Perkville Privacy Policy

Posted: May 24, 2022
Effective: July 1, 2022

This Privacy Policy explains how Perkville, Inc. (“Perkville”, “we”, “us”, “our”) collects, uses, and shares information and the options available to you. If you have any questions, you may contact us. See the “Contacting Us” section below. 

We may change this Privacy Policy from time to time. Please consult this Privacy Policy regularly for updates. See “Modifications to this Privacy Policy” below for more information. 

User Consent: You consent to the practices described in this Privacy Policy by using or accessing our Services, and you represent that you are at least 18 years old.

California Users: If you are a resident of the State of California, see the California Privacy Notice for additional information about your rights and our disclosures. The California Privacy Notice is in addition to this privacy policy.

California Employees, Job Applicants, Owners, Directors, Officers, and Contractors: If you are a resident of California and you are an employee, job applicant, controlling owner, director, officer, independent contractor, or medical staff of ours, see the Privacy Notice for California Company Workforce.

We hope that there aren’t any disputes between you and Perkville, but in case there are, these Terms some rules for how to resolve them. Those rules are set out, below, in the sections called Disclaimers, Limitation of Liability, and Dispute Resolution. Please read these sections carefully as they include important agreements that could affect your legal rights. In particular:

WHAT DOES THIS PRIVACY POLICY COVER?

WHAT DOES THIS PRIVACY POLICY COVER?This Privacy Policy covers the information that we may collect or receive: (1) from users who: visit www.perkville.com, https://middle.app/, and other websites owned and operated by us (including our client and user interfaces), use our software applications, use our social media pages such as Facebook and Twitter, and receive email messages from us (collectively, the “Perkville Pages”); and (2) through our technologies and platforms used by our business customers and third parties, including our referral and rewards platform and our Middle integration platform (collectively with the Perkville Pages, the “Services”).

This Privacy Policy does not cover, and we are not responsible for, the privacy or data practices of or the processing of data by any third parties (except as required by applicable law), such as our business customers and any service providers. See “Third Parties” below for more information.

Choice and Opting Out: see “Choices” below for information about your choices regarding opting out of email marketing communications, opting out of Perkville’s cookies, opting out of interest-based advertising by third parties from cookies, and opting out of the use of precise location. For information on deactivating your Perkville account or your accounts with business customers via the Services, please see “Access and Rights regarding Personal Information.Access and Rights: see “Access and Rights regarding Personal Information” below for information about how to review, correct, update, suppress, or delete the personal information that Perkville maintains about you and to exercise other data subject rights.

International Transfers: see “International Information Transfers” below for information on the transfer of your personal data.

COLLECTION OF INFORMATION

Middle Integration Platform Collection:

Our Middle integration platform is used and accessed by our business customers and their employees and representatives only. Our Middle platform allows our business customers to integrate with various third party service providers and platforms.

The Middle integration platform does not directly collect information about any consumers. However, our business customers may use the Middle integration platform for the purpose of collecting personal information about its customers. This privacy policy does not cover our business customers’ collection or processing of their customers’ information through the Middle integration platform. Please review the applicable business customer’s privacy policy for information about its data practices.

We may collect the following personal information about you as an employee or representative of our business customer:

name

email address

phone number

physical address

time spent on the Services and your activities on the Services, including pages visited, requested URL and referring URL, date and time on the Services, information about interactions with our emails, and other anonymous traffic-related data,

unique identification numbers, including IP address and your location derived from IP address,

information provided by you,

information to enable and authorize your logging in to the Services,

browser information, including browser type and language,

device information, including screen dimensions, device brand and model, and mobile device identifier, and

aggregated information.

Some of this information is provided by you, and is optional. However, if you elect not to provide such information, you will not be able to access the information you had requested to access or use.

Referral and Rewards Platform Collection:

Our referral and rewards platform is used and accessed by our business customers, their employees and representatives, and their customers. This platform allows our business customers to create custom rewards for their customers and referral offers for their customers to send to their friends. 

