Effective: January 2020

 

Privacy Policy

This Omaze.com Privacy Policy (“Policy”) describes the privacy practices, policies and procedures of Omaze, Inc., (“Omaze,” “we,” “us,” or “our”). We want you to know that protecting your personal information is very important to us, and we respect your privacy. This Policy applies to all users of www.omaze.com (the “Website”) and explains what information we collect, how we collect it, how we protect it, and when we disclose it to third parties. Please note that this Policy applies only to our online information-gathering and dissemination practices, and does not apply to any of our practices conducted offline.

PLEASE READ THIS POLICY CAREFULLY. BY ENTERING ACCESSING, BROWSING, SUBMITTING INFORMATION TO, OR OTHERWISE USING THIS WEBSITE, YOU ACKNOWLEDGE AND AGREE TO OUR PRIVACY PRACTICES, POLICIES AND PROCEDURES. IF YOU DO NOT AGREE TO THIS POLICY, DO NOT ACCESS OR USE THIS WEBSITE.  WE MAY UPDATE THIS POLICY FROM TIME TO TIME, SO PLEASE CHECK THIS POLICY PERIODICALLY FOR CHANGES.

(Please note, if you are registering for or participating in an Omaze sweepstakes contest, participation is subject to our Official Sweepstakes Rules and Regulations and any other rules and regulations applicable to such competition (collectively, the “Rules”). If this Policy conflicts with or is inconsistent with a statement in the Rules concerning your privacy, the terms of the Rules will take precedence.)

Summary

The notifications provided by this Policy include:

  • What personally identifiable information we collect through the Website.
  • How we use the information we collect.
  • With whom the information may be shared.
  • The kind of procedures we employ in an effort to hinder the unauthorized access, use or disclosure of information you provide to us.
  • Information related to third-party websites.
  • The laws that apply to those accessing the Website
  • How you can learn about changes to the Privacy Policy
  • How you can amend the information we collect on you
  • Rights related to the European Union’s General Data Protection Regulation

 

What Information Do We Collect Through The Website?

Omaze collects both personally identifiable information and non-personally identifiable information via our Website. When we refer simply to the term information in this Policy we are referring to how Omaze collects, uses, or shares both the personally identifiable, and non-personally identifiable information.

Personally identifiable information refers to information that when used alone or with other relevant data, can identify an individual (the “PII”). Omaze does not collect any PII unless you provide it voluntarily. If you do not want us to collect PII, you can simply decide not to submit it to us. The PII we collect may include:

  • name;
  • date of birth;
  • contact information, such as name, postal address, email address and telephone number;
  • other personal information you provide to us on our website and other data collected automatically through the website, as applicable.

We also collect certain non-personal information (data in a form that does not support direct association with any specific person or individual) by automated means when you visit the Website (the “Non-PII”). 

Collection of PII

The circumstances in which you might provide to us PII include, but are not limited to, the following:

Account creation information. You can create a personal shopping account with Omaze, and if you do so you will be required to provide us with certain PII. This account will allow you to shop faster and easier, and to check on order status and history. In creating this account, you authorize Omaze to store your name, birthday, email address, telephone number and shipping and billing addresses. You should keep your account information current and complete. Please see our Terms & Conditions regarding how you can update or correct the information associated with your account. Your account will have a password that you will create; you are responsible for maintaining the confidentiality of your user name and password. You may not use another person's account or password without their permission and you should protect the confidentiality of your account and password information by logging out of your account at the end of each shopping session.

Sweepstakes, contests and promotion information. You can participate in Omaze sweepstakes, contests, and promotions as long as you meet eligibility requirements and comply with all applicable rules. As part of your participation, you will be required to provide us with PII, including your name, mailing address, e-mail address and other information in order to administer the promotion, notify winners, etc.

Mailing list information. You can opt to be added to the Omaze mailing list. If you do so, you will be asked to provide us with your email address. Subscriptions to the mailing list can be cancelled at any time.

Submitting a request. When you submit a request or comment to our customer service department you will be asked to provide your email address, and depending upon the nature of your inquiry you may provide us with your PII. 

Survey information. When you complete a survey on-line, we may ask for certain information from you (some of which may be PII), including your age, zip code, shopping habits, e-mail and/or mailing address.

Collection of Non-Personally Identifiable Information

We also collect certain Non-PII when you visit the Website.  Much of this Non-PII is collected through the use of third-party tracking services, which includes Google Analytics, and other means, as further described below.

