The TLDR for California residents is:
Quest CE does not sell your Personal Information.
What is Personal Information in the CCPA?
The CCPA has the broadest definition of “personal information” of any law in effect—including the European Union’s General Data Protection Regulation (GDPR). The law is so sweeping that it includes 11 categories of personal information.
It establishes the following categories of personal information:
Identifiers: Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers
Customer records information: Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit or debit card number, other financial information, medical information, health insurance information
Characteristics of protected classifications under California or federal law: Race, religion, sexual orientation, gender identity, gender expression, age
Commercial information: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
Biometric information: Hair color, eye color, fingerprints, height, retina scans, facial recognition, voice, and other biometric data
Internet or other electronic network activity information: Browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement
Audio, electronic, visual, thermal, olfactory, or similar information
Professional or employment-related information
Education information: Information that is not “publicly available personally identifiable information” as defined in the California Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99)
What Isn’t Personal Information In The CCPA?
The CCPA’s definition of personal information does not include publicly available information. That would be data contained in publicly available federal, state, or local government records.
Certain types of information are exempt from CCPA regulation, including certain financial information and medical information regulated by the Health Information Portability and Accountability Act (HIPAA).
Use Of Personal Information
The CCPA defines various business and commercial purposes for collecting, using, and disclosing Personal Information.
- Auditing related to a current interaction with you and concurrent transactions, including, but not limited to auditing compliance with this specification and other standards;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
- Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business;
- Debugging to identify and repair errors that impair existing intended functionality;
- Short-term, transient use;
- Undertaking internal research for technological development and demonstration;
- Activities to verify or maintain the quality or safety of our services, and to improve, upgrade, or enhance our services;
- Otherwise enabling or effecting, directly or indirectly, a commercial transaction;
- For other purposes for which we provide specific notice at the time the information is collected.
Collection And Disclosure Of Personal Information
- Vendors and service providers, including for data analytics and marketing and advertising our products and services to you.
- Third parties integrated into our services.
- Third parties as required by law and similar disclosures.
- Other third parties for whom we have obtained your permission to disclose your Personal Information.
Your California Privacy Rights
If you are a California resident, you may exercise the following rights:
Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information collected or disclosed by us; (2) purposes for which categories of Personal Information are collected by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you during the past twelve months.
Right to Delete. Subject to certain exceptions, you have the option to delete Personal Information about you that we have collected from you.
Verification. Requests for access to or deletion of Personal Information are subject to our ability to reasonably verify your identity in light of the information requested and pursuant to relevant CCPA requirements, limitations, and regulations.
Right to Equal Service and Price. You have the right not to receive discriminatory treatment for the exercise of your CCPA privacy rights, subject to certain limitations.
Shine the Light. We do not rent, sell, or share your Personal Information with any company for their direct marketing purposes, unless we have your permission.
Submit Requests. To exercise your rights under the CCPA, you can deactivate and purge your account by contacting Quest CE at firstname.lastname@example.org. For other requests or to authorize an agent to make a request on your behalf, you can also contact us at email@example.com.
If you have any questions, comments, or concerns about our processing activities, or you want to exercise your privacy rights, email us at firstname.lastname@example.org or write to us at:
ATTN: Privacy Support
10100 W. Innovation Drive, Suite 200
Milwaukee, WI 53226