Cpamatica Privacy Policy

Last revised: March 07, 2024

Purpose

The purpose of this Privacy Policy is to inform you of how Cpamatica (“Company” or “we” or “our” or “us”) processes, collects, uses, and discloses the personal data that we collect from you when you use and visit the website located at https://cpamatica.io (the "Website" and/or "Service"), how such data will be used by the Company (as defined below), its Advertising Partners, and/or other persons or entities with whom such data may be shared, as well as your choices regarding the processing, collection, use, and distribution of such data and the security measures that we have implemented to protect your privacy. Please read this Privacy Policy carefully to understand our policies and procedures regarding your personal data and how it will be processed.

BY CONTINUING TO USE THE WEBSITE, YOU PROMISE US THAT: 1) YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY, AS AMENDED FROM TIME TO TIME BY THE COMPANY AT ITS SOLE AND ABSOLUTE DISCRETION, AND 2) YOU ARE OVER 18 YEARS OF AGE. You further agree to regularly review this Privacy Policy to ensure that you are familiar with the Company's most current policies and procedures. Your continued use of the Website after we make changes is deemed to accept those changes. If you do not agree or are unable to make this promise, you must not use the Website.

If required by law, we will make reasonable efforts to contact you about material changes or updates to this Privacy Policy; if you have provided us with an email address, you agree that we may email you a notice regarding such changes or updates; if you have not provided us with an email address, you agree to view this page periodically and when our site informs you that this Privacy Policy has been updated.

Personal data controller

Cpamatica will be the controller of your personal data.

Categories of personal data we collect

A. Personal data you directly provide to us

By visiting our Website and/or creating an account, you provide us with personal data about yourself. For example, such data includes name and surname, email address, Skype or Telegram profile, Facebook or LinkedIn profile, country of residence, and data on your professional experience.

Also, you may provide us with the payment method information, such as bank account information (to the extent needed to pay for or receive payment as part of providing services to our Website).

B. Personal data we collect automatically

• Data about how you found us

We collect data about your referring app or URL (that is, the app or place on the Web where you were when you tapped/clicked on our ad).

• Device, location, and other data

We may collect data from your device. Examples of such data include language settings, unique user ID, IP address, location (country/city), type and model of the device, gender, age, device settings, Internet service provider, mobile carrier, hardware ID, operating system, and Facebook ID.

C. Usage Data

We record how you interact with our Service. For example, we log what pages you have viewed, and how long you are on the Website.

• Advertising IDs

For example, Apple Identifier for Advertising (IDFA) or Google Advertising ID (AAID) (depending on the operating system of your device) when you access our Website from a mobile device.

D. Cookies

We use cookies to track the activity on our Websites and store certain information.

Cookies are used, in particular, to recognize you the next time you visit our Website automatically. As a result, the information, which you have earlier entered in certain fields on the Website may automatically appear the next time when you use our Service. Cookie data will be stored on your device and, most of the time, only for a limited time period.

For what purposes do we process personal data

We process your personal data for the following purposes:

A. To provide our Service

This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues.

To host personal data and enable our Service to operate and be distributed, we use Digital Ocean, which is a hosting and backend service.

B. To provide you with customer support

We process your personal data to respond to your requests for technical support, Service information, or any other communication you initiate. For this purpose, we may send you emails about, for example, the performance of our Service, payment transactions, notices regarding our Terms and Conditions , or this Privacy Policy.

C. To communicate with you regarding your use of our Service

We communicate with you, for example, by email. These may include emails with information about the Service.

D. To research and analyze your use of the Service

This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Website and our new products. We also use such data for statistical analysis purposes, to test and improve our offers.

We use Google Tag Manager to manage tags on the Website for conversion tracking and Website analytics.

We also use Hotjar, a behavior analytics tool that analyzes Service use and provides feedback through heatmaps, session recordings, and surveys. For more information, see Hotjar’s Privacy Policy .

