy Policy found here: https:// auditnet.org/privacy-policy   Any terms defined in the CCPA have the same meaning when used in this Supplemental Notice.

We set out below the CCPA categories of personal information we have collected from or about California consumers within the last twelve (12) months, including consumers that have viewed our Site, used our Services, attended an event sponsored or hosted by AuditNet, or have otherwise interacted with AuditNet or our Services. Personal information in certain categories may overlap with personal information in other categories. Under the CCPA, “personal information” does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

Information Category

Data Examples

Categories of Sources

Purpose for Collecting Information

Categories of Third Parties With Whom We Share

Identifiers

· Device IP Address
· Username
· Email address
· Cookies
· Work phone
· Company address
· Signatures

· Directly from Consumers through submission of forms on our site, use of AuditNet’s templates
· Attendance and participation in AuditNet events
· During transactions between the consumer’s company and AuditNet.
· Public records.
· Research partners.
· Consumer data resellers
· Third parties who help us maintain the accuracy of our data and data aggregators that help us complete and enhance our records.
· Marketing vendors
· Third parties who provide digital marketing and analytics services for us using cookies and similar technologies that contain a unique identifier, such as an advertising ID.
· Third parties who provide product fulfillment services in connection with our products and services.
· Third parties that provide access to information you make publicly available, such as social media platforms.
· Your computer and mobile devices (automatically) when you visit or interact with our websites, applications, and online platforms.
· Cookies, web beacons, and similar technologies (automatically) when you visit our websites or third-party websites.
· Third party advertising partners and other third parties who provide digital marketing services.
· Third parties who provide website and online security services.
· When you contact or visit us (automatically), such as when we record calls to our call center or use CCTV cameras in our facilities.
· Your mobile devices and other internet-connected devices and applications (automatically).

· Enroll you in our programs and provide our products and services to you.
· Administer, manage, analyze, and improve our programs, products, and services.
· Issue invoices and collect payments.
· Reimburse customers, satisfy warranty obligations, and fulfill payment obligations.
· Communicate with you regarding our programs, products, and services.
· Procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations.
· Analyze and better understand your needs, preferences, and interests, as well as those of other consumers.
· Conduct internal business analysis and market research.
· Advertising and product promotion, including to contact you regarding programs, products, services, and topics that may be of interest or useful.
· Engage in joint marketing initiatives.
· Administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.
· Detect security incidents and other fraudulent activity.
· Monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.
· Comply with legal and regulatory obligations.
· To identify you and your device(s) for any/all purposes identified above, including to monitor your use of and interactions with programs, products, services, and advertisements for such purposes.

· Authorized/legal representatives
· Third parties with whom we have joint marketing and similar arrangements.
· Third parties who provide product fulfillment services in connection with our products and services.
· Third parties as needed to complete transactions and for authentication, security, and fraud prevention.
· Third parties who deliver our communications, such as the postal service and couriers.
· Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.
· Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.
· Third party network advertising partners.
· Consumer reporting agencies.
· Our lawyers, auditors, and consultants.
· Legal and regulatory bodies and other third parties as required by law.

California Customer Records personal information categories (Cal. Civ. Code § 1798.80(e))

· Name
· Business address
· Business telephone number

· Directly from Consumers through submission of forms on our site.
· Indirectly creation of a user account in AuditNet.
· Public records.
· Research partners.
· Consumer data resellers
· Third parties who help us maintain the accuracy of our data and data aggregators that help us complete and enhance our records.
· Marketing vendors
· Third parties who provide digital marketing and analytics services for us using cookies and similar technologies that contain a unique identifier, such as an advertising ID.
· Third parties who provide product fulfillment services in connection with our products and services.
· Third parties that provide access to information you make publicly available, such as social media platforms.
· When you contact or visit us (automatically), such as when we record calls to our call center or use CCTV cameras in our facilities.

