Iron2Iron LLC Privacy Policy Preamble At Iron2Iron LLC we believe privacy policies should help you understand how your data is being used and provide you with a fair choice to control it. A privacy policy is a document outlining any information we collect from you across our website http://www.iron-2-iron.com/ and other sites we own and operate. Automatic Logs When you visit our site, our servers may be automatically logging the standard data sent to us by your web browser. This data is essential to responding to requests your browser sends us and usually includes your computer's IP address, your browser type and version, the pages you visit, the time and date of your visit, the amount of time spent on each page, and other details. Device Data When you make a request to our servers your device attaches some extra information to the request. This usually includes information like the device's type (e.g. laptop, tablet, phone), device OS (e.g. Windows, macOS, Android), unique device identifiers, and sometimes location data, depending on the device. To find out exactly what's sent we recommend you check your device settings. Personal Data We might ask you for information like: Name Email Social Media Profiles Date of Birth Phone number Payment details Geolocation data Sensorial Information Commercial information Education Information California Consumer Records Information Device Data Inferred Information Biometrics information This data will only be requested if you access our services or require features that need this data to work. Legal basis for processing We collect and process data about you only where we have a legal basis for doing so. The legal bases for processing are when: It's necessary for a contract you enter with us (for example, when you request a service that we provide and we give it to you); It satifies a legitimate interest where the processing is not required by law but is of clear benefit to you or others; You give us consent to do so (for example if you give us permission to email you a newsletter or product update); We need to process your data to comply with a legal obligation; You can withdraw consent at any time, however this will not affect any processing that has already happened; We endeavour not to keep personal data for longer than we need it. While we have your data, we protect it within acceptable means to prevent loss, theft and unauthorised access, disclosure, copying, use or modification. If necessary we may retain your data for our compliance with legal obligation, or in order to protect your vital interests. We cannot guarantee absolute data security and advise that no method of electronic transmission or storage is 100% secure. Collection and use of information We may collect, hold, use and disclose data in order for us to: Personalising Ads Marketing Fulfill requests Contact Security & Debugging System Improvements Legal Obligations Analytics International data transfer Any personal information we collect is stored and processed in United States, and where our partners, affiliates and third-party providers maintain facilities. When you give us your information you consent to its transfer overseas. If this transfer overseas results in transfer outside of the European Economic Area (EEA) we shall ensure that it's protected by appropriate safeguards. These safeguards include those approved by the European Commission, binding corporate rules, and other legally acceptable means. Transfers overseas may result in data you give us being held in jurisdiction which are not subject to similar data privacy laws as ours, therefore if a third party engages in acts or practices which would contravene our laws this may mean you will not be able to seek redress. Your rights around and controls of your data By providing personal data to us, you're providing consent to us to collect, hold, disclose and use your personal data in accordance with this privacy policy. If you're under 16, you must have your parent or guardian's consent to share your personal data prior to the access of our website or use of our services. You do not have to provide personal data to us, and can withdraw consent at any time. However, if you do not provide certain information we may not be able to provide a complete experience for our website, products or services. Information from third-parties If we receive personal information from a third-party, we will protect in line with this privacy policy. If you are a third-party providing us personal data, you represent and warrant that you have the person's consent prior to disclosure to us. Restriction of processing You can restrict the collection and processing of your personal data where consent was given in the past. If you have agreed to us using your personal data for marketing purposes, you can opt out by contacting us. Information from third-parties You may request the personal data we hold on you, and where possible we will return this to you in a generally accepted, easily readable machine format format such as JSON or CSV. You may also request that we transfer this personal information to a third-party. We may request verification of your identification in case we doubt the authenticity of the request. Complaints If you believe that we have breached a relevant data protection law or have evidence of any breach, you may contact the Data Protection Officer at Iron2Iron LLC using the details below and we will investigate your complaint.You also have the right to contact any regulatory body or data protection authority in relation to your complaint. Unsubscribe To unsubscribe from our email databases or opt-out of communications, please contact us using the opt-out facilities provided in the footer of the emails. Cookies Cookies are small pieces of data about you and your activity across the site. Sometimes they store preferences, and other times they return data to who issued them. You can opt-in and out of cookies when they are requested or follow your browser instructions for turning cookies off. Business Transfers If Iron2Iron LLC's assets are acquired, or if we go out of business, we would include data amongst the assets to transfer to any parties who acquire us. You acknowledge such transfers might occur, and that any parties who acquire us may continue to use your personal information according to this policy. In an acquisition context we may also have a new data controller and data protection officer, and their details would be passed onto you. California Consumer Privacy Act (CCPA) Notice (LAST UPDATED: 4/27/2020) Introduction This Notice integrates and supplements the information contained in the privacy policy and it is provided by the for-profit organization who runs http://www.iron-2-iron.com/ and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section collectively “we”, “us”, “our”). This Notice explains how we collect, use, and disclose (including, for a sale) personal information about California residents. The Notice also explains certain rights that California residents