Google Analytics

 

Our Website use Google Analytics (and in the future may use other similar sites or services), a web analytics service provided by Google, Inc. ("Google"), to better assist us in understanding how the Website is used. Google Analytics will place cookies on your computer that will generate information that we select about your use of the Website, including your computer's IP address. That information will be transmitted to and stored by Google. The information will be used for the purpose of evaluating consumer use of the Website, compiling reports on Website activity for our use, and providing other services relating to Website activity and usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. You may refuse the use of cookies by selecting the appropriate settings on your browser. Please note that by doing so, you may not be able to use the full functionality of the Website. The use of cookies by Google Analytics is covered by Google's privacy policy. From time to time, we may enter into agreements with other third party providers for web analytic and other similar services. If we enter into such an agreement, we may share your information, including personal information, with the provider or such provider may have access to and collect your information on our behalf. Your information, including personal information, may be stored with the provider.

Cookies

Cookies are bits of electronic information that a website can transfer to a visitor’s hard drive to help tailor and keep records of his or her visit. Cookies allow website operators to better customize visits to the site to the visitor’s individual preferences. Many commercial websites use cookies. We may use cookies on our Website to allow us to, among other things, measure activity, to personalize your experience, and to track your status or progress when requesting information. If you choose, you can set your browser to reject cookies or you can manually delete individual or all of the cookies on your computer by following your browser’s help file directions. However, if your browser is set to reject cookies or you manually delete cookies, you may have some trouble accessing and using some of the pages and features that are currently on our Website, or that we may put on our Website in the future.

Web Beacons

Certain pages on the Website contain “web beacons” (also known as Internet tags, pixel tags and clear GIFs). These web beacons allow third parties to obtain information such as the IP address of the computer that downloaded the page on which the beacon appears, the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, the type of browser used to view the page, and the information in cookies set by the third party. Web beacons also may be used to track whether you have opened an HTML email. When the email is opened, a part of the code that makes up the HTML page calls a web server to load the web beacon that then generates a record showing that the email has been viewed. Web beacons may also recognize when the email was opened, how many times it was forwarded and which URLs (links within the email) were clicked.

IP Addresses

When you visit and interact with the Website, Omaze and third parties with whom we have contracted to provide services for us may collect Internet Protocol addresses (each an “IP Address”), as well as browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and page navigation. An IP Address is a unique identifier number that certain electronic devices used to identify and to communicate with each other on the Internet; your Internet Service Provider automatically assigns an IP Address to the computer that you are using. We gather this information to track web site visitor movement in the aggregate, and to gather broad demographic information for aggregate use. Our goal in gathering this information is to learn how our customers and the public are using our service. We may use this information to enhance our Website or for other lawful purposes.

Do Not Track Notice

Your browser and other mechanisms may permit you to send do-not-track signals or other similar signals to express your preferences regarding online tracking. To the extent you employ such browser do-not-track signals or other similar mechanisms, we will use commercially reasonable efforts to honor such requests received by us to the extent we have the capacity and resources to identify and process your request. Due to the potential for rapid and diverse developments of technology in this area, we cannot guarantee that we can process every type of request that exists or may be developed in the future. As noted above, third parties, such as our advertising partners, may collect data that relates to you. We cannot control third parties' responses to do-not-track signals or other such mechanisms. Third parties' use of data relating to you and responsiveness to do-not-track signals is governed by their respective privacy policies.

 

How We May Use This Information?

Our primary purpose in collecting information about you is to provide you with services or information that you request or to process your payments. In addition, we may aggregate the PII that you provide with the PII that other users provide in order to conduct research, analysis, or studies for our own purposes (i.e., not related to providing you with specific services), including improving our services and future sweepstakes.

We may also use the information that you provide to us to communicate with you about our current activities, future events and sweepstakes or to notify you about any changes to our services. If you decide that you would no longer like to receive such messages you can opt-out from receiving such emails from Omaze. In order to opt-out you can click on an unsubscribe link provided at the bottom of every commercial e-mail that you receive from Omaze. If you opt-out, you will continue to receive communications from us relating to any payments you make or other services you request or purchase. If you decide at a later time that you would like to receive commercial emails from us, you may be able to re-add yourself to our communication list.

How May We Share Your Information?