For our referral and rewards platform, we may collect the following personal information from you:

name

email address

phone number

Perkville user identification account number

business customer identification number

unique identification numbers, including IP address and your location derived from IP address,

your staff identification number at the business customer of our referral and rewards Services

physical address

Twitter user ID

your Facebook “check-ins” for rewards points through our referral and rewards Services,

your Tweets for rewards points through our referral and rewards Services,

time spent on the Services and your activities on the Services, including pages visited, requested URL and referring URL, date and time on the Services, information about interactions with our emails, and other anonymous traffic-related data,

transaction-related data relating to the referral and rewards Service such as: date, time and location a transaction took place (e.g., when and where a class was attended), description and/or classification of the transaction (e.g., yoga class attended, gym check-ins, personal training sessions, referrals made, amount spent, etc.), quantity of items sold or services associated with the transaction, number of rewards points added or redeemed in connection with the transaction,

unique identification numbers, including IP address and your location derived from IP address,

demographic information (e.g., date of birth, gender) as provided by you or the business customer,

information provided by you,

information to enable and authorize your logging in to the Services,

browser information, including browser type and language,

device information, including screen dimensions, device brand and model, and mobile device identifier, and

aggregated information.

Some of this information is provided by you, and is optional. However, if you elect not to provide such information, you will not be able to access the information you had requested to access or use.

For both our Middle integration platform and our referral and rewards platform, we may collect some of this information through: your browser or device; your mobile device identifier; your use of our Services; your IP address; the aggregation of information; and the use of cookies and other similar technologies (see Cookies and Similar Technologies below). We may also collect your personal information when you request information about the Services, or you sign up to use the Services through our client login and user interfaces, or you request access to our resources. 

For our referral and rewards platform only, we may collect your information when a friend or family member has referred you through the referral and rewards Services, or when a business customer has identified you as their customer through the referral and rewards Services. You may also provide the names and emails of friends and family on the pages of the Service where you can refer people to our business customers. Referring friends and family is optional. In addition, some of the personal information may be provided by our business customers’ staff members when they sign up for our referral and rewards Service as a business customer. 

Please see “Access and Rights regarding Personal Information” to see more information about your rights regarding your personal information.

USE OF INFORMATION

Middle Integration Platform Uses:
We may use your personal information as an employee or representative of our business customer:

to respond to your inquiries and fulfill your requests and process your business customer account,

to send you communications that we believe may be of interest to you, including any communications for purposes of marketing to the business customer you are associated with,

for our business purposes, such as data analysis, fraud monitoring and prevention and security, developing new products, enhancing, improving or modifying our Services, identifying usage trends, and determining the effectiveness of our Services, and

to measure and report on the success of marketing campaigns.

Referral and Rewards Platform Uses:
We may use personal information:

to respond to your inquiries and fulfill your requests and process users’ accounts,

to track rewards in the rewards program of the referral and rewards Services and to reward the points,

to send you communications that we believe may be of interest to you, including any communications for marketing purposes related to the Services,

to contact friends and family members referred through our referral and rewards Services,

to allow business customers’ staff to log in and manage their business’ rewards program in our referral and rewards Services,

to allow our business customers to engage developers to retrieve data for business intelligence, reward redemption, and displaying reward program information in other applications,

for our business purposes, such as tracking conversion of prospective customers into actual customers, data analysis, fraud monitoring and prevention and security, developing new products, enhancing, improving or modifying our Services, identifying usage trends, and determining the effectiveness of our Services,

to show you the closest establishment to redeem an offer that you are considering for redeeming your points, and

to measure and report on the success of marketing campaigns, including to track conversion of prospective customers to actual customers.

For both our Middle integration platform and our referral and rewards platform, we use your information:

to send administrative information to you,

to operate, improve, analyze and manage the Services,

to ensure the Services function properly,

to track your use of the Services to improve the design and functionality of the Services,

to diagnose server problems and administer the Services via your IP Address (a number automatically assigned to the computer or device that you are using by your internet service provider), and

as we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations and the security of our Services; (f) to protect our rights, privacy, safety or property, and/or that of you or others; (g) to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.

