State Policy
DATE REVIEWED.
This State Policy Notice was last reviewed on February 1, 2023
THE CALIFORNIA CONSUMER PRIVACY ACT AND VIRGINIA CONSUMER DATA PROTECTION ACT.
The provisions in this State Policy Notice are intended to fulfill the requirements of the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (the “CPRA”), and the Virginia Consumer Data Protection Act (“CDPA”), and shall apply to users of the Site who are residents of California.
PERSONAL INFORMATION.
The terms used in the privacy notice and this State Policy Notice which are defined in the CCPA will have the definitions as provided in the CCPA. The term “personal information,” “your information” or other similar uses implying private information belonging to you as used in the privacy notice and this State Policy Notice include “Personal Information” as defined in the CCPA. All other capitalized terms have the meaning provided in the privacy notice.
SHINE THE LIGHT.
The CCPA and CPDA permit California and Virginia residents to request certain information regarding and/or opt-out of our disclosure of their personal information to third parties for their direct marketing purposes. To make such a request, please contact us at [compliance@ei.tech].
CATEGORIES OF PERSONAL INFORMATION
Category | Examples | Collected |
A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | YES |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | YES |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
F. Internet or other similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | YES |
G. Geolocation data. | Physical location or movements. | YES |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO |
K. Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | YES |
L. Sensitive personal Information | Non-public personal information that reveals a consumer’s social security number, driver’s license, state identification card, or passport number; consumer account log‐in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; a consumer’s precise geolocation a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; the contents of a consumer’s mail, email and text messages, unless the business is the intended recipient of the communication; a consumer’s genetic data; and the processing of biometric information for the purpose of uniquely identifying a consumer; personal information collected and analyzed concerning a consumer’s health; and personal information collected and analyzed concerning a consumer‘s sex life or sexual orientation. | YES |
PROCESSING PERSONAL DATA.
We will not process your personal information for purposes which are materially different, unrelated, or incompatible with the purposes set out in the privacy notice without providing you notice and the opportunity to opt out of such processing.
DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES.
In the last 12 months, to the extent that we have your personal information, we have only disclosed this Personal Data to third parties for business purposes or with your consent.
SALE AND DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES.
We may share your personal information by disclosing it to a third party for a legitimate business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have not disclosed personal information for a business purpose, however, we intend to disclose the following categories of personal information to the categories of third parties indicated in the chart below.
We may also share your personal information by selling it to third parties, subject to your right to opt-out of those sales. Our personal information sales do not include information about individuals we know are under age 16. In the preceding twelve (12) months, we have not sold personal information, however, we intend to sell the following categories of personal information to the categories of third parties indicated in the chart below. Any sales of personal information that constitutes sales of “Sensitive Personal Information” under the CCPA shall be subject to a separately noticed right to-opt out.
Category | Category of Third-Party Recipients | |
Business Purpose Disclosures | Sales | |
A. Identifiers. | Service providers; advertisers; affiliates, partners, parent or subsidiary organizations; and internet cookie data recipients, like Google Analytics | Service providers, like insurance underwriters |
B. Personal information categories listed in the California Customer Records statute | Service providers; advertisers; affiliates, partners, and parent or subsidiary organizations | Service providers, like insurance underwriters |
C. Protected classification characteristics under California or federal law. | Service providers; advertisers; affiliates, partners, and parent or subsidiary organizations | Service providers, like insurance underwriters |
D. Commercial information. | Service providers; advertisers; affiliates, partners, and parent or subsidiary organizations | Service providers, like insurance underwriters |
E. Biometric information. | None | None |
F. Internet or other similar network activity. | Service providers; advertisers; affiliates, partners, parent or subsidiary organizations; and internet cookie data recipients, like Google Analytics | Service providers, like insurance underwriters |
G. Geolocation data. | Service providers; advertisers; affiliates, partners, parent or subsidiary organizations; and internet cookie data recipients, like Google Analytics | Service providers, like insurance underwriters |
H. Sensory data. | None | None |
I. Professional or employment-related information. | None | None |
J. Non-public education information | None | None |
K. Inferences drawn from other personal information. | Service providers; advertisers; affiliates, partners, parent or subsidiary organizations; and internet cookie data recipients, like Google Analytics | Service providers, like insurance underwriters |
RESELLING PERSONAL INFORMATION.
The CCPA and CPDA prohibits a third party from reselling personal information unless you have received explicit notice and an opportunity to opt-out of further sales. We have not sold any personal information to date. However, we will update this section with the businesses that purchase personal information from us and may resell that information in the future. To opt-out of those sales, you will be able to visit that business’s opt-out notice at the link to be provided.
ADDITIONAL RIGHTS UNDER THE CCPA AND CPDA.
California residents may have the following rights under the CCPA and CPDA in addition to the rights set out in the privacy notice.
Access: Once we receive and confirm your verifiable consumer request, we will disclose the following to you:
- the categories of your personal information and the specific personal information that we have collected;
- the categories of sources from which your personal information was collected;
- our business or commercial purpose for collecting your personal information;
- the categories of third parties with whom we share your personal information, and where such third parties received your personal information from us for a business purpose, the categories of your personal information that we disclosed to such third parties; and
- the specific personal information or sensitive personal information that has been collected or shared
Under the CCPA and CPDA you are y entitled to exercise the personal information access rights s set forth below
- Deletion: After we receive and confirm your verifiable consumer request, we will (and will direct our service providers to whom we have disclosed your personal information to) delete your personal information unless an exception under the CCPA or CPDA applies.
- Correction: Upon confirmation of your request, we will (and will direct our service providers to whom we have disclosed your information to) correct any inaccuracies in your personal information.
These rights may have limits in how frequently you can exercise them, depending on where you live. You may also exercise the following knowledge rights regarding your personal information:
- The categories of personal information that we have collected about you.
- The categories of personal information that we have disclosed for a business purpose, and the entities to which such disclosures were made.
- The categories of personal information that we have sold or shared, and general information about the sorts of entities or third parties which have received such information.
You may also separately exercise each of these rights for your sensitive personal information, or exercise the right to limit any disclosure of your sensitive personal information no more than once every twelve (12) months.
If you would like to exercise any of your rights in this section, please contact us in writing (see HOW CAN YOU CONTACT US ABOUT THIS POLICY). You must include your full name, mailing address, and policy number (if applicable), in addition to the rights you are exercising and which information you are exercising your rights on. Please also state that you are requesting access pursuant to the California Consumer Privacy Act or Virginia Consumer Data Protection Act. We will do our best to respond promptly to any request.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. We may need to request specific information from you to help us confirm that your request is a verifiable consumer request.
HOW CAN YOU CONTACT US ABOUT THIS POLICY
For any questions or claims about our compliance with the CDPA or CCPA as amended, please contact us:
- at compliance@ei.tech;
- via mail at
Embedded Insurance, Inc.
1389 Center Drive, STE 200
Park City, UT 84098, US - through the ‘Contact Us’ section of our website; or
- toll free at [#########]
NON-DISCRIMINATION.
We will not discriminate against you for exercising any of your rights under the CCPA or CDPA. Specifically, unless permitted by the CCPA or CDPA, we will not:
- deny you access to services provided by us;
- charge you different prices or rates for the goods and/or services provided by us or impose penalties on you;
- provide you with a different level or quality of goods and/or services than otherwise generally provided by us; or
- suggest that you will receive a different price or rate for, or a different level or quality of, the goods and/or services generally provided by us.