We may disclose all of the information (described herein) that we collect, as stated in this Policy including in accordance with the terms set forth in this section.  Except as stated in this Policy and as detailed below, we do not rent, sell, or share your information with other people or companies.  The following describes how we may share your information:

 

Sharing Your Information with Subcontractors. In our efforts to provide the best quality service and experience to you, we may share information with subcontractors that provide us with services. These services may include, among other things, helping to provide services that you request, helping to create or maintain our databases, helping to research and analyze the people who request services information from us, and/or helping to process payment card information.

Sharing Your Information as Permitted by Law. We may share your information with others as required by, or permitted by, law. This may include sharing your PII with governmental entities, or third parties in response to subpoenas, court orders, other legal processes, or as we believe is necessary to exercise our legal rights, to defend against legal claims that have been brought against us, or to defend against possible legal claims that we determine in our sole discretion might be brought against us.

Sharing Your Information with Law Enforcement. We may report to law enforcement agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe may aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your information to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies or the release of your information may protect the rights, property or safety of Omaze, you, or another person.

Business Transition. If Omaze becomes involved in a merger, acquisition, or any form of sale or transfer of some or all of its assets, your information will be transferred to the acquiring entity.

Your Comments. If you post a Comment to our Website, the information that you choose to post, including any personal information that you choose to post, may be available generally to the public.

Marketing Companies. As a general rule, we only provide limited, Non-PII (e.g., the city, or the state, in which a device is located or information about your search or posting history) usually in conjunction with a randomly assigned number or a number assigned to your Omaze account and not in conjunction with your name. However, for certain campaigns, we may provide third party advertisers with your email address which may be used by such companies to provide you with information about other products, services or companies.

Sharing Your Information with Charities and Prize Providers. If you enter a sweepstakes, whether by making a donation or using an alternate method of entry, make a donation in connection with entering into a sweepstakes, you agree that we may share your name and contact information with Charities Aid Foundation America (“CAFA”), a U.S. 501(c)(3) tax-exempt public charity that is the legal recipient of all donations through the Omaze platform, as well as the charity we designate as the benefiting charity for such sweepstakes and with any entity providing prizes for that sweepstakes, each of which may use your information for marketing purposes. If a designated benefiting charity is ultimately determined to be ineligible to receive a grant from CAFA, your information will not be sent to such charity.

Sweepstakes Winners. As further explained in our Rules, by entering into a sweepstakes, you grant us the right to disclose name, biographical information, pictures/portraits, video images, likenesses and/or voice to the general public if you are a sweepstakes winner.

Credit Card Information. Please note, when you use a credit card to make a donation, you are actually being redirected to our third party provider. WE DO NOT COLLECT, ACCESS, STORE OR PROCESS ANY CREDIT CARD INFORMATION.

How Do We Protect Your Information?

We employ reasonable physical and administrative safeguards to protect your personal information.  While we will use such efforts, we cannot and will not insure the security of your information. Accordingly, we assume no liability for any disclosure of data due to errors in transmission, unauthorized third party access or other acts of third parties, or acts or omissions beyond our reasonable control.

Third Party Websites; Advertisements

Our Website or our emails may link to a variety of third-party social media sites and/or websites – such as YouTube, Twitter, Facebook and others - as a service to you, and in order to provide you additional information and/or content related to the work that we do, or additional venues in which you can learn about and discuss the activities of Omaze.  We may also allow third parties to place advertisements on the Website.  Please note that we have no affiliation with any of these other parties and/or websites, and cannot control and are not responsible for the information collection, use, and disclosure practices of such third parties; we encourage you to review and understand their privacy practices and policies, if any, before using providing any personally identifying information to them or initiating any financial transactions.  We are not responsible for the content or information of these websites, or any other use of the linked website. 

 

In regard to the advertisements that may appear on the Website, you have a right to opt-out of such personalized targeted ads. Our advertising partners are members of the Network Advertising Initiative; to opt out of targeted ads served by our advertising partners, or any or all Network Advertising Initiative members, click here. Please note that when you opt-out using this method the Network Advertising Initiative will place an opt-out cookie on your computer. If you delete, block, or otherwise restrict cookies, you may need to renew your opt-out choice. Once you have opted out, our advertising partners will no longer use information they have collected to help deliver targeted advertisements.

Children’s Privacy

We do not knowingly collect, use, or disclose personally identifiable information about visitors younger than 13 years of age. If you are under the age of 13, you are expressly prohibited from accessing/viewing the Website. If you are the parent or guardian of a child under 13 years of age and believe that they have disclosed personally identifiable information to us, please contact us at privacy-requests@omaze.com  so that we may delete your child’s information.

