Privacy Policy

Effective Date: April 1, 2024

ATM.com, Inc., dba ATM.com® (referred to herein as “ATM”, “ATM.com”, “we”, “us” and “our”) knows that you care about how your personal information is used and shared.

We want to provide you with answers to your questions and concerns regarding how your personal information is used. You may direct any privacy-related questions to support@ATM.com.

This Privacy Policy describes ATM.com's practices regarding the collection, use, and disclosure of the information we collect from and about you when you use ATM.com's website (https://www.atm.com, or the “Website”), mobile application (“ATM.com” or the “Application” or the “App”), or associated products and services (collectively, with the Website and ATM.com, the “Services”). By accessing or otherwise using the Services, you consent to the collection, use, and disclosure of information as described in this Privacy Policy.

This Privacy Policy contains the following sections:

  • The Information We Collect
  • Cookies and Similar Technologies
  • How We Use Your Information
  • Online Analytics and Advertising
  • How We Share and Disclose Your Information Your Choices
  • Third Party Website Links and Features
  • Children's Privacy
  • Your Rights
  • How Long We Store Your Information
  • Changes to Our Privacy Policy
  • How You Can Access and Update Your Information
  • Data Security
  • How We Protect Your Information
  • California Privacy Rights
  • Use of the Services from Outside the United States
  • ATM.com Contact Information

THE INFORMATION WE COLLECT

Information You Provide to Us
ATM.com collects information from you when you do certain things, such as:

  • Register for, administer, or sign into your account with ATM.com ("ATM.com Account")
  • Make a purchase
  • Sign up to receive SMS (text message) notifications
  • Download or use the ATM.com Application
  • Use or otherwise interact with the Services directly or through social media
  • Submit requests or questions to us via forms or email
  • Communicate with us or have other dealings with us, including requests for customer support or technical assistance
  • Submit uploads or posts to the Services

Our “Data Messenger” Service
ATM.com helps subscribers earn money (“Rewards”) with our Services. One way subscribers earn money with our Services is by matching with a brand and opting in to receive messages from brands through the ATM.com application (“Data Messenger”). This is how our Data Messenger works. First, we compile information from you regarding your unique personal interests. Then, we link this information to a proprietary token that doesn't identify you to the outside world. We do not share any of your personal information with brands in this process; your personal information remains inside our secure vault (see below DATA SECURITY; HOW WE PROTECT YOUR INFORMATION). You may decide to opt-in to receiving in-app messages, notifications, and emails from any brand you may select through the Data Messenger.

Types of Information
The types of information we collect will depend upon the Services you use, how you use them, and what you choose to provide. The types of data we collect directly from you may include:

  • Name, address, telephone number, email address, date of birth, SSN, and additional information collected for purposes of identity verification
  • Optional information, including demographic information, or information that you elect to associate with your account (your “Profile Information”)
  • Log-in details and password, if you create an ATM.com account
  • Any email requests or questions you submit to us
  • User content including but not limited to emails, communications, and other information for publication or distribution to third parties.
  • If you choose to link a personal bank account ("Bank Account") or brokerage account to your ATM.com user account within the Services, we will also request information from you such as your login credentials for those accounts and other financial data and documents that we receive from the financial institution.

For users who elect an ATM Instant Cash Advance, we may also collect the following types of bank account information from your linked bank:

  • Balance information
  • Transaction dates
  • Merchant names
  • Transaction types

Information We Automatically Collect
When you use the Services, we may automatically collect certain information as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf to provide and enhance the Services) use a variety of technologies, including cookies and similar tools, to assist in collecting this information.

Log Files
When you use the Services, our servers automatically record certain information in server logs. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type and settings, referring / exit pages and URLs, number of clicks and how you interact with the Services, metadata associated with uploaded Content, domain names, landing pages, pages viewed or moused-over, mobile carrier, date and time stamp information, and other such information.

Device Identifiers
When you access the Services using a computer or mobile device, we may collect specific device information, including your MAC address and other unique device identifiers. We also collect information such as the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may associate this device identifier with your ATM.com Account and will use data associated with your device identifier to customize our Services to your device and to analyze any device-related issues. We may also gather information from your device to assist us with cross-device tracking, as described further below.