To analyze how visitors use our Service and to measure the effectiveness of some ads, we use Google Analytics, a web analysis program of Google. Google Analytics places cookies on your device to provide us with analytics. On Google Analytics, we get, in particular, aggregated information on the data you enter on our Website and users’ interactions within the Website. Google allows you to influence the collection and processing of the information generated by Google, in particular, by installing a browser plug-in, available here . You can read more about how Google uses information here .

E. To send you marketing communications

We process your personal data for our marketing campaigns. As a result, you will receive information about our products, such as special offers, promotions, new products, or services. We may show you advertisements on our Website and send you emails for marketing purposes. To opt out of receiving marketing emails from us, you need to unsubscribe by following the instructions in the footer of the marketing emails.

F. For the purpose of payments and keeping proper records of those transactions

The transaction data may be processed for the purpose of payments and keeping proper records of those transactions.

G. To personalize our ads

We and our partners use your personal data to tailor ads and possibly even show them to you at the relevant time. For example, if you have accessed our Website, you might see ads for our products, for example, in your Facebook feed.

How to opt-out or influence personalized advertising

iOS: On your iPhone or iPad, go to “Settings,” then “Privacy” and tap “Advertising” to select “Limit Ad Track”. In addition, you can reset your advertising identifier (this also may help you to see less of personalized ads) in the same section.

Android: To opt out of ads on an Android device, simply open the Google Settings app on your mobile phone, tap “Ads” and enable “Opt-out of interest-based ads”. In addition, you can reset your advertising identifier in the same section (this also may help you to see less personalized ads).

To learn about how to affect advertising choices on various devices, please look at the information available here .

In addition, you may get useful information and opt out of some interest-based advertising, by visiting the following links:

• Network Advertising Initiative - https://optout.networkadvertising.org
• Digital Advertising Alliance - https://optout.aboutads.info/
• Digital Advertising Alliance (Canada) - https://youradchoices.ca/en/tools
• Digital Advertising Alliance (EU) - https://www.youronlinechoices.com/
• DAA AppChoices page - https://youradchoices.com/appchoices

Browsers: You can also change your browser’s cookie settings to stop accepting cookies altogether. You can usually find these settings in the “options” or “preferences” menu of your browser. The following links may be helpful, or you can use the “Help” option in your browser.

• Cookie settings in Internet Explorer
• Cookie settings in Firefox
• Cookie settings in Chrome
• Cookie settings in Safari web and iOS

Google allows its users to opt out of Google personalized ads and to prevent their data from being used by Google Analytics .

We use Facebook pixel on the Website. Facebook pixel is a code placed on the Website collecting data that helps us track conversions from Facebook ads, build a targeted audience, and remarket to people who have taken some action on the Website.

H. To enforce our Terms and Conditions and to prevent and combat fraud

We use personal data to enforce our agreements and contractual commitments, to detect, prevent, and combat fraud. As a result of such processing, we may share your information with others, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms and Conditions ).

I. To comply with legal obligations

We may process, use, or share your data when the law requires it, in particular, if a law enforcement agency requests your data by available legal means, or cooperating with public and government authorities, courts, or regulators in accordance with our legal obligations under applicable laws to the extent this requires to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our Website and/or Service, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, legal claims, respond to lawful requests, or for auditing purposes.

Under what legal basis do we process your personal data

In this section, we are letting you know what legal basis we use for each particular purpose of processing. For more information on a particular purpose, please refer to Section “For what purposes do we process personal data” of this Privacy Policy. This section applies only to EEA-based users.

We process your personal data under the following legal bases:

A. To perform our contract with you:

Under this legal basis, we:

• Provide our Service (in accordance with our Terms and Conditions of Use );
• Provide you with customer support;
• Make payments and keep proper records of those transactions;
• Communicate with you regarding your use of our Service:
  • for our (or others) legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data;

B. We rely on legitimate interests:

• to communicate with you regarding your use of our Service

This includes, for example, sending you an email to notify you that we have released a new product. The legitimate interest we rely on for this purpose is our interest in encouraging you to use our Service more often.

• to research and analyze your use of the Service

Our legitimate interest for this purpose is our interest in improving our Service so that we understand users’ preferences and are able to provide you with a better experience (for example, to make the Website navigation easier and more user-friendly).