What if I Provide Information from Outside the United States?

Our Website is hosted in the United States and is governed by US law, and each Sweepstakes drawing takes place within the United States. Accordingly, by submitting any personal information to Omaze or enter a sweepstakes, you are transferring your personal information to the United States and you consent to such transfer.  We do not represent or warrant that the Website, or any part thereof, is appropriate or available for use in any particular geographic location. If you choose to access our Website, you do so on your own initiative and at your own risk, and are responsible for complying with all local laws, rules, and regulations applicable in your jurisdiction. If you are visiting the Website from outside the United States, please be aware that your information will be transferred to, stored and processed in the United States where our servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the Website, you consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share it as described in this Policy.

Notice To European Union Area, Switzerland & United Kingdom Residents

This Policy is intended to provide adequate and consistent safeguards for the handling of personal information in accordance with Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“the Directive”) and all the relevant transposing legislation of the Directive in the European Union/European Economic Area, the Swiss Federal Data Protection Act, as such laws may from time to time be amended and valid during the application of this Policy, and any other privacy laws, regulations and principles concerning the collection, storage, use, transfer and other processing of personal data transferred from users in the European Economic Area, the United Kingdom or Switzerland (the “EU Users”) to the United States including but not limited to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “General Data Protection Regulation” or “GDPR”)) as of its entry into force on 25 May 2018.  Omaze has developed this GDPR Privacy Notice to provide additional information about how we handle the PII collected via our Website that is subject to GDPR when we are the controller of that information. The following provisions apply only to EU Users.

Purpose of this GDPR Privacy Notice

This GDPR Privacy Notice explains how we process PII that is subject to GDPR, and also sets out individuals' rights related to our processing of such PII.

 

Purpose and Legal Bases For Our Use Of Your PII

Our processing of PII is justified by a "legal basis", that is, a specific condition. We may use PII for the following purposes, in each case as justified by a legal basis:

 

Website administration

We use may use your PII for the effective administration of the Website, to fulfill and/or address your requests, or to provide the functionalities and features as further described herein. 

 

Purpose and Legal Bases for our Use of your PII

This processing is necessary to establish, exercise or defend our legal claims and rights. It is in our legitimate interest or a third party's legitimate interest to use your PII in such a way to ensure that we provide the very best client service we can to you or others and comply with our professional and ethical duties as attorneys, consistent with applicable law. In some cases, this processing is necessary to perform a contract to which you are a party.

 

Business administration and legal compliance

We use PII for the following business administration and legal compliance purposes:

  • To perform and maintain information for the purposes of performing conflicts of interest searches.
  • To comply with our legal obligations (including Know Your Client, Anti-Money Laundering, Anti-Bribery, conflicts or similar obligations including, but without limitation, maintaining regulatory insurance).
  • To enforce our legal rights. To investigate and/or settle inquiries or disputes.
  • To comply with any applicable law, court order, other judicial process, law enforcement requests or the requirements of a regulator.
  • To enforce our agreements with you.
  • To protect the rights, property or safety of us or third parties, including our other clients and users of the Website or our Services.
  • To maintain our records.
  • To process business transaction data, such as in connection with a merger, or a restructuring, or sale.
  • To use as otherwise required or permitted by law, consistent with these purposes.

Purpose and legal bases for our use of your PII

It is necessary to enforce, establish or defend our legal rights, or to protect the rights of third parties. This processing is necessary to comply with EEA legal obligations imposed upon us. It is in our legitimate interest or a third party's legitimate interest to use your PII to comply with other legal obligations. In some cases, this processing will be necessary to perform a contract to which you are a party.

 

Marketing and promotions

We may use PII for marketing and promotional purposes, such as to send you news and newsletters, or to otherwise contact you about products or information we think may interest you, by email and direct (postal) mail. We may also use it develop new services and determine how to market our services.

 

Purpose and legal bases for our use of your PII

It is in our legitimate interest to use your PII for marketing purposes in order to develop and grow our business and services and promote the reputation of our firm. We will, where required by applicable law, obtain your consent to send such communications.

 

Client insight and analytics

We use PII to better understand how you and others use our services or our Website, so that we can improve our Website and services, develop new features, tools, offerings, services and the like, and for other research and analytical purposes. We also use the information we collect to measure the effectiveness of our online content and how visitors use our Website and our services. We may use this information and the insights we have derived for marketing purposes or to make decisions about events, news and information that may be of interest to clients, prospective clients, Website users and others.