Location Information
We may collect different types of information about your location, including general information (e.g., IP address, zip code) and more specific information (e.g., GPS-based functionality on mobile devices used to access the Services), and may use that information to customize the Services with location-based information, advertising, and features. For example, if your IP address indicates an origin in Los Angeles, the Services may be customized with Los Angeles- specific information and advertisements. If you access the Services through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this. See your device manufacturer's instructions for further details. Even if you disable this, we may make certain assumptions about your location from your IP Address, or other information related to your use of the Services.

In the App, if you voluntarily select to Enable Location Rewards, you will be given a choice to allow us to access your location one time or while using the App or not at all. If you authorize our access to your location data, we will share that data with third-party marketing partners, such as InMarket, in order to provide the services and features of Location Rewards.

Information We Collect from Third-Party Integrations
If you choose to use third-party integrations through the Services, such as our transaction partners, such providers may allow us and our service providers to have access to and store additional information about your interaction with those services and platforms as it relates to use of the Services. As part of its Services to you, ATM.com monitors and analyzes all of your shared data.

Information We Collect from Affiliates and Non-Affiliated Third Parties
ATM.com may receive additional information about you, such as demographic information, from third parties, such as business partners, marketers, researchers, analysts, and other parties that we may use to supplement the information that we collect directly from you.

When you link your Bank Account to your ATM.com Account, ATM.com may also receive information about you and your Bank Account from the financial institution holding your Bank Account as necessary to provide the Services to you.

Collection of Information Across Devices
Sometimes, we may use the information we collect -- for instance, usernames, IP addresses and unique mobile device identifiers - to locate or try to locate the same unique users across multiple browsers or devices (such as smartphones or tablets), or work with service providers that do this, in order to provide you with a seamless experience across devices.

COOKIES AND SIMILAR TECHNOLOGIES

To collect the information in the “Information We Automatically Collect” section above, we and our service providers use Internet server logs, cookies, tags, SDKs, tracking pixels, and other similar tracking technologies. A web server log is a file where website activity is stored. An SDK is a section of code that we embed in our applications and software to allow third parties to collect information about how users interact with the Services. A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer; (ii) store your preferences and settings; (iii) understand which web pages of the Services you have visited; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform analytics; and (vi) assist with security and administrative functions. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, email open rates, measure popularity of the Services and associated advertising, and to access user cookies. As we adopt additional technologies, we may also gather information through other methods.

Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser toolbar (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). If you choose to decline cookies, please note that you may not be able to sign in, customize, or use some of the interactive features of the Services. Flash cookies operate differently than browser cookies, and cookie management tools available in a web browser will not remove Flash cookies. To learn more about how to manage Flash cookies, you can visit the Adobe website and make changes at the Global Privacy Settings Panel.

HOW WE USE YOUR INFORMATION

Use
We use your information (including any information that we collect, as described in this Privacy Policy) for various purposes depending on the types of information we have collected from and about you and the specific ATM.com Services you use, including to:

  • Provide you the opportunity to earn money with our Data Messenger service
  • Provide the services and customer support you have requested
  • Provide the highest earning opportunities with our Paid Survey service
  • Provide earning opportunities tailored specifically to your location using our Location Rewards service
  • Process transactions and send notices about your transactions or your network activity
  • Compare information for accuracy and verification purposes
  • Respond to your request for information and provide you with more effective and efficient customer service
  • Provide you with product and service updates that we are offering
  • Provide you with service notifications via email and within the Services based on your notification selections
  • Customize the advertising and content you see
  • Synthesize and derive insights from your use of the Services to help us better understand your interests and needs, and improve the services
  • Protect our Services and our users
  • Enforce the legal terms that govern your use of the Services

If you have elected an ATM Instant Cash Advance, we may also use your information for our computer analysis to determine if your request for an ATM Instant Cash Advance will be approved.