have under the California Consumer Privacy Act (“CCPA”). This Notice explains how California residents can exercise their rights under the CCPA to request that we: (1) provide certain personal information that we have collected about them during the past 12 months, along with related information described below, or (2) delete certain personal information that we have collected from them. Categories of Personal Data that We Collect In the past 12 months, we have collected the following categories of personal information: Any categories of personal information described in the California Customer Records statute (“California Consumer Records statute information“). This includes, but it is not limited to, information such as a name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. This category of information may overlap with other categories and does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records Identifiers (“Identifiers”) such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. Social Media Profiles Geolocation data (“Geolocation data”). This type of personal information includes data related to your physical location or movements in space. Audio, electronic, visual, thermal, olfactory, or similar information (“Sensorial information”). Commercial information (“Commercial information”). This type of personal information includes, but it is not limited to, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Education information as defined in the Family Educational Rights and Privacy Act (“FERPA information”). FERPA information includes education records such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. FERPA information does not include personally information that is publicly available. California Consumer Records Information Internet or other electronic network activity information (“Internet information”), including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement. Inferences drawn from any of the personal information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes (“Inferred information”). Biometrics information Categories of Sources of Personal Data We obtain your personal information when you provide it to us (e.g., where you contact us via email or telephone, or by any other means). For example, you directly provide your personal information through your submissions or requests made via http://www.iron-2-iron.com/. We receive personal information indirectly when you navigate http://www.iron-2-iron.com/, as personal information about you and usage details are automatically observed and collected (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to http://www.iron-2-iron.com/ and other technical communications information). We receive your personal information from third parties who provide it to us that work with us in connection with the service that we provide or with the functioning of http://www.iron-2-iron.com/ Why we collect personal data and the purposes for how we use it We may use your personal information to permit the operational functioning of http://www.iron-2-iron.com/ and features thereof (“business purposes”). In this case, your personal information will be processed in such a fashion that is necessary and proportionate to the business purpose for which it was collected, and strictly within the limits of compatible operational purposes. We may also use your personal information for other reasons such as for commercial purposes, as well as for complying with the law and defend our rights before the competent authorities in case our rights and interests are threatened or we suffer an actual damage. In particular, we use your personal information for the following purposes: to answer your assistance inquiries and your contact requests, including those related to the exercise of your privacy rights to carry out our legal obligations and enforce our rights arising from any agreement in place between you and us to protect our rights and interests, or those of all our Users or third parties to protect our safety, and those of all our Users or third parties to detect any malicious, deceptive, fraudulent, or illegal activity, and prosecute those responsible for that activity to respond to law enforcement requests, as required by the law, court orders or other governmental authorities to perform analyses about the use of http://www.iron-2-iron.com/ to audit and improve your interactions with http://www.iron-2-iron.com/ and concurrent transactions thereof to communicate with you, through the means described in http://www.iron-2-iron.com/, about any news, offers, events or other initiatives regarding our service to customize and personalize ads, offers and content made available on http://www.iron-2-iron.com/, on the basis of your behavior when you use the service or when you visit http://www.iron-2-iron.com/ to customize and personalize ads, offers and content made available on http://www.iron-2-iron.com/, on the basis of your behavior when you visit third party properties to detect security incidents and fix them to debug http://www.iron-2-iron.com/ in order to identify and repair errors that impair existing intended functionality to undertake internal research for technological development as well as for constant verification and improvement of the quality and safety of http://www.iron-2-iron.com/and the Service We will not use your personal information for any different, unrelated, or incompatible purposes without providing you notice. Categories of third parties with whom we share personal data for a business purpose or sale We may disclose the personal information we collect about you to a third party for a business purpose. In this case, we enter into an agreement with such third party that describes the purpose of the sharing of such personal information and requires the recipient to both keep that personal information confidential and not use it for any purposes other than those necessary for the performance of the agreement. We may also disclose your personal information to third parties when you explicitly ask or authorize us to do so, in order to provide you with our service. The information below lists the categories of third parties with whom we share personal information in different contexts. companies that collect and analyze your data (“Data Analytics Providers”) software companies that power your device, app stores, and companies that provide common tools and information for apps about app consumers (“Operating Systems and Platforms”) companies that display ads to you through apps (“Ad Networks”) companies that connect individuals around common interests and facilitate sharing (“Social networks”) other apps of companies that the consumer may not have a relationship with (“Other applications”) companies that provide mobile connections (“Carriers”) companies that sell consumer information to other companies for multiple purposes including offering products and services that may interest you (“Consumer Data Resellers”) any government entity except where required