 

Purpose and legal bases for our use of your PII

It is in our legitimate interest to use your PII in such a way to ensure that we provide the very best Services to our clients and others in order to develop and grow our business and Services and promote the reputation of our firm.

 

Prevent misconduct, abuse and misuse

Subject to our professional and ethical duties, we use PII where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, or violations of our Terms of Use. We also use PII to protect and secure the Website and our information systems and networks.

 

Purpose and legal bases for our use of your PII

This processing is necessary to comply with EEA legal obligations imposed upon us. It is necessary to enforce, establish or defend our legal rights, or to protect the rights of third parties. It is in our legitimate interest or a third party's legitimate interest to use your PII to comply with other legal obligations. In some cases, this processing will be necessary to perform a contract to which you are a party.

 

Retention of Personal Data

In general, we will retain relevant PII of Website visitors for at least        years from the date of our last interaction with you and in compliance with our obligations under applicable laws, or for longer if we are required to do so according to our regulatory obligations or where we believe necessary to establish, defend, or protect our legal rights and interests or those of others.

 

Third Party Contractors and Other Data Processors

We may appoint subcontractor data processors as required to deliver the services, such as, without limitation, IT systems or software providers, IT Support service providers, and document and information storage providers, who will process PII on our behalf and at our direction. We conduct an appropriate level of due diligence and put in place contractual documentation in relation to any sub-contractor to ensure that they process PII appropriately and according to our legal and regulatory obligations.

 

Your Information and Your Choices; Withdrawal of Consent

GDPR provides EU Users with additional rights in respect to the PII we hold about you, including the following rights:

  • Your right of access

If you ask us, we will confirm whether we are processing your PII and, if necessary, provide you with a copy of that PII (along with certain other details). If you require additional copies, we may need to charge a reasonable fee.

  • Your right to correction (rectification)

If the PII we hold about you is inaccurate or incomplete, you are entitled to request to have it corrected. If you are entitled to have information corrected and if we have shared your PII with others, we will let them know about the rectification where possible. If you ask us, we will also tell you, where possible and lawful to do so, with whom we have shared your PII so that you can contact them directly.

  • Your right to erasure

You can ask us to delete or remove your PII in some circumstances, such as where we no longer need it or if you withdraw your consent (where applicable). If you are entitled to erasure and if we have shared your PII with others, we will let them know about the erasure where possible. If you ask us, we will also tell you, where it is possible and lawful for us to do so, with whom we have shared your PII with so that you can contact them directly.

  • Your right to restrict (block) processing

You can ask us to restrict the processing of your PII in certain circumstances, such as where you contest the accuracy of that PII or you object to us. If you are entitled to restriction and if we have shared your PII with others, we will let them know about the restriction where it is possible for us to do so. If you ask us, we will also tell you, where it is possible and lawful for us to do so, with whom we have shared your PII so that you can contact them directly.

  • Your right to data portability

You have the right, in certain circumstances, to receive a copy of PII we've obtain from you in a structured, commonly used and machine readable format, and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

  • Your rights in relation to automated decision-making and profiling

You have the right not to be subject to a decision when it's based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.

  • Your right to withdraw consent

If we rely on your consent (or explicit consent) as our legal basis for processing your PII, you have the right to withdraw that consent at any time.

  • Your right to lodge a complaint with the supervisory authority

If you have a concern about any aspect of our privacy practices, including the way we've handled your PII, you can report it to the relevant supervisory authority.

Please note that some of these rights may be limited where we have an overriding legitimate interest or legal obligation to continue to process the PII, or where the PII may be exempt from disclosure due to applicable law, the applicable rules of professional conduct, attorney-client privilege, legal professional privilege, other applicable privileges or protections, or professional secrecy obligations.  Additionally, there may be circumstances in which we are not legally required to comply with your request because of the laws in your jurisdiction or because of exemptions provided in data protection legislation in general, and GDPR in particular. Finally, please note that we are not responsible for removing or deleting information from the databases of third parties (such as service providers) with whom we have shared information about you, but we will make the request on your behalf for such removal/deletion.

 

Where We Transfer Your Personal Information

Omaze is located in the United States; when you submit personal information to us, or when others provide personal information to us, we will receive it and process it in the United States.