For both our Middle integration platform and our referral and rewards platform, we may partner with certain third parties to collect other information to engage in analysis, research, and reporting of Service usage patterns. These third parties may also deliver advertising to you on other websites and applications, based on your activity on our website and other websites over time. These third parties may set and access cookies on your computer or other devices, and may also use web logs or web beacons. See “Cookies and Similar Technologies” and see “Choices” to opt out of interest-based advertising by third parties from cookies.

INFORMATION SHARING

Middle Integration Platform Sharing:
Your personal information may be shared:

with our third-party service providers who provide services such as email management, hosting and storage, web serving, technical services, marketing analytics and other services, and

directly by you in your account and other services to which you are able to post information and materials yourself.

Referral and Rewards Platform Sharing:
Your personal information may be shared:

with our business customers and their employees and services providers to use our Services and to analyze the effectiveness and performance of our Services,

with our third-party service providers who provide services such as email management, transaction management, campaign measurement, hosting and storage, web serving, performance tracking and reporting, technical services, marketing analytics and other services, and

directly by you in your account and other services to which you are able to post information and materials yourself (including, without limitation, our and your social media pages).

For both our Middle integration platform and our referral and rewards platform, we may share information:

among our affiliates for the purposes described in this Privacy Policy (Perkville, Inc. is the party responsible for the management of the information jointly used by it and its affiliates),

with a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), and

as we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations and the security of our Services; (f) to protect our rights, privacy, safety or property, and/or that of you or others; (g) to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.

We may also share and disclose other information that we collect, including aggregate information such as total number of Perkville users of our various Services and total number of Perkville business customers of our various Services, as we consider necessary to develop, grow, and provide our Services.

We ask our service providers to confirm that their privacy and security practices are consistent with ours, we provide our service providers with only the information necessary for them to perform the services we request, and we ask our service providers not to use such information for any purpose other than as specified by Perkville.

Our third party service providers who provide usage analytics for our Services may also use your information to provide you with more personalized advertising content on other websites and applications. To opt out of interest-based advertising by third parties, see "Choices.”

Perkville may offer online resources that facilitate communications among the Perkville community and others. Whenever you voluntarily post information to any public forum offered by Perkville, such information along with your user name can be accessed by other users of the forum, including members of the public if the forum is open to the public.

COOKIES AND SIMILAR TECHNOLOGIES

The Reward Program, Rewards, Perks, Points, and other benefits made available in connection with the Service are promotional only and have no cash or property value.  Businesses, and not Perkville, in accordance with their agreements with Clients or at Businesses’ own discretion, determine how Points and all other benefits are awarded, calculated, valued, and redeemed, when they expire, are terminated, and User’s ownership, or lack thereof, of same. Perkville is not responsible for any unredeemed Points or benefits, or any Points or benefits that are lost. Businesses also do not bear such responsibility, unless specified in a separate agreement.

Businesses’ Vouchers

We and our service providers use cookies in connection with our Services. A cookie is a small data file that is stored on your computer’s or mobile device's memory. Some cookies help you navigate our Services, including setting a cookie to remember your login details. Our cookies are linked to your login information so that you can use the Services on your device throughout the day without logging in each time you visit the Services. Cookies also help us better understand the effectiveness of our Services (for example, by tracking the way in which you respond to, select and interact with our Services and tracking the conversion of our prospective customers into actual customers). Other cookies collect information about how you use our Services, which highlights areas we can improve, including navigation. If you submit an inquiry through our Service and provide your name and email and similar information, that personal information will not be tied back to you for interest-based advertising purposes across websites and applications, however, you may receive email marketing communications from us, and you may receive interest-based advertising from third parties based on cookies dropped on your device by our third party service providers. To opt out of marketing communications and interest-based advertising by third parties, see “Choices.”