· Enroll you in our programs and provide our products and services to you.
· For security and application authentication
· Conduct internal business analysis and market research.
· Engage in joint marketing initiatives.
· Advertising and product promotion, including to contact you regarding programs, products, services, and topics that may be of interest or useful.
· Provide access to, monitor, and secure our facilities, equipment, and other property.
· Detect security incidents and other fraudulent activity.
· Monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.
· Comply with legal and regulatory obligations.

· Authorized/legal representatives
· Third parties with whom we have joint marketing and similar arrangements.
· Third parties who provide product fulfillment services in connection with our products and services.
· Third parties who deliver our communications, such as the postal service and couriers.
· Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.
· Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

· Third party network advertising partners.
· Third parties as needed to complete transactions and for authentication, security, and fraud prevention.
· Consumer reporting agencies.
· Our lawyers, auditors, and consultants.
· Legal and regulatory bodies and other third parties as required by law.

Protected classification characteristics under California or federal law

· Disabilities

· Directly from Consumers via event registration forms.

· To ensure ADA accommodations for event attendees.
· Comply with legal and regulatory obligations.

· Third parties who provide product fulfillment services in connection with our products and services.
· Third parties who deliver our communications, such as the postal service and couriers.
· Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.
· Our lawyers, auditors, and consultants.
· Legal and regulatory bodies and other third parties as required by law.

Commercial Information

· Engagement with our AuditNet’s templates.
· AuditNet conferences or events attended.

· Your computer and mobile devices (automatically) when you visit or interact with our websites, applications, and online platforms.
· Your mobile devices and other internet-connected devices and applications (automatically).
· When you contact or visit us (automatically), such as when we record calls to our call center or use CCTV cameras in our facilities.

· Determine and verify program, product, and service eligibility and coverage.
· Administer, manage, analyze, and improve our programs, products, and services.
· Issue invoices and collect payments.
· Conduct internal business analysis and market research.
· Advertising and product promotion, including to contact you regarding programs, products, services, and topics that may be of interest or useful.
· Engage in joint marketing initiatives.
· To identify you and your device(s) for any/all purposes identified above, including to monitor your use of and interactions with programs, products, services, and advertisements for such purposes.

· Third parties with whom we have joint marketing and similar arrangements.
· Third parties who provide product fulfillment services in connection with our products and services.
· Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.
· Third parties who deliver our communications, such as the postal service and couriers.
· Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.
· Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

· Third party network advertising partners.
· Third parties who assist with our information technology and security programs.
· Third parties who assist with fraud prevention, detection, and mitigation.
· Our lawyers, auditors, and consultants.
· Legal and regulatory bodies and other third parties as required by law.

Internet or other similar network activity

· Information on a Consumer’s interaction with our website and our templates

· Your computer and mobile devices (automatically) when you visit or interact with our websites, applications, and online platforms.
· Your mobile devices and other internet-connected devices and applications (automatically).
· Cookies, web beacons, and similar technologies (automatically) when you visit our websites or third-party websites.

· Determine and verify program, product, and service eligibility and coverage.
· Administer, manage, analyze, and improve our programs, products, and services.
· Issue invoices and collect payments.
· Conduct internal business analysis and market research.
· Engage in joint marketing initiatives.
· Provide access to, monitor, and secure our facilities, equipment, and other property.

· Detect security incidents and other fraudulent activity.
· Monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.
· Comply with legal and regulatory obligations.
· To identify you and your device(s) for any/all purposes identified above, including to monitor your use of and interactions with programs, products, services, and advertisements for such purposes.

· Authorized/legal representatives
· Third parties with whom we have joint marketing and similar arrangements.
· Third parties who provide product fulfillment services in connection with our products and services.
· Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.
· Third parties who deliver our communications, such as the postal service and couriers.
· Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.
· Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.
· Third party network advertising partners.
· Third parties who assist with our information technology and security programs.
· Third parties who assist with fraud prevention, detection, and mitigation.
· Our lawyers, auditors, and consultants.
· Legal and regulatory bodies and other third parties as required by law.

