Application of Policy
This policy describes the manner in which Blenderbox Inc., a New York corporation (“Blenderbox”, “we” and “us”) collects, maintains, uses and discloses user information provided through Blenderbox’s website, https://blenderbox.com (the “Site”).
Information We Collect About You
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual, household, or device (“personal information”). In particular, we may have collected the following categories of personal information from individuals within the last 12 months as indicated by a YES or NO below for each category:
Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
A name, signature, Social Security Number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information in this category may overlap with other categories.
C. Protected classification under California or federal law
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
D. Commercial information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric information
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait or other physical patterns, and sleep, health, or exercise data.
F. Internet or other similar network activity
Browsing history, search history, information on an individual’s interaction with a website, application, or advertisement.
G. Geolocation data
Physical location or movements.
H. Sensory data
I. Professional or employment-related information
Current or past job history or performance evaluations.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 24 C.F.R. Part 99)
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences drawn from other personal information
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
L: Sensitive personal information.
Social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; union membership; genetic data; the contents of an individual’s mail, email, and text messages unless the business is the intended recipient of the communication; the processing of biometric information for the purpose of uniquely identifying an individual; or personal information collected and analyzed concerning an individual’s health, sex life, or sexual orientation.
How We Collect Your Information
We collect the categories of personal information listed above from the following categories of sources:
- Directly from you when you provide it to us. For example, from forms you complete.
- Indirectly from you. For example, as you navigate through the Site.
- From third parties. For example, from our clients.
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Site, including traffic data, location data, logs, and other communication data and the resources that you access and use.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information we collect automatically may include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Site and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Site according to individual interests.
- Recognize you when you return.
The technologies we use for this automatic data collection may include:
Web Beacons. Pages of our Site and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or [opened an email] and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
How We Use Your Information
We may use aggregated information about our users, and information that does not identify any individual, without restriction. We use information that we collect about you or that you provide to us, including any personal information:
- To provide the Site.
- To provide users with information and services that are requested from us.
- To fulfill any other purpose for which you provide it.
- To carry out our obligations and enforce our rights.
- To notify you about changes to our Site or any products or services we offer or provide though it.
- To provide, support, personalize, and develop our Site.
- To provide support and to respond to inquiries.
- To help maintain the safety, security, and integrity of our Site, databases and other technology
assets, and business.
- To respond to law enforcement requests and as required by applicable law, court order, or
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
- We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please check the relevant box located on the form on which we collect your data or email us at email@example.com. For more information, see Choices About How We Use and Disclose Your Information below.
We will not collect additional categories of personal information or use the personal information we collected for material different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except for performing the contract. In the preceding 12 months, we have disclosed the personal information to the categories of third parties indicated in the chart below. We do not sell personal information. In the preceding 12 months we have not sold any categories of personal information for a business purpose.
Specific Third-Party Disclosures
We utilize and integrate various third parties and their platforms and services to power and support the Site (collectively, “Third-Party Services”). The Third-Parties Services will receive your information to the extent necessary to provide their services or perform their functions as described. The treatment of your data by these parties is subject to their policies. We share your information with the following Third-Party Services.
- For hosting, WPEngine, Inc
- For analytics, Google, LLC.
- For bulk email, Intuit, Inc.
Your Rights and Choices
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- If we disclosed any personal information for a business purpose, a list disclosing: the disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable request we will delete (and direct our service providers to delete) your personal information from our records unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, or take actions reasonably anticipated within the context of our ongoing business relationship with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.)
- Enable solely internal uses that are reasonably aligned with expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provide it.
- We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights, please submit a verifiable request to us by emailing us at firstname.lastname@example.org.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your personal information. You may also make a verifiable request on behalf of your minor child. You may only make a verifiable request for access or data portability twice within a 12 month period. The verifiable request must:
- Provide sufficient information that allows us to reasonably verify you are the person we collected personal information on.
- Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable request does not require you to create an account with us.
Specific Choices About Tracking Technology and Promotional Offers
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
- Promotional Offers from the Company. If you do not wish to have your email address used by the Company to promote our own or third parties’ products or services, you should not opt in by checking the relevant box located on the form on which we collect your data. You can also always opt-out by sending us an email stating your request to email@example.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience or other transactions.
Response Timing and Format
We endeavor to respond to verifiable requests within 45 days of receipt. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response to you by mail or electronically, at your option. Any disclosures we provide will only cover the 12 month period preceding the verifiable request’s receipt. If applicable, we will also provide reasons we cannot comply with your request. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information. We do not charge a fee to process or respond to a verifiable request unless it is excessive, repetitive, or unfounded. If we determine a fee is warranted, we will provide you with an estimate before completing your request. We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you with a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level ofquality of goods or services.
Do Not Track
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.
Accessing and Correcting Your Information
You can review and change your personal information by sending us an email at firstname.lastname@example.org to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Other California Privacy Rights
California’s “Shine the Light” law, Civil Code Section § 1798.83, permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com.
Data Security & Retention
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We take steps designed to ensure that only those employees and other service providers who need access to your personal information to fulfil their employment duties will have access to it. All information you provide to us is stored on secure servers behind firewalls. Sensitive and private data exchange between our Site and users happens over an SSL secured communication channel and is encrypted and protected with digital signatures.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Site. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.
We will maintain your personal information for as long as they are needed, or as required by applicable laws, regulations, or government orders.
228 Park Ave South, Suite 92796
New York, NY 10003
First Posted. 12/14/2022
Last Updated. 12/14/2022