We and our service providers may also use "pixel tags," "web beacons", "clear GIFs" or similar means (individually or collectively "Pixel Tags") to analyze usage patterns of consumers. A Pixel Tag is an electronic image, often a single pixel, which is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a web page or in a mobile application and may be associated with cookies on your hard drive. Some Pixel Tags are used to drop cookies on users’ devices. Pixel Tags allow us to count users who have visited certain websites and applications of our business customers, and pages within such websites and applications, and to help determine the effectiveness of marketing campaigns.

Third parties may use cookies or similar technologies on visitors of our Services to serve interest-based advertisements to such visitors when they visit other websites and mobile applications. Our business customers that participate in the Services may also utilize cookies or similar technologies to monitor the performance of their referral and rewards program in our Services. The collection of information through cookies or similar technologies by such third parties will be governed by such third parties’ own privacy policies and principles, which Perkville does not control.

For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.eu. To read about your choices with regard to Perkville’s and third parties’ uses of cookies in our Services, please see “Choices.”

We do not track users when they cross to third party websites, and we do not provide targeted advertising to them, and therefore we do not respond to Do Not Track (DNT) signals.

LEGAL BASIS RELIED ON FOR PROCESSING PERSONAL INFORMATION OF EUROPEAN DATA SUBJECTS

Data Processor. Perkville is a data processor with respect to personal data collected or received by us when we receive such information from our business customers (the data controllers) that make their data available for use via our Services, or you after you have signed up for our Service via our business customers.

Where we operate as a data processor, we are processing the data on behalf of our business customers (the data controller(s) of the data) based on their instructions, and it is the responsibility of the data controller to establish an appropriate legal basis for the processing of the data. For example, we may process data when the individual has consented to such processing. On certain occasions we may rely on another lawful basis as a basis for processing, such as when it is in our business customers’ and our legitimate interests to do so and when these interests are not overridden by the individual’s data protection rights. Those legitimate interests include performing our obligations with respect to providing the Services and improving our Services.

Data Controller. On certain occasions, Perkville is a data controller. Perkville is a data controller with respect to any personal data collected or received by us when we receive personal information (such as name, phone number, and email address) through our Perkville Pages without being connected to any business customer. In this case, the data controller is Perkville, Inc. Where Perkville operates as a data controller, we rely on legitimate interests to process personal data to provide our Services. On certain occasions, we may also rely on the consent of the individual to process personal information (for example, in some jurisdictions, when the user inputs personal information into the Perkville Pages and consents to receive marketing communications). On other occasions, we may process personal information when we need to do this to fulfill a contract or where we are required to do so by law.

RETENTION

We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law, or an individual requests deletion in accordance with applicable law. See “Access and Rights regarding Personal Information.”

CHOICES

Opting Out of MarketingWe give you choices regarding our use and disclosure of your personal information for marketing purposes.

You may opt-out from receiving electronic communications from us. If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out of receiving these marketing related emails by contacting us at privacy@perkville.com or by clicking on the opt-out link within the email message that you receive from us.

Please also note that if you do opt-out of receiving marketing-related emails from us, we may still be required to send you administrative messages relating to the Services from time to time.

Opting Out of Perkville’s cookies

You may disable cookies, including Perkville’s cookies, by modifying the settings in your browser. However, please note that if you delete or disable cookies, you will not be able to stay logged in to the Services to interact and earn rewards points and, as a result, the Services will no longer be available to you. Our cookie is required to provide our Services. Our cookies are linked to your login information so that you can use the Services on your device throughout the day without logging in each time you visit the Services.

Opting Out of Interest-Based Advertising by Third Parties from Cookies Some third parties who use cookies when you visit our websites, have opt out mechanisms either directly from their website or through an industry-developed web page. If you go to optout.aboutads.info or www.aboutads.info/choices, you can learn how to exercise choice regarding the collection of information about your online activities over time and across multiple third-party websites, online services, devices, and applications for interest-based advertising purposes. When you opt out of receiving interest-based advertising from third parties, note that the opt out only applies to the applicable browser in which you set it.