Geolocation data

· IP address
· Browser fingerprint
· Time zone

· Your computer and mobile devices (automatically) when you visit or interact with our websites, applications, and online platforms.
· Your mobile devices and other internet-connected devices and applications (automatically).
· When you contact or visit us (automatically), such as when we record calls to our call center or use CCTV cameras in our facilities.
· When you confirm in a contract or on a form your location.

· Correct identification of actors in audit logs
· Assist in direct communications from AuditNet.
· Administer, manage, analyze, and improve our programs, products, and services.
· Issue invoices and collect payments.
· Conduct internal business analysis and market research.
· Engage in joint marketing initiatives.
· Provide access to, monitor, and secure our facilities, equipment, and other property.
· Detect security incidents and other fraudulent activity.
· Monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.
· Comply with legal and regulatory obligations.

· Third parties who provide product fulfillment services in connection with our products and services.
· Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.
· Third parties who deliver our communications, such as the postal service and couriers.
· Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.
· Third party network advertising partners.
· Third parties who assist with our information technology and security programs.
· Third parties who assist with fraud prevention, detection, and mitigation.
· Our lawyers, auditors, and consultants.
· Legal and regulatory bodies and other third parties as required by law.

AuditNet has not sold personal information in the last 12 months.  AuditNet has disclosed the following categories of personal information for a business or commercial purpose in the last 12 months:

-           Identifiers

-           California Customer Records personal information categories (Cal. Civ. Code § 1798.80(e))

-           Protected classification characteristics under California or federal law

-           Commercial Information

-           Internet or other similar network activity

-           Geolocation data

-           Professional or employment-related information

-           Inferences drawn from other personal information

The CCPA defines the following as “ business purposes ”:

·            Customer Interaction Audits : Auditing related to a current interaction with customers and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with laws and other standards;

·            Security : Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;

·            Provision of Services : The provision of services to customers, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business;

·            Debugging and Repair : Debugging to identify and repair errors that impair existing intended functionality;

·            Internal Research and Development : Internal research for technological development of our business, website and services, and the demonstration of our services; and

·            Quality and Safety Maintenance and Verification : Undertaking activities to verify or maintain the quality, and to improve, upgrade, or enhance our products and services.

“ Commercial purposes ” mean to advance a person’s commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction. “Commercial purposes” do not include for the purpose of engaging in speech that state or federal courts have recognized as noncommercial speech, including political speech and journalism.

Pursuant to the methods proscribed in Section VII of the body of the Privacy Policy, or as described immediately following this list, California residents may request:

(a)   disclosure of AuditNet’s data collection and sales practices, including the categories of personal information we have collected, the source of the information, our use of the information and,

(b)   whether AuditNet has disclosed or sold your information to third parties, and if it has, the categories of personal information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold;

(c)        a copy of the specific personal information collected about you during the 12 months before your request;

(d)   to have such information deleted;

(e)   that your personal information not be sold to third parties, if applicable; and

(f)        not to be discriminated against because you exercise any of your available rights.

If you would like to submit a personal information request or otherwise have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact info@AuditNet.org , or by calling us at +1-888-275-3125 , or +1-515-663-4420 .

You may also authorize someone else to submit these requests on your behalf. To do so, you may designate directly with us another person who may act on your behalf by providing us with a notarized copy of power of attorney, or ask the authorized agent to provide us with a copy of your written permission and a scanned copy of their own government-issued ID.

AuditNet will respond within 45 days of receiving one of the above personal information requests. AuditNet has the right to refuse requests related to (a), (b) or (c) above if the same individual has previously requested such information twice in any twelve (12) month period.  Further, AuditNet may be required to collect additional information from you so we may verify your identity.

California residents who are unable to review or access the Privacy Policy (including this Supplemental Notice) due to a disability may reach out to info@AuditNet.org   to access the Privacy Policy (including this Supplemental Notice) in an alternative format.