Policy last updated: December 30, 2019
We encourage you to review the following information carefully.
Depending on which features of the Platform you use, we collect different kinds of information (including Personal Information) about or from you. This Personal Information is necessary for the performance of our contractual obligations towards you and providing you with our Services, to protect our legitimate interests, as well as for compliance with regulatory obligations to which we are subject. If this information will not be provided, you may not be able to use our Platform (such as opening an EX.CO Account), or certain features of our Platform. In certain instances, we will obtain your consent to the collection of your Personal Information, as appropriate (in which case, you can revoke your consent at any time by approaching us).
From Website Visitors
From End Users
Data collected from End Users will be used solely on behalf of our Customers, who serve as Data Controllers (or as Businesses, as defined under the CCPA, where the End Users reside in California). EX.CO may process the data collected on its own behalf only on and aggregated and anonymized basis for research, analytics, improvement of our Platform and customization of ads.
If we combine Personal Information with anonymous information about you, the combined information will be treated as Personal Information for as long as it remains combined.
When you visit or access our Platform (including when you interact or engage with our Embedded Items), we use (and authorize third parties to use) web beacons, cookies, pixel tags, scripts, tags and other technologies (“Tracking Technologies“).
International Data Transfer
Website Visitor/Customer Rights
If you reside in the EU (or in a jurisdiction that affords you with the below rights), you may request to:
However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements. If you ever decide to exercise any of the above rights or to terminate your EX.CO Account, you may do so by emailing us at email@example.com.
Collecting Personal Information
In the preceding twelve (12) months, we have collected the following categories of Personal Information:
|Category of Personal Information Collected||Personal Information Collected||Sources of Personal Information||Business Purpose for Collection|
|A. Identifiers||Full name, email address, postal address, social media identifier, IP address, account name||Directly from consumers upon subscription.|
Directly or indirectly from activity on our Website by cookies or other tracking technologies.
From third parties that interact with us, including social networks and other publicly available sources.
|To provide you with our Websites.|
To improve our Websites.
To detect and prevent fraud or illegal activities.
To respond to your requests and inquiries, and communicate with you.
Direct marketing purposes – we may use the contact details you provided us to send you promotional offers.
To perform research, technical diagnostics, analytics or statistical purposes.
Information is also sold to business partners for commercial purposes (e.g. to advertisers)
To charge our Customers for the Services provided by us.
|B. Personal Information Categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e))||Name, image, address.|
|C. Internet or Other Electronic Network Activity Information||The referring page that linked you to our Websites, browsing history, interaction with our Websites||Directly from consumer’s device by using cookies or other tracking technologies.|
|D. Geolocation Data||Country, State and city||Directly from consumer’s device by using IP address, or as directly submitted by the consumer, or as made available on publicly available sources.|
|E. Professional or employment-related information||Company name, roles of relevant Customer employees||Directly from correspondence with users.|
From Customer’s website, social media page or other publicly available resources.
|F. Commercial Information||Records of products or Services purchased by us||From our databases of historical transactions.|
Personal Information under the CCPA does not include:
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We disclose your Personal Information to third parties for a business purpose. When we disclose Personal Information for a business purpose, we enter into a contract that describes the purpose and requires both parties to keep that Personal Information confidential and not use it for any purpose except in the performance of the contract.
In the preceding twelve (12) months, we have disclosed the above-mentioned categories of Personal Information with the following categories of recipients for a business purpose:
Selling Personal Information
We may sell (according to the CCPA definition of a “sale”) your Personal Information to third parties and businesses for commercial purposes.
If we were to sell your Personal Information, you have the right to opt-out of the sale – see below for more information on how to exercise your rights under the CCPA.
In the preceding twelve (12) months, we have not sold your Personal Information.
Consumer Rights under the CCPA
Access to Personal Information
If you are a Website Visitor or a Customer who is not communicating with us as an employee, owner, contractor, director or officer of a company, partnership, sole partnership, non-profit or government agency you may request that we disclose to you the categories and specific pieces of Personal Information that we have collected about you, the categories of sources from which your Personal Information is collected, the business or commercial purpose for collecting your Personal Information, the categories of Personal Information that we disclosed for a business purpose, any categories of Personal Information about you that we sold, the categories of third-parties with whom we have shared your Personal Information, and the business or commercial purpose for selling your Personal Information, if applicable.
If you are a Website Visitor or a Customer, you have the right to request that we delete any Personal Information collected from you and retained, unless retaining the information is necessary for us or for our service providers to:
Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers, subcontractors, and consultants to delete) your Personal Information, unless an exception applies.