For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.eu.

Third parties may also combine and use information from websites or applications on your current browser or device with information from your other browsers or devices for advertising purposes. To opt out of such practices, please follow the instructions above for opting out on each of your browsers, and also opt out on each of your mobile devices. Please note that you will need to opt out separately on (1) each of your browsers and (2) each of your mobile devices to ensure that information collected on a particular browser or device is not used on another browser or device.

Opting Out of Use of Precise Location
To disable the collection of precise location information from your mobile device through mobile applications, you can access your mobile device settings and choose to limit that collection.

Android: For Android 6.0 and above: you can modify privacy settings in Settings > Applications > App Permissions > Location and tap the on/off toggle switch next to Location for each app which has permission to use your location data. For earlier versions of Android: you can modify privacy settings in Settings > More > Permission and tap the on/off toggle switch next to Location to turn location functions off for your device. Alternatively, you may uninstall the relevant program(s).

iOS: In iOS you can modify privacy settings in Settings > Privacy. You can select location data from this list to see which apps have asked for permission to use your location data.

ACCESS AND RIGHTS REGARDING PERSONAL INFORMATION

If you reside outside the European Economic Area, the United Kingdom and Switzerland, and you would like to review, correct, update, suppress, or delete the personal information that Perkville maintains about you, or you would like to request a copy of your personal information held by us, you may contact us at privacy@perkville.com.

If you are a resident of the European Economic Area, the United Kingdom or Switzerland, you have specific legal rights in regard to the handling of your information. You have the following rights with respect to your personal information:

The right to be informed,

The right of access,

The right to rectification,

The right to erasure,

The right to restrict processing,

The right to data portability,

The right to object,

The right to lodge a complaint with a supervisory authority, and

Rights in relation to automated decision-making and profiling.

To exercise these rights as a resident of the European Economic Area, the United Kingdom or Switzerland, email privacy@perkville.com or contact our applicable European or UK representative under “Contacting Us” below.

For data that we process on our business customers’ behalf, you may also go directly to the business customer and exercise these rights.

For customers using our referral and rewards program, you may deactivate your account by changing your preferences in the user settings page of those Services. You may also disconnect or reconnect to each business customer via the user settings page of those Services. 

For employees or representatives of business customers that use our Middle integration platform, you may also email us at support@perkville.com

To opt out of receiving marketing communications from us, please see “Choices.”

To opt out of Perkville’s cookies, please see “Choices.”

To opt out of interest-based advertising by third parties from cookies, please see “Choices.”

To opt out of the use of precise location, please see “Choices.”

THIRD PARTIES

This Privacy Policy does not cover, and we are not responsible for, the privacy or data practices of or processing of data by any third parties (except as required by applicable law), including any third parties operating any site or service to which our Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates. These third parties are bound by their own privacy policies.

Except as required by applicable law, we are also not responsible for the privacy or data practices of or the collection, processing or use of data by our business customers, service providers, app developers, app providers, ad servers, social media platform providers, operating system providers, wireless service providers or device manufacturers, including any personal information you disclose to other organizations through or in connection with the Services.

When a consumer and business issue arises we may consider the User's specific circumstances in applying our policies. We may choose to be more lenient with policy enforcement in some cases.

SENSITIVE INFORMATION

We ask that you not send us, and you not disclose to us, any sensitive information (e.g., social security numbers or other government identifiers, information related to racial or ethnic origin, political opinions, religion or other beliefs, medical or health conditions, criminal background, trade union membership, or sexual orientation) on or through the Services or otherwise to us, except where such information is legally required.

CHILDREN

Our Services are not intended for, nor directed to, individuals under the age of 18, and we request that these individuals, and any other individual considered a minor under applicable law, not provide personal information through any of our Services. If you become aware that your child has provided us with personal information without your consent, please contact us at privacy@perkville.com. If we become aware that a child under 18 (or under the legal age under applicable law) has provided us with personal information without parental consent, we take steps to remove such information and terminate the child's account.