User Content
The Services may permit you to submit content, send emails and other communications, and provide other information for publication or distribution to third parties (collectively, "User Content"). ATM.com may view and share your User Content for any reason, including: (i) to maintain, provide and improve the Service; (ii) to resolve a support request from you; (iii) if we have a good faith belief, or have received a complaint alleging, that such Content is in violation of our Terms of Service; (iv) as reasonably necessary to allow ATM.com to comply with or avoid the violation of applicable law or regulation; or (v) to comply with a valid legal subpoena, request, or other lawful process. We may also analyze your User Content in order to better understand the manner in which our Service is being used.

Combined Information
For the purposes discussed in this Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy.

De-Identified and Aggregated Information
We may de-identify and aggregate information collected through the Services from our subscribers so that such information can no longer be linked to you or your device. We may (i) monetize this information collected as survey data and share the results in part with our subscribers, and (ii) use it for purposes of market or scientific research.

ONLINE ANALYTICS AND ADVERTISING

Analytics
We use third-party web analytics services on our Services to collect and analyze some of the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Similar Technologies” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends across ATM.com websites and mobile devices, assisting with fraud prevention, and providing certain features to you.

If you receive email from us, we may use certain analytics tools to capture data, such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.

Online Advertising
Third parties or affiliates may administer ATM.com banner advertising programs and other online marketing on non-ATM.com websites and services. To do so, these parties may set and access first-party cookies delivered from an ATM.com domain, or they may use third-party cookies or other tracking mechanisms. For example, a third-party provider may use the fact that you visited the ATM website to target online ads (retargeted ads) for ATM.com services to you on non-ATM.com websites or across mobile apps. Or a third- party ad network might collect information on the Services and other websites to develop a profile of your interests and target advertisements to you based on your online behavior (retargeted ads). These parties that use these technologies may offer you a way to opt out of ad targeting as described below. You may receive retargeted ads on your computer through a web browser.

If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative's Consumer Opt-Out Link, the Digital Advertising Alliance's Consumer Opt-Out link, or TRUSTe's Advertising Choices Page to opt-out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for display advertising or customize Google display network ads, you can visit the Google Ad Settings page. Please note that we do not control any of the above opt-out links or whether any particular company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.

California Do-Not-Track Disclosure Requirements.
We are committed to providing you with meaningful choices about the information collected on our Services for third-party purposes, and that is why we provide above the Network Advertising Initiatives Consumer Opt-out link, Digital Advertising Alliances Consumer Opt-Out Link, TRUSTe's Advertising Choices page, the Google opt-out link. However, we do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations and solutions.

DO WE SHARE YOUR INFORMATION?

Affiliates and Subsidiaries
We may share your information with our affiliated entities such as subsidiaries. Affiliated entities are entities that we legally control (by voting rights) or that control us.

Service Providers
We may provide access to or share your information with select third parties who perform services on our behalf. These third parties provide a variety of services to us, including without limitation, billing, customer service, data storage, security, fraud prevention, payment processing through the Automated Clearing House Network, and legal services.

Legal Process
We may disclose your information in response to any subpoenas, court orders, or other legal process we receive, or to establish or exercise our legal rights or to defend against legal claims.

Investigations
We may disclose your information when we believe in good faith that such disclosure is appropriate in order to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of this Privacy Policy or the Terms of Service for the Services you accessed, and/or to protect the rights and property of ATM.com, our employees, users, and the public. This may involve the sharing of your information with law enforcement, government agencies, courts, and/or other organizations.

Third-Party Integrations
When you initiate a connection with a third-party integration through the Services, we will share information about you that is required to enable your use of the third-party integration through the Services. These third parties may use the location and device data, as well as information you voluntarily submit to them, for targeted advertising, measurement and analytics.

Business Transfers
If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Services can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Privacy Policy until such time as this Privacy Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, ATM.com will comply with such restrictions.

De-Identified and Aggregated Information
As stated above, we may share and monetize De-Identified and Aggregated Information collected as survey data from our subscribers.

Consent
We may also disclose your information to third parties with your prior consent.