• to send you marketing communications

The legitimate interest we rely on for this processing is our interest in promoting our Service, including new products and special offers, in a measured and appropriate way.

• to personalize our ads

The legitimate interest we rely on for this processing is our interest in promoting our Service in a reasonably targeted way.

• to enforce our Terms and Conditions of Use and to prevent and combat fraud

Our legitimate interests for this purpose are enforcing our legal rights, preventing and addressing fraud and unauthorized use of the Service, and non-compliance with our Terms and Conditions of Use .

• to comply with legal obligations.

With whom we may share your personal data

We may share personal data with third parties that help us operate, provide, and market our Service. We may share your personal data, in particular, for purposes indicated in Section “For what purposes do we process personal data” of this Privacy Policy. The types of third parties we may share information with include, in particular:

A. Service providers

We may share personal data with third parties that we hire to provide services or perform business functions on our behalf, based on our instructions. We may share your personal data with the following types of service providers:

• cloud storage providers (Amazon, Digital Ocean);
• data analytics providers (Facebook, Analytics, Yandex, Hotjar, Google);
• marketing partners (Facebook).

B. For business transfers

As we develop our business, we may buy or sell assets or business offerings. Customers’ information is generally one of the transferred business assets in these types of transactions. We may also share such information with any affiliated entity (e.g. parent company or subsidiary) and may transfer such information in the course of a corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

C. Business partners

We may share your personal data with our business partners to offer you certain products, services, or promotions.

D. Law enforcement agencies and other public authorities

We may use and disclose personal data to enforce our Terms and Conditions of Use , protect our rights, privacy, safety, or property and/or that of our affiliates, you, or others, respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.

Your rights as a data subject

We respect the confidentiality of your personal data and guarantee you can exercise your rights. You have the right under this Privacy Policy, and by law, if you are within the EU/EEA, to:

• Request access to your personal data. The right to access, update, or delete the data we have on you. Whenever made possible, you can access, update, or request the deletion of your personal data directly by contacting us at info@cpamatica.io. This also enables you to receive a copy of the personal data we hold about you.
• Request correction of the personal data that we hold about you. You have the right to have incomplete or inaccurate information we hold about you corrected.
• Object to processing of your personal data. This right exists where we rely on legitimate interest as the legal basis for our processing, and there is something about your particular situation that makes you want to object to our processing of your personal data on this ground. You also have the right to object to where we are processing your personal data for direct marketing purposes.
• Request the erasure of your personal data. You have the right to ask us to delete or remove personal data when there is no good reason for us to continue processing it.
• Request the transfer of your personal data. We will provide your personal data to you, or to a third party you have chosen, in a structured, commonly used, machine-readable format. Please note that this right only applies to automated data, which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw your consent. You have the right to withdraw your consent to use your personal data. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Website.

If you wish to exercise any of the rights set out above, please contact us at info@cpamatica.io.

No fee is usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Timeframe for responding to a request

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Сookies and similar tracking technologies

When you access the Website, we may use “cookies” (or similar tracking technologies). The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences, and making the interaction between you and our Website quicker and easier. Cookies are also used to help customize your experience.

There are several types of cookies, among others:

• Essential, Functionality, Operational & Security cookies. These cookies are essential for enabling user movement around the website, for the website to function properly, and for security purposes (i.e., used to authenticate users, prevent fraudulent use, and protect user data from unauthorized parties). This category of cookies either cannot be disabled or, if disabled, certain features of the Websites may not work.
• Analytic, Measurement & Performance cookies. These cookies are used to collect data about how users use our Websites to improve their and the way we offer them, as well as assess the performance of the Websites. These cookies enable us, for example, to assess the number of users who have viewed a specific article and their country of origin. It enables our Websites to remember data that changes how it behaves or looks, such as your preferred language.
• Preference, Targeting & Advertising cookies. These cookies are used to advertise across the Internet and to display relevant ads tailored to users based on the parts of the website they have (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage).