SECURITY

Information that we collect is stored using procedures and practices reasonably designed to help protect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal information transmitted, stored or otherwise processed by us.

INTERNATIONAL INFORMATION TRANSFERS

Please be aware that the information we collect, may be transferred to and maintained on servers or databases located outside your state, province, country, or other jurisdiction, where the privacy laws may not be as protective as those in your location. Please be advised that we process and store information in any country where we have facilities and/or employees, including the United States, or in which we engage service providers. Your consent to this Privacy Policy or your use of any of the Services or your submission of your information to us or any of our business customers, represents your consent to such transfer, storage and processing outside of your country of residence, including the United States, which may have different data protection rules than those of your country of residence.

  1. Model Clauses. If you are located in the European Economic Area, the United Kingdom or Switzerland, we will protect your personal information when it is transferred outside of your jurisdiction by (a) processing it in a territory that provides an adequate level of protection based on its data protection laws; or (b) implementing appropriate safeguards to protect your personal information, such as relying on the European standard contractual clauses.  Perkville currently relies on these European standard contractual clauses (“Model Clauses”) for data transfers.
  2. Privacy Shield Notice. As of July 16, 2020, the European Court of Justice issued a judgement declaring Privacy Shield invalid. Perkville now relies on other transfer mechanisms, such as the Model Clauses described above, for the cross-border transfer of data
EU-U.S. PRIVACY SHIELD AND SWISS-U.S. PRIVACY SHIELD

COMPLIANCE AND STATUS
Perkville complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as applicable, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area, the United Kingdom or Switzerland to the United States. Perkville has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the terms in this privacy policy, the Privacy Shield Principles and the Model Clauses described above, the Model Clauses control, then the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Perkville is accountable for information that it receives under the Privacy Shield and subsequently transfers to a third party. Perkville may transfer personal information collected from the Services as described above in this Privacy Policy. Perkville may also transfer other information which meet the definition of “personal data” in the Privacy Shield Framework to service providers and to its business customers as described above. If we share personal data of  data subjects in the European Economic Area, the United Kingdom or Switzerland with a third-party service provider that processes the data solely on Perkville’s behalf, then Perkville will be liable for that third party's processing of such data in violation of the Privacy Shield Principles, unless Perkville can prove that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Perkville commits to resolve complaints about our collection or use of your personal information with respect to data subjects in the European Economic Area, the United Kingdom and Switzerland. Such individuals who have inquiries or complaints under the Privacy Shield Frameworks should first contact Perkville at privacy@perkville.com or:

Perkville, Inc.
Attn: Privacy
C/O Port Workspaces
344 Thomas L. Berkley Way
Oakland, CA 94612
USA

Perkville has further committed to refer unresolved Privacy Shield complaints to the ICDR (the international division of the American Arbitration Association), an international alternative dispute resolution provider. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact the ICDR or visit http://go.adr.org/privacyshield.html for more information or to file a complaint. The services of the ICDR are provided at no cost to you.

Under certain conditions, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.See https://www.privacyshield.gov/article?id=ANNEX-I-introduction for more information.

The Federal Trade Commission has jurisdiction over Perkville’s compliance with the Privacy Shield Framework

MODIFICATIONS TO THIS PRIVACY POLICY

We reserve the right to make changes to our Privacy Policy. Please look at the date at the top of this page to see when this Privacy Policy was last revised. Where required by law, we will obtain your consent to make these changes.

CONTACTING US

For any questions about this Privacy Policy or Perkville’s privacy practices, please contact us by email at privacy@perkville.com, or by mail at:

Perkville, Inc.
Attn: Privacy
C/O Port Workspaces
344 Thomas L. Berkley Way
Oakland, CA 94612
USA

General Data Protection Regulation (GDPR) – European Representative

Perkville has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to GDPR:

by using EDPO’s online request form: https://edpo.com/gdpr-data-request/

by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

UK General Data Protection Regulation (GDPR) - UK Representative

Perkville has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to UK GDPR:

by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/

by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom

CALIFORNIA’S “SHINE THE LIGHT” LAW

California's "Shine the Light" law permits users of our properties that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at the contact information under Contacting Us.