by law or expressly permitted in an emergency (“Governmental Entities”) Categories of personal data that we disclose for a business purpose or sale During the past 12 months, we have also disclosed the categories of personal information listed in this Notice for our business purposes. We have not, however, sold personal information that is subject to the CCPA’s sale limitations. The CCPA defines a “sale” as the disclosure of personal information for monetary or other valuable consideration. CCRSI,IDENTIFIERS: Data analytics providers, Operating Systems and Platforms, Data analytics providers, Data analytics providers, Operating Systems and Platforms, Other Applications, Ad Networks, Carriers, Other Applications, Operating Systems and Platforms and Data analytics providers Social Media Profiles: Ad Networks, Social networks, Operating Systems and Platforms and Data analytics providers CCRSI: Ad Networks, Social networks, Consumer Data Resellers, Data analytics providers and Operating Systems and Platforms GEOLOCATION: Ad Networks, Data analytics providers, Operating Systems and Platforms and Other Applications SENSORIAL,CCRSI: Ad Networks, Other Applications, Operating Systems and Platforms, Social networks, Consumer Data Resellers and Data analytics providers COMMERCIAL,CCRSI: Ad Networks, Other Applications, Operating Systems and Platforms and Data analytics providers FERPA,CCRSI: Social networks, Consumer Data Resellers, Data analytics providers and Operating Systems and Platforms California Consumer Records Information: Carriers, Ad Networks, Operating Systems and Platforms, Social networks and Data analytics providers INTERNET: Ad Networks, Social networks, Government Entities, Consumer Data Resellers, Data analytics providers and Operating Systems and Platforms INFERRED: Ad Networks, Social networks, Operating Systems and Platforms, Consumer Data Resellers and Data analytics providers BIOMETRIC: Carriers, Ad Networks, Other Applications, Operating Systems and Platforms, Consumer Data Resellers and Data analytics providers Children's Personal Data We do not collect personal information directly from children under 16. We may receive children’s data from parents and guardians. Sale of your personal data http://www.iron-2-iron.com/ does not sell the personal information of California Consumers and will not sell this information unless we modify this Notice and take the additional steps required under the CCPA. Do not sell my personal information http://www.iron-2-iron.com/ does not offer an opt-out from the sale of personal information because http://www.iron-2-iron.com/ does not engage in the sale of personal information as contemplated by the CCPA. Requests under the CCPA 1) You have the right to request that we disclose to you: the categories of personal information we collected about you the categories of sources for the personal information we collected about you our business or commercial purpose for using your personal information the categories of third parties with whom we share that personal information the specific pieces of personal information that we hold about you in case of sale of personal data, we will make sure that you receive two separate lists where we disclose: sales, identifying the personal information categories that each category of recipient purchased; and disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained. The disclosure described above will be limited to the personal information collected or used over the past 12 months. If we deliver our answer electronically, the information enclosed will be "portable", i.e. delivered in an easy usable format in order to enable you to transmit the information to another entity without hindrance, provided that this is technically feasible. 2) You have the right to request that we delete any of your personal information, subject to the following exceptions: if we need your personal information to complete the transaction for which we collected the personal information, provide a good or service that you requested, or otherwise perform our agreement with you. detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities debug products to identify and repair errors that impair existing intended functionality of http://www.iron-2-iron.com/ exercise free speech or exercise another right provided for by law comply with the California Electronic Communications Privacy Act (“CalECPA”) and with any other legal obligation that lies with us. engage in public or peer-reviewed scientific, historical, or statistical research in the public interest enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us make any other internal and lawful uses of your personal information in such a fashion that is compatible with the context in which you provided it. If none of the exceptions above applies, as a result of the exercise of your right, we will delete your personal information and direct any of our service providers to do so. How to make requests To exercise the rights described above, you need to submit your verifiable request to us by: writing us an email at the contact details provided in this document, or, if it is the case, follow the specific instructions provided on http://www.iron-2-iron.com/ For us to respond to your request, it’s necessary that we know who you are. Therefore, you can only exercise the above rights by making a verifiable request which must: provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We will not respond to any request if we are not able to verify your identity and confirm the personal information in our possession actually relates to you. If you cannot personally submit a verifiable request, you can authorize a person registered with the California Secretary of State to act on your behalf. If you are an adult, you can make a verifiable request on behalf of a minor under your parental authority. You can submit a maximum number of 2 requests over a period of 12 months. Right to non-discrimination for the exercise of a consumer’s privacy rights You have the right to not be discriminated if you exercise your rights. This means that we will not put in place conducts such as denying you access to our service or to on-going promotions, lowering the service standards, increasing the prices, suggesting that a different price or quality may be offered or, in general, acting in such a way that will discourage the exercise of your rights. Contact information Our contact for questions or concerns about our privacy policies and practices: Email: iron2iron2020@outlook.com Changes to this notice We may change or update this Notice periodically. When we do, we will post the revised Notice on this webpage indicating when the Notice was “Last Updated.” Limits of our policy Our site, social media profiles and product/service offerings may link to external sites that are not operated by us. In such an event please be aware that we cannot control the content or policies of those sites, and do not accept responsibility or liability for their privacy practices.