 

Children’s Privacy/Note To Parents Of Children Residing in The EEA, Switzerland And UK

 

Except as may be provided by a parent or guardian, we do not knowingly collect, use, or disclose PII about visitors to our Website that are less than 16 years of age; please note that if you are a parent or guardian we ask that you do not provide confidential or sensitive information – including any medical or health related information - to us directly through this Website, or by email to any of the contact email addresses listed on this Website. If a child under the age of 16 submits information to us through any part of the Website and we becomes aware that the user submitting the information is under the age of 16, the information provided will be deleted as soon as it is discovered and not used for any purpose. If you are the parent or guardian of a child under 16 years of age and believe that they have disclosed PII to us, please contact us at privacy-requests@omaze.com and be sure to include in your message the same user name and password and/or email address that you believe your child submitted, if applicable. 

 

How to Contact Us

If you have any questions about this GDPR Privacy Notice or want to exercise your rights set out in this GDPR Privacy Notice, please contact us at  privacy-requests@omaze.com or at the address below.

 

Omaze, Inc.
Attn: Privacy

P.O. Box 866, 9942 Culver Blvd, Culver City, CA 90232

 

Changes to This GDPR Privacy Notice

We may make changes to this GDPR Privacy Notice from time to time, to reflect changes in our practices. We may also make changes as required to comply with changes in applicable law or regulatory requirements. Where we materially change this Privacy Notice, we will take steps to notify you (such as by posting a notice on the Website or via email), and where required by applicable law to obtain your consent.

 

How and When is the Policy Updated? How are You Notified of these Changes?

We reserve the right to modify or amend this Policy at any time by posting the revised Policy on our Website. If there are changes or additions to this Policy, we will post those changes here or in other formats for you to review. Each version of this Policy will be identified at the end of this document by its effective date. Your continued use of the Website after the effective date of any modification to the Policy will be deemed to be your agreement to any changed terms.

How to Contact Us

If you have any questions or concerns regarding this Policy, please contact us at service@omaze.com, or Omaze, Inc., P.O. Box 866, 9942 Culver Blvd, Culver City, CA 90232. If we need, or are required, to contact you concerning any event that involves your information we may decide to do so by email, telephone, or mail.

This Policy is effective as of January 2020.

 

 

 

CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you may have certain rights under California law, including but not limited to the California Consumer Privacy Act of 2018 (“CCPA”).  This California Privacy Statement (“CA Privacy Statement”) supplements the information contained in the Omaze Privacy Notice above and applies solely to visitors, users, and others who reside in the State of California (“CA Resident(s)”, “you” or “your”). Any terms defined in the CCPA have the same meaning when used in this CA Privacy Statement.

 

Your Rights and Choices 

The CCPA provides CA Residents with specific rights regarding their Personal Information. The CCPA defines Personal Information as any information that “identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household” (hereinafter, “PII”).  This CA Privacy Statement describes your CCPA rights in relation to our use of your PII, and explains how to exercise those rights.

 

Right to Know/Access.

 

As a California Resident, you have a right to know:

  • The categories of PII we have collected, sold, or disclosed for business purposes about you;
  • The categories of sources from which we collected your PII;
  • The business or commercial purpose for collecting or sharing your PII;
  • The categories of third parties with whom we have shared, sold, or disclosed for business purposes your PII; and
  • The specific pieces of your PII we have collected.

 

Portability Rights

As part of your “right of access”, you have the right to request that we provide your PII to you.  Once we receive and confirm your “verifiable consumer request” (as describe below) we will provide the PII we have collected and currently hold to you “in a portable and, to the extent technically feasible, in a readily usable format.

 

Right of Deletion

As a California Resident, you have a right to request that we delete the PII we have collected from or about you, subject to certain exceptions. Once we receive and confirm your verifiable request (as described below), we will delete (and ask our service providers to delete) your PII from our records, unless an exception applies.

Please note, we may deny your deletion request if retaining the information is necessary for us or our service providers to:

  1. Complete the transaction for which we collected the PII, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  7. Comply with a legal obligation.
  8. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Process To Submit A Request

 

To submit a verified request for your PII you may click here or call toll-free at 800-435-1976. You may also designate an authorized agent to submit a request on your behalf by clicking here or calling toll-free at 800-435-1976 and then also submitting written proof of such authorization via 800-435-1976.