California Privacy Notice

If you are a California resident and we collect your personal information, this Privacy Notice for California Residents (“California Notice”) applies to you ("consumers" or "you"), except as stated below. This California Notice is in addition to the information in our privacy policy above.

Where noted in this California Notice, the CCPA temporarily exempts certain personal information reflecting a written or verbal business-to-business communication or transaction (“B2B personal information”) from certain CCPA requirements. In addition, employees, job applicants, contractors, owners, directors and officers of Perkville who are California residents do not have the same rights as set forth in this California Notice. See “Collection of Information” below for additional information about excluded personal information.

All terms defined in the California Consumer Privacy Act of 2018 (CCPA) have the same meaning when used in this California Notice.

Collection of Information

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, device or household ("personal information").

We have collected the following categories of personal information from our consumers within the last twelve (12) months:

CCPA Category
A. Identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
C. Protected classification characteristics under California or federal law.
D. Commercial information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Sensory data.
I. Professional or employment-related information.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
K. Inferences drawn from other personal information.
CCPA Category
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.Some personal information included in this category may overlap with
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
Physical location or movements.
Audio, electronic, visual, thermal, olfactory, or similar information.
Current or past job history or performance evaluations.
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Categories of Sources:

We obtain the above categories of personal information from the following categories of sources:

Directly from you,

Automatically collected information,

Our business customers,

Our service providers, and

Information when you log in with a third party’s single sign-in.

What is not personal information or not covered?

De-identified or aggregated consumer information is not personal information under CCPA.

Publicly available information from government records is not personal information under CCPA.

Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data are also not personal information under CCPA.

Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994 are also not personal information under CCPA.

Certain “excluded personal information” is temporarily excluded from the definition of personal information. The term “excluded personal information” means personal information that we collect about a natural person who resides in California in the course of the person acting as any of the following (to the extent we collect and use the information solely within the context of that role):

a job applicant of Perkville,

an employee of Perkville,

a controlling owner of Perkville,

a director of the board or an officer of Perkville,

a medical staff member of Perkville (if any), and

a contractor of Perkville.

Also, emergency contact information and information needed to administer benefits for the individuals covered above is not covered by this California Notice.

Use of Information

We may use the personal information for one or more of the following purposes:

Fulfilling your requests.

Providing and improving the Service, including tracking rewards.

Sending you communications.

For our business purposes.

As we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations and the security of our Services; (f) to protect our rights, privacy, safety or property, and/or that of you or others; (g) to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.

As described to you when collecting your personal information or as otherwise permitted in the CCPA.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Information Sharing

Sales of Personal Information
In the preceding twelve (12) months, we have not sold your personal information. “Sold” is defined under the CCPA.

Disclosures of Personal Information for a Business Purpose
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We share your personal information with the following categories of third parties:

Our affiliates.

Our business customers.

Our business customers.

A buyer of our business.

The public, voluntarily by you.

We may also share your information as we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations and the security of our Services; (f) to protect our rights, privacy, safety or property, and/or that of you or others; (g) to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.

Category B: California Customer Records personal information categories.
Category C: Protected classification characteristics under California or federal law.
Category D: Commercial information.
Category E: Biometric information.
Category F: Internet or other similar network activity.
Category G: Geolocation data.
Category K: Inferences drawn from other personal information.

Your Rights and Choices

Under the CCPA, California residents have specific rights about their personal information. See below for information about these rights. The CCPA does not give these rights to consumers with B2B personal information.Access to Specific Information and Data PortabilityYou have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Rights), we will disclose to you:

The categories of personal information we collected about you.

The categories of sources for the personal information we collected about you.

Our business or commercial purpose for collecting that personal information.