YOUR CHOICES

We provide you with a number of choices with respect to the information we collect and use as discussed throughout this Privacy Policy. For example, you may instruct us not to use your contact information to contact you by email, postal mail or phone regarding products, services, promotions and special events that might appeal to your interests by contacting us. In commercial email messages, you can also opt out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Privacy Policy or as required by applicable law. For example, you may not opt out of certain operational or service-related emails, such as those reflecting our relationship or transactions with you.

THIRD PARTY LINKS AND SERVICES

The Services contain links to third-party apps or websites or services, and also contain third-party integrations. If you choose to use these, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function. Because these third-party websites and services are not operated by ATM.com, ATM.com is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your personal and other information will be subject to the privacy policies of the third- party websites or services, and not this Policy. We urge you to read the privacy and security policies of these third parties.

ELIGIBILITY

The Services are not intended for individuals under the age of 18. We do not knowingly solicit or collect information from individuals under the age of 18.

YOUR RIGHTS

If you want to learn more about the information collected through the Services, or if you would like to access or rectify your information and/or request deletion of information we collect about you, or restrict or object to the processing of your information, please contact us using the contact information below.

Where you have provided consent, you may withdraw your consent at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing your consent.

HOW LONG WE STORE YOUR INFORMATION

We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Policy accessible through the Services, so you should review the Policy periodically. If we make a material change to the Policy, you will be provided with appropriate notice and we will seek your consent to the updated Policy in accordance with legal requirements.

HOW YOU CAN ACCESS AND UPDATE YOUR INFORMATION

To access, review, update and/or delete certain user profile information, you may update and/or delete certain user profile information by logging into the Website and updating your ATM.com Account. Please remember, however, if we have already disclosed some of this user profile information to third parties, we cannot force the deletion or modification of any such user profile information by the parties to whom we have made those disclosures.

DATA SECURITY; HOW WE PROTECT YOUR INFORMATION

We will implement reasonable and appropriate security procedures consistent with prevailing industry standards to protect information from unauthorized access by physical and electronic intrusion. Unfortunately, no data transmission over the Internet or method of data storage can be guaranteed 100% secure. Therefore, while we strive to protect your information by following generally accepted industry standards, we cannot ensure or warrant the absolute security of any information you transmit to us or archive at this site. If you have any questions about how we protect your information, you can contact us at support@ATM.com.

CALIFORNIA PRIVACY RIGHTS

California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to support@ATM.com.

Additionally, California law permits residents under the age of 18 who are registered users with us to request and obtain removal of content or information they have publicly posted on our Services. To make such a request, please send an email with a detailed description of the specific content or information to support@ATM.com. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

USE OF THE SERVICES FROM OUTSIDE THE UNITED STATES

The Services are provided, supported, and hosted in the United States and are governed by United States law and the laws of the applicable states within the United States. If you are using the Services from outside the United States, please be aware that your information may be transferred to, stored and processed in the United States where our servers are located and our databases are operated. The data protection and other laws of the United States might not be as comprehensive as those in your country. By using the Services, you consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share it as described in our Privacy Policy.

CONTACT US

If you wish to contact us or have any questions about or complaints in relation to this Privacy Policy, please contact us at support@ATM.com, or ATM.com, Inc., 4600 Campus Drive, Suite 107, Newport Beach, CA 92660.

PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
Effective Date: September 25, 2020
Last Reviewed on March 18, 2022

This Privacy Notice for California Residents supplements the information contained in the ATM.com Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California ("consumers" or "you"). ATM.com, Inc. (“we”, “our” or “us”) adopts this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this notice.

INFORMATION WE COLLECT

Our website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personal Information").

In particular, we indicate below the categories of Personal Information collected from California residents within the last twelve (12) months.

CATEGORY A: Identifiers

Examples: A real name, Internet Protocol address, email address, or other similar identifiers.

Collected: YES

CATEGORY B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.

Collected: YES

CATEGORY C: Protected classification characteristics under California or federal law.

Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Collected: YES

CATEGORY D: Commercial information.

Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Collected: YES

CATEGORY E: Biometric information.

Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Collected: YES

CATEGORY F: Internet or other similar network activity.

Examples: Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Collected: YES

CATEGORY G: Geolocation data.

Examples: Physical location or movements.

Collected: YES

CATEGORY H: Sensory data.

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

Collected: YES

CATEGORY I: Professional or employment-related information. Examples: Current or past job history or performance evaluations.

Collected: YES

CATEGORY J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Collected: YES

CATEGORY K: Inferences drawn from other Personal Information.

Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Collected: YES

Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA's scope, like: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

We collect the categories of Personal Information listed above from the following categories of sources:

  • Directly from you (for example, from forms you complete or products and services you purchase).
  • Indirectly from you (for example, from observing your actions on our website).
  • Otherwise as described in our Privacy Policy.

USE OF PERSONAL INFORMATION

We may use, or disclose the Personal Information we collect for one or more of the following business purposes (a business purpose is defined as “the use of Personal Information for the business's or a service provider's operational purposes, or other notified purposes, provided that the use of Personal Information shall be reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or processed or for another operational purpose that is compatible with the context in which the Personal Information was collected”):

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our website, products, and services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and retargeted ads through our website, third-party sites, and via email or text message (with your consent, where required by law).
  • To help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our website, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our website users is among the assets transferred.
  • Otherwise as described in our Privacy Policy, including without limitation, engagement in retargeted ads via ad networks.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

SHARING AND DISCLOSURE OF PERSONAL INFORMATION – THIRD PARTIES

We may share your personal information as indicated above in our Privacy Policy (see above DO WE SHARE YOUR INFORMATION?).

DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE - CATEGORIES

In the preceding twelve (12) months, Company has disclosed the following categories of Personal Information for a business purpose:

  • Category A: Identifiers.
  • Category B: California Customer Records Personal Information categories.
  • Category C: Protected classification characteristics under California or federal law.
  • Category D: Commercial information.
  • Category E: Biometric information.
  • Category F: Internet or other similar network activity.
  • Category G: Geolocation data.
  • Category H: Sensory data.
  • Category I: Professional or employment-related information
  • Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
  • Category K: Inferences drawn from other Personal Information

SALES OF PERSONAL INFORMATION

In the preceding twelve (12) months, we have not sold Personal Information to data brokers, aggregators, or to other third parties with transactions involving the transfer of our lists for monetary compensation. We have engaged in retargeted ads via ad networks; to opt out, visit our Privacy Policy above (See ONLINE ANALYTICS AND ADVERTISING).

YOUR RIGHTS AND CHOICES

The CCPA provides consumers (California residents) with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request (see EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS), we will disclose to you:

  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purpose for collecting or selling that Personal Information.
  • The categories of third parties with whom we share that Personal Information.
  • The specific pieces of Personal Information we collected about you (also called a data portability request).
  • If we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing:
    • sales, identifying the Personal Information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

DELETION REQUEST RIGHTS

You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS below), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:

  • Emailing us with the contact information described below under CONTACT US.
    • Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
    • You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
      • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
      • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

For instructions on exercising sale opt-out rights, see PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS below.

RESPONSE TIMING AND FORMAT

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

PERSONAL INFORMATION SALES OPT-OUT and OPT-IN RIGHTS

You have the right to direct us to not sell your personal information at any time (the “right to opt-out). To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by contacting us (see our CONTACT INFORMATION below).

Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize Personal Information sales. However, you may change your mind and opt back into Personal Information sales at any time by visiting our website and sending us a message. We will only use Personal Information provided in an opt-out request to review and comply with the request.

CHANGES TO OUR PRIVACY NOTICE

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the website and update the notice's effective date. YOUR CONTINUED USE OF OUR WEBSITE FOLLOWING THE POSTING OF CHANGES CONSTITUTES YOUR ACCEPTANCE OF SUCH CHANGES.

CONTACT US

If you have any questions, comments, or concerns regarding this Privacy Notice for California Residents, please contact us at support@ATM.com or ATM.com, Inc., 4600 Campus Drive, Suite 107, Newport Beach, CA 92660.