Most browsers will allow you to erase cookies from your computer’s hard drive, block the acceptance of cookies, or receive a warning before a cookie is stored. You may remove our cookies by following the instructions of your device preferences. However, if you block or erase cookies, some features of the Websites may not operate properly, and your online experience may be limited.

Сhildren’s privacy

The Website is not intended for individuals under the age of eighteen (18); accordingly, we do not use the Website to knowingly solicit data from or market to children defined under applicable law (e.g., thirteen (13) regarding US individuals and sixteen (16) regarding European Economic Area (“EEA”) individuals). We request that such individuals do not provide personal data through our Website. We reserve the right to request proof of age at any stage so that we can verify that children under the age of eighteen (18) are not using the Website. If you become aware or have any reason to believe that a child has shared with us, please contact us at info@cpamatica.io, and we will take reasonable steps to ensure that such data is deleted from our files.

How long do we keep your personal data

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. For example, we will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Websites, or we are legally obligated to retain this data for longer time periods.

International data transfer

We may transfer personal data to countries other than the country in which the data was originally collected for the purposes outlined in the Terms and Conditions of Use and for purposes indicated in this Privacy Policy. If these countries do not have the same data protection laws as the country where you initially provided the information, we deploy special safeguards.

In particular, if we transfer personal data originating from the EEA to countries with not an adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here ), or (ii) the European Commission adequacy decisions about certain countries - details available here .

Security of the personal data

We take great care in implementing and maintaining the security measures of the Website and your personal data. We employ industry standard procedures and policies and implement technical and administrative security measures to ensure the safety of our user’s personal data and prevent unauthorized access or use of any such personal data. However, no data transmission over the internet or any wireless network can be guaranteed to be 100% secure, and we can not be responsible for the acts of those who gain unauthorized access or abuse our Website, we make no warranty, express, implied or otherwise, that we will prevent such access.

We may adopt what we believe are appropriate data collection, storage, and processing practices and security measures to protect against unauthorized access to such data and according to applicable law requirements. If you feel that your privacy was not treated in accordance with our Privacy Policy, or if any person attempted to abuse our Website or acted in an appropriate manner, please contact us directly at info@cpamatica.io.

Changes to Privacy Policy

We reserve the right to amend this Privacy Policy at our sole discretion and at any time. If we make changes to this Privacy Policy, we will immediately post the updated Privacy Policy on our Website and update the relevant, effective date. Any such changes will be effective immediately upon being posted unless otherwise stated in the change. Your continued use of our Website after posting changes constitutes your acceptance of such changes.

Privacy Policy for California and Virginia residents

This section provides additional details about how we process California and Virginia consumers' personal data and the rights available to them under the California Consumer Privacy Act (“CCPA”), California Privacy Rights Act (“CPRA”), California’s Shine the Light law, and Virginia Consumer Data Protection Act (“VCDPA”). Therefore, this section applies only to residents of California and Virginia, United States.

For more details about the personal data we have collected, please see the Section "Categories of personal data we collect" above. We collect this data for the purposes described in the Section "For what purposes do we process personal data" of this Privacy Policy. We may also share and/or disclose your personal data with certain categories of third parties, as indicated in the Section "With whom we may share your personal data."

Categories of personal data

We collect data that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. The following is a list of categories of personal data that we may have collected from California and Virginia residents within the last twelve (12) months.

Please be aware that the categories and examples provided in the list below are those defined in the CCPA and CPRA. This does not mean that all examples of that category of personal data were, in fact, collected by us but reflects our good faith belief, to the best of our knowledge, that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal data would only be collected if you provided such personal data directly to us.

• Category A. Identifiers

Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver's license number, passport number, or other similar identifiers.

Collected: Yes.

• Category B. Personal data categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Collected: Yes.

• Category C. Protected classification characteristics under California or federal law

Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Collected: Yes.

• Category D. Commercial data

Examples: Records and history of products or services purchased or considered.

Collected: Yes.

• Category E. Biometric data

Examples: Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Collected: No.

• Category F. Internet or other similar network activity

Examples: Interaction with our Website.

Collected: Yes.

• Category G. Geolocation data

Examples: Approximate physical location.

Collected: Yes.