The categories of third parties with whom we share that personal information.

The specific pieces of personal information we collected about you (which will allow you to exercise your data portability right).

Deletion Request
You have the right to request that we delete any of your personal information that we collected from you and still retain, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

Debug products to identify and repair errors that impair existing intended functionality.

Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.

Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

Comply with a legal obligation.

Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Rights
To exercise your rights above, please submit a verifiable consumer request to us by either:

Emailing us at privacy@perkville.com and providing your full name and email address and the request that you are making (e.g., right to access, portability or deletion).

Submitting a web form located on our support portal and providing your full name and email address and the request that you are making (e.g., right to access, portability or deletion).

The CCPA does not give these rights to consumers with B2B personal information.

Only you, or someone legally authorized to act for you, may make a verifiable consumer request about your personal information.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

Describe your request with sufficient detail that allows us to properly understand and respond to it.


We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request.

Making a verifiable consumer request does not require you to create an account with us. We may require you to make your request through your account if you have an account with us.


Format of Response and Timing
We will try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically.

Any disclosures we provide will only cover the 12-month period preceding the request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity.

Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

Provide you a different level or quality of goods or services.

Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Deny you goods or services.

Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

We may offer certain financial incentives permitted by the CCPA that could result in different prices, rates, or quality levels. The incentive will reasonably relate to your personal information's value to us and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

Provide you a different level or quality of goods or services.

Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Deny you goods or services.

Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

Privacy Notice for California Company Workforce

This Privacy Notice for California Company Workforce (“California Workforce Notice”) applies solely to employees, job applicants, controlling owners, directors, officers, independent contractors, and medical staff of Perkville (if any) who reside in California (“you” or “Company Workforce”).

We have adopted this California Workforce Notice to comply with the California Consumer Privacy Act of 2018 (CCPA) with respect to certain Company Workforce. Any terms defined in the CCPA have the same meaning when used in this California Workforce Notice.

Category
A. Identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
C. Protected classification characteristics under California or federal law.
D. Commercial information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Sensory data.
I. Professional or employment-related information.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
K. Inferences drawn from other personal information.
Examples
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.Some personal information included in this category may overlap with
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
Physical location or movements.
Audio, electronic, visual, thermal, olfactory, or similar information.
Current or past job history or performance evaluations.
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Deidentified or aggregated consumer information is not personal information under CCPA.

Publicly available information from government records is not personal information under CCPA.

Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data are also not personal information under CCPA.

Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994 are also not personal information under CCPA.

Use of Personal Information

We may use the personal information of the Company Workforce for one or more of the following purposes:

Employees, directors and officers: We may use your information for the following purposes: identifying you, verifying work authorization, administering taxes and health, medical and other benefit plans, keeping track of your records, contacting you, facilitating payment to bank accounts, contributing to 401(k) plans, garnishing wages required by law, evaluating performance, tracking efficiency and productivity, protecting against disclosure of confidential information and trade secrets, and ensuring compliance with applicable laws and company policies.

Job applicants: We may use your information for the following purposes: identifying you, keeping track of records, contacting you, evaluating your candidacy, performing background and reference checks, and onboarding you.

Independent contractors: We may use your information for the following purposes: identifying you, administering taxes, keeping track of your records, contacting you, facilitating payment to bank accounts, evaluating performance, tracking efficiency and productivity, protecting against disclosure of confidential information and trade secrets, and ensuring compliance with applicable laws and company policies.

Legal and Other Uses: We may also use your information if we believe it is required or appropriate: (a) to prevent or stop activity that we may think is, or is at risk of being, illegal, unethical or legally actionable activity; (b) to protect our rights, privacy, safety or property, and that of you and others; (c) to protect our operations and the security of our Services; (d) under applicable law; (e) to comply with legal process and our legal obligations; (f) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (g) to enforce our terms and conditions; and (h) to allow us to pursue available remedies or limit potential damages.

We may use your information as described to you when collecting your personal information or as otherwise set forth in the CCPA.

The Company will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.