Right to Opt-Out of the Sale of Personal Information
In the preceding twelve (12) months, we have not sold your Personal Information.
In the event that we sell your Personal Information, you have the right to submit a request to opt-out of the sale of your Personal Information. You may change your decision at any time and permit us to sell your Personal Information.
After you opt-out, we may continue to share some Personal Information with our partners (who will function as our service providers in such instance) to help us perform business-related functions such as, but not limited to, providing the Service, ensuring that the Service is working correctly and securely, providing aggregate statistics and analytics and/or preventing fraud. If you access our Platform from other devices or browsers, visit the links below from those devices or browsers to ensure your choice applies to the Personal Information collected when you use those devices or browsers.
Additionally, although clicking the “Do Not Sell My Personal Information” link will opt you out of the sale of your Personal Information for advertising purposes, it will not opt you out of the use of previously collected and sold Personal Information (except for Personal Information sold within 90 days prior to your exercising your right to opt-out) or all interest-based advertising. If you would like more information about how to opt-out of interest-based advertising in desktop and mobile browsers on a particular device, please visit http://optout.aboutads.info/#/ and http://optout.networkadvertising.org/#. You may also download the AppChoices app at http://www.aboutads.info/appchoices to opt-out in connection with mobile apps, or use the platform controls on your mobile device to opt-out.
Exercising Your Rights
You can exercise your rights (such as access and deletion) via our Platform, where you can use tools to view, rectify, download, deactivate and delete your data.
In addition, to request access to your Personal Information or request deletion of your Personal Information, you can also submit a verifiable consumer request to our email address: firstname.lastname@example.org.
Only you or a person authorized to act on your behalf may make a consumer request related to your Personal Information.
The request must:
You may only request a copy of your data twice within a 12-month period.
If you have any general questions about the Personal Information that we collect about you how we use it, please contact us at email@example.com.
Response Timing and Format
Our goal is to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing within the first 45 days period. We will deliver our written response, by mail or electronically, at your option. Any disclosures we provide will cover only the 12-month period preceding the request. If reasonably possible, we will provide your Personal Information in a format that is readily useable and should allow you to transmit the information without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
In case of rejection, the response we provide will explain the reasons for which we cannot comply with your request.
Please note that these CCPA rights are not absolute and requests are subject to any applicable legal requirements, including legal and ethical reporting or document retention obligations.
You can designate an authorized agent to make a request under the CCPA on your behalf if:
If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below.
If you provide an authorized agent with power of attorney pursuant to Probate Code §§ 4000–4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.
Do Not Track Signals
We do not knowingly collect or solicit Personal Information from anyone under the minimum age for providing consent in the jurisdiction they reside in (“Age of Consent“) or knowingly allow such persons to register as Customers. By accessing or using our Platform, you certify to us that you are at the Age of Consent. In the event that we learn that we have collected Personal Information from a child under the Age of Consent without verification of parental consent, we will delete that information upon discovery. If you believe that we might have any information from or about a child under the Age of Consent, then please contact us at firstname.lastname@example.org.
Some of our third party partners may obtain Personal Information from you if you voluntarily submit such information. We are not responsible for any information collected by such third parties, or their privacy practices. Therefore, you should always review their privacy practices carefully before providing Personal Information to such third parties.
We will retain your Personal Information for as long as necessary to provide our Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods shall be determined taking into account the type of information that is collected and the purpose for which it is collected for, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.
We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use, or disclosure of your Personal Information.
Your EX.CO Account information is protected by a password for your privacy and security. You need to help us prevent unauthorized access to your EX.CO Account by protecting your password appropriately and limiting access to your account by signing off after you have finished accessing your EX.CO Account. You will be solely responsible for keeping your password confidential and for all use of your password and your EX.CO Account, including any unauthorized use.
While we seek to protect your information to ensure that it is kept confidential, we cannot guarantee the security of any information. You should be aware that there is always some risk involved in transmitting information over the internet and that there is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your Personal Information, we cannot ensure or warrant the security and privacy of your Personal Information or other content you transmit using the Platform, and you do so at your own risk. Thus, we encourage you to exercise discretion regarding the Personal Information you choose to disclose.
Attn: Data Protection Officer
5 Aluf Kalman Magen St.
Building A, 1st Floor
Tel Aviv, 6107077
If you reside in the EU you may also approach our representative at the UK:
Playbuzz UK Limited
Formal Address: 37 Broadhurst Gardens
London, NW6 3QT, UK