• Category H. Sensory data

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

Collected: No.

• Category I: Professional or employment-related data

Examples: Current or past job history or performance evaluations.

Collected: Yes.

• Category J. Non-public education data (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))

Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Collected: No.

• Category K. Inferences are drawn from other personal data

Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Collected: No.

• Category L. Sensitive personal data

Examples: social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; the contents of the email, email, and text messages unless the business is the intended recipient of the communication; genetic data; the processing of biometric information for the purpose of uniquely identifying; personal data collected and analyzed concerning health; personal information collected and analyzed concerning sex life or sexual orientation.

Collected: Yes.

Under CCPA and CPRA, personal data does not include:

• Publicly available information from government records;
• Deidentified or aggregated consumer information;
• Information excluded from the CCPA's scope, like:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • Personal Information is covered by specific sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

Use of personal data

We may use or disclose personal data we collect for "business purposes" or "commercial purposes" (as defined under the CCPA and CPRA), which may include the following examples:

• To operate our Website and/or Service.
• To provide our Service.
• To provide you with customer support and to respond to your inquiries, including investigating and addressing your concerns and monitoring and improving our Website.
• To communicate with you regarding your use of our Service.
• To research and analyze your use of the Service.
• To send you marketing communications.
• To make payments and keep proper records of those transactions.
• To personalize our ads.
• To enforce our Terms and Conditions of Use and to prevent and combat fraud.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• As described to you when collecting your personal data or as otherwise outlined in the CCPA and CPRA.
• For internal administrative and auditing purposes.
• To detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity, including, when necessary, prosecuting those responsible for such activities.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by us about our Websites users is among the assets transferred.

If we decide to collect additional categories of personal data or use the personal data we collected for materially different, unrelated, or incompatible purposes, we will update this Privacy Policy.

Sharing of personal data

We may disclose your personal data to a third party for business purposes or sell your personal data, subject to your right to opt out of those sales. When we disclose personal data for a business purpose, we enter a contract that describes the purpose and requires the recipient to keep that personal data confidential and not use it for any purpose except the contract. The CCPA, CPRA, and VCDPA prohibit third parties who purchase the personal data we hold from reselling it unless you have received explicit notice and an opportunity to opt out of further sales.

We may share your personal data with the following categories of third parties:

• Service providers;
• Business partners;
• Data aggregators;
• Google;
• Third-party vendors to whom you or your agents authorize us to disclose your personal data in connection with the Services we provide to you.

Disclosure of personal data for business purposes

We may use or disclose and may have used or disclosed in the last twelve (12) months the following categories of personal data for business or commercial purposes:

• Category A. Identifiers.
• Category B. Personal data categories are listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
• Category C. Protected classification characteristics under California or federal law.
• Category D. Commercial data.
• Category F. Internet or other similar network activity.
• Category L. Sensitive personal data.

Please note that the categories listed above are those defined in the CCPA and CPRA. This does not mean that all examples of that category of personal data were, in fact, disclosed but reflects our good faith belief, to the best of our knowledge, that some of that information from the applicable category may be and may have been disclosed.

Sale of personal data

As defined in the CCPA and CPRA, "sell" and "sale" mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal data by the business to a third party for monetary or other valuable consideration. This means that we may have received some kind of benefit in return for sharing personal data, but not necessarily a monetary benefit.

Please note that the categories listed below are those defined in the CCPA and CPRA. This does not mean that all examples of that category of personal data were, in fact, sold, but it reflects our good faith belief, to the best of our knowledge, that some of that data from the applicable category may be and may have been shared for value in return.

We may sell and may have sold in the last twelve (12) months the following categories of personal data:

• Category A. Identifiers.
• Category B. Personal data categories are listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
• Category C. Protected classification characteristics under California or federal law.
• Category D. Commercial data.
• Category F. Internet or other similar network activity.
• Category L. Sensitive personal data.

Sale of personal data of minors under 16 years of age

We do not knowingly collect personal data from minors under the age of 16 through our Website.