 

Verification; Verification Method

Only you - or a person registered with the California Secretary of State that you authorize to act on your behalf - may make a verifiable consumer request related to your PII. You may also make a verifiable consumer request on behalf of your minor child. In order to ensure we do not inadvertently delete your PII based on a fraudulent request, we will verify your identity before we respond to your request. To verify your identity, we will generally match the identifying information provided in your request with the information we have on file about you. Depending on the sensitivity of the PII requested to be deleted, we may also utilize more stringent verification methods to verify your identity, including but not limited to requesting additional information from you.   Please note you may only make a verifiable request for access (and data portability) twice within a 12-month period.  To be considered a verifiable consumer request, you must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected PII or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with PII if we cannot verify your identity or authority to make the request and confirm the PII relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use PII provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to that account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.  For data portability requests, we will select a format to provide your PII that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

Right to Opt-Out

 

As a California resident, you have the right to opt-out of the sale of your PII to third parties. To exercise this right, please click here.

 

Right of Non-Discrimination

You have a right to exercise your rights under the CCPA without suffering discrimination. Accordingly, we will not discriminate against you in any way if you choose to exercise your rights under the CCPA.   Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

California Minors

 

If you are a California resident under the age of 18, California Business and Professions Code § 22581 permits you to request and obtain removal of content or information you have publicly posted on our Website. To make such a request, please send an email with a detailed description of the specific content or information to privacy-requests@omaze.com. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and there may be circumstances in which the law does not require or allow removal even if requested.

 

Shine The Light

 

California Civil Code § 1798.83 permits you to request information regarding the disclosure of your PII by us to third parties for their direct marketing purposes. To make such a request, please send an email to privacy-requests@omaze.com or write us at: Omaze, Inc., P.O. Box 866, 9942 Culver Blvd, Culver City, CA 90232. Please be sure to include “California - Shine The Light Request” in the subject line.

 

Information We Collect

As noted above, we may collect some of your PII.  In the table below we have indicated those categories of PII that we have collected from California Residents within the last twelve (12) months:

Category

Examples

Collected

A. Identifiers.

May include: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

YES

B. PII categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

May Include: Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some PII included in this category may overlap with other categories.

YES

C. Protected classification characteristics under California or federal law.

May Include: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

NO

D. Commercial information.

May Include: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

NO

E. Biometric information.

May Include: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

NO

F. Internet or other similar network activity.

May include: Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

 YES

G. Geolocation data.

May include: Physical location or movements.

 NO

H. Sensory data.

May include: Audio, electronic, visual, thermal, olfactory, or similar information.

NO

I. Professional or employment-related information.

May include: Current or past job history or performance evaluations.

NO

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

May include: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

NO

K. Inferences drawn from other PII.

May Include: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

 

 

Please note that PII does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.

Omaze obtain the categories of PII listed above from the following categories of sources:

  • Directly from you when you use our Website. For example, from forms you complete or products and services you purchase.
  • Indirectly from you when you use our Website. For example, from tracking your actions on our Website (as further described in our Privacy Notice or through information we collect in the course of providing services).
  • Directly and indirectly from activity when you use our Website.
  • Directly from our clients/customers or their agents. For example, from documents that our clients provide to us related to the services for which they engage us.
  • Indirectly from our clients/customers or their agents. For example, through information we collect from our clients in the course of providing services to them.

Use of PII

We may use or disclose the PII we collect for one or more of the following business purposes:

  • To fulfill or meet the reason for which the information is provided.
  • To provide you with information, products or services that you request from us.
  • To provide you with content, and other notices, events or news, that may be of interest to you.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing.
  • To improve our Website and present its contents to you.
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your PII or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which PII held by us is among the assets transferred.

We will not collect additional categories of PII or use the PII we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing PII

We may disclose your PII to a third party for a business purpose.  When we disclose PII for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that PII confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of PII for a business purpose:

Category A:             Identifiers.
Category B:             California Customer Records PII categories.
Category I:              Professional or employment-related information.

We disclose your PII for a business purpose to the following categories of third parties:

  • Our affiliates.
  • Service providers.
  • Third parties to whom you or your agents authorize us to disclose your PII in connection with products or services we provide to you.

Selling PII

In the preceding twelve (12) months, we have not sold any PII.

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your PII, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 800-435-1976
Email: privacy@omaze.com

Postal P: Omaze, Inc., P.O. Box 866, 9942 Culver Blvd, Culver City, CA 90232