We do not sell the personal data of consumers we actually know less than 16 years of age unless we receive affirmative authorization (the "right to opt-in") from either the consumer who is between 13 and 16 years of age or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to the sale of personal data may opt out of future sales at any time. To exercise the right to opt out, you (or your authorized representative) may submit a request to us at info@cpamatica.io.

If you have reason to believe that a child under the age of 13 (or 16) has provided us with personal data, please contact us with sufficient detail to enable us to delete that data.

Your rights under the CPPA, CPRA, and VCDPA

The CCPA and CPRA provide California residents, and VCDPA provides Virginia residents with specific rights regarding their personal data. If you are a resident of California and/or Virginia, you have the following rights:

• The right to notice. You have the right to be notified of which categories of personal data are being collected and the purposes for which the personal data is being used.
• The right to request. Under CCPA, CPRA, and VCDPA, you have the right to request that we disclose data to you about our collection, use, sale, disclosure for business purposes, and sharing of personal data. Once we receive and confirm your request, we will disclose to you:
  • The categories of personal data we collected about you.
  • The categories of sources for the personal data we collected about you.
  • Our business or commercial purpose for collecting or selling that personal data.
  • The categories of third parties with whom we share that personal data.
  • The specific pieces of personal data we collected about you.
  • If we sold your personal data or disclose your personal data for a business purpose, we will disclose to you:
    • The categories of personal data sold;
    • The categories of personal data disclosed.
• The right to say no to the sale or sharing of personal data (opt out) for California residents. You have the right to direct us not to sell or share your personal data. To submit an opt out request, please contact us at info@cpamatica.io.
• The right to opt out of the processing of the personal data for Virginia residents for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. To submit an opt out request, please contact us at info@cpamatica.io.
• The right to correct inaccuracies. Under CCPA, CPRA, and VCDPA, you have the right to request us to correct the inaccurate personal data that we maintain about you, taking into account the nature of the personal data and the purposes of the processing of the personal data.
• The right to limit the use and disclosure of sensitive personal data. Under CPRA, you have the right to direct us to limit our use of your sensitive personal data to that use which is necessary to perform the services. To submit such a request, please contact us at info@cpamatica.io.
• The right to delete personal data. You have the right to request the deletion of your personal data, subject to certain exceptions. Once we receive and confirm your request, we will delete your personal data from our records unless an exception applies. We may deny your deletion request if retaining the data is necessary for our service providers or us:
  • To complete the transaction for which we collected the personal data, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • To debug products to identify and repair errors that impair existing intended functionality.
  • To exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • To comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • To engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws when the data's deletion may likely render impossible or seriously impair the research's achievement if you previously provided informed consent.
  • To enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • To comply with a legal obligation.
  • To make other internal and lawful uses of that data that are compatible with the context in which you provided it.
• The right not to be discriminated against. You have the right not to be discriminated against for exercising any of your consumer rights, including by:
  • Denying goods or services to you.
  • Charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties.
  • Providing a different level or quality of goods or services to you.
  • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

The right to opt out

For California residents

If you are 16 years of age or older, you have the right to direct us not to sell or share your personal data at any time (the "right to opt out"). We do not sell or share the personal data of consumers we actually know less than 16 years of age unless we receive affirmative authorization (the "right to opt in") from either the consumer who is between 13 and 16 years of age or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal data sales or sharing may opt out of future sales at any time.

To exercise the right to opt out, you (or your authorized representative) may submit a request to us at info@cpamatica.io.

For Virginia residents

Virginia residents have the right to opt out of the processing of personal data for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.

To exercise the right to opt out, you may submit a request to us at info@cpamatica.io.

“Do not track” policy is required by California Online Privacy Protection Act (CalOPPA)

Our Website does not respond to do not track (“DNT”) signals.

Children’s Privacy

Our Website does not address anyone under the age of 13. We do not knowingly collect personally identifiable data from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from anyone under the age of 13 without verification of parental consent, we take the necessary steps to remove that data from our servers.

If we need to rely on consent as a legal basis for processing your data and your country requires consent from a parent, we may require your parent's consent before we collect and use that data.

Other California privacy rights

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Website who are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact us at info@cpamatica.io.