Our Privacy Notice
CONORA CREDIT INC. PRIVACY NOTICE
This Privacy Notice (“Privacy Notice”) explains how Concora Credit Inc. and its subsidiaries (collectively, “company,” “we,” or “us,” or “our”) collect personal information from business contacts who have a business relationship with us. This Privacy Notice supplements other privacy notices you may receive in connection with your relationship with us and applies when we are interacting or processing your personal information, including in a business capacity.
This Privacy Notice does not cover the personal information we collect about employees, independent contractors or job applicants.
Notice at Collection: Personal Information We Collect and Have Collected in the Past 12 Months – Sources and Categories.
In the 12 months preceding the date of this Privacy Notice, we collected your personal information when you engaged with us on behalf of your employer, company with whom you have a business relationship or yourself when acting as a business entity; when you interacted with us at an event, conference, association, or other similar gathering; when you communicated with us online about products and/or services that we offer on behalf of financial institutions; when you engaged in a contract with us. We will continue to collect personal information from the same sources.
The categories of personal information we collected from these sources during the 12 months preceding the date of this Privacy Notice and will continue to collect, include the following:
- Personal identifiers: name, contact details IP address, account and password information for applications and/or accounts; photos
- Internet or other electronic activity information: information we obtain through your interaction with our network, tools, or applications, including information on your location when using VPN or using mobile devices
- Professional information: records of your work; records of your performance; records regarding your work location, job title and seniority; personal preferences
- Educational information: education history; trade school records; certificates and diplomas obtained
- Audio or video information: meeting or presentation recordings; security camera footage
- Inferences drawn from the above categories of personal information
Notice at Collection: Purposes for Collection of Personal Information
We use your personal information to undertake the following:
- To carry out administrative operations relating to agreements, orders, receipt of deliveries, invoices, payments, accounting in relation to customer accounts management, etc.
- To manage communications and account use including authorizing, granting and administering access to or use of our systems, facilities, devices and records;
- For network and system security and access-related issues, including by protecting the company by monitoring internet access and use and emails transmitted;
- Managing customer relationship information, including records of services provided;
- To send you marketing communications regarding our services and products
- For health and safety purposes;
- To investigate and resolve complaints;
- For our insurance purposes;
- To comply with any applicable law, court order, other judicial process, or the requirements of a regulator;
- To enforce our legal rights and obligations, and for any purposes in connection with any legal claims made by, against or otherwise involving you;
- To protect the rights of third parties;
- In contemplation of and/or in connection with a business transaction such as a merger, or a restructuring, or sale; and
- Any other purposes relating to carrying out our business or where you provide consent.
Notice at Collection: Retention Periods
We retain the categories of personal information we collect for the length of time necessary to provide our Services and to comply with legal obligations or to protect our legal rights.
Use or Disclosure of Sensitive Personal Information
We do not use or disclose sensitive personal information to create profiles about individuals or for any purposes other than providing our Services.
Disclosure of Personal Information for Business Purposes in the Past 12 Months
The following chart describes the categories of personal information we disclosed to third parties for a business purpose in the 12 months prior to the date of this Policy:
|Categories of Individuals’ Personal Information||Categories of Third Parties to Which We Shared Personal Information for a Business Purpose|
|Personal identifiers: name, contact details IP address, account and password information for applications and/or accounts; photos||Service providers that assist in providing CRM and relationship management functions; facilitate scheduling and communications; provide security services and cloud-based data storage; assist with other IT-related functions; provide workplace analytics; provide legal and accounting services; host or facilitate teleconferencing or video conferencing services|
|Internet or other electronic network activity information: information we obtain through your interaction with company-owned devices or on our network, including information on your location when using VPN or using mobile devices||Service providers that provide security services and cloud-based data storage; facilitate scheduling and communications; host our website(s) and assist with other IT-related functions, and provide analytics information|
|Professional information: records of your work; records of your performance; records regarding your work location, job title and seniority; personal preferences||Service providers that assist in providing CRM and relationship management functions; facilitate scheduling and communications; provide workplace analytics; provide legal and accounting services|
|Educational information: education history; trade school records; certificates obtained||Service providers that assist in providing CRM and relationship management functions; provide workplace analytics|
|Audio or video information: meeting or presentation recordings; security camera footage||Service providers that provide security services and cloud-based data storage; facilitate communications; host our website(s) and assist with other IT-related functions, and provide analytics information|
|Inferences: drawn from above categories of personal information||Service providers that assist in providing CRM and relationship management functions; provide workplace analytics; provide security services and cloud-based data storage; assist with other IT-related functions|
Business Purposes for Such Disclosures
We disclosed the aforementioned categories of personal information to the categories of third parties identified above for the following purposes: to manage customer, supplier and vendor accounts and relationships; verify consumers’ identities; engage in advertising and marketing; operate our IT systems and secure our systems; prevent fraud and other illegal activities; and to obtain professional advice about legal and accounting matters.
Additional Information About How We May Disclose Personal Information and Purposes for Disclosures
We may also share your personal information as required or permitted by law to comply with a subpoena or similar legal process or government request, or when we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property or the rights, property or safety of others, including to law enforcement agencies, and judicial and regulatory authorities. We may also share your personal information with third parties to help detect and protect against fraud or data security vulnerabilities. And we may share or transfer your personal information to a third party in the event of an actual or potential sale, merger, reorganization of our entity or other restructuring.
You may set your browser to notify you when you receive a cookie. Many web browsers also allow you to block cookies. You can disable cookies from your computer system by following the instructions on your browser or at www.youradchoices.com.
Personal Information of Minors
We do not contract or maintain a business relationship with minors under the age of 16 and do not knowingly collect or sell the personal information of such minors.
Do Not Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals.
How We Keep Your Personal Information Secure
We maintain reasonable security measures appropriate to the nature of the personal information that we collect, use, retain, transfer or otherwise process. Those measures include administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. However, data security incidents and breaches can occur due to a variety of factors that cannot reasonably be prevented; therefore, our safeguards may not always be adequate to prevent all breaches of security.
Changes to This Policy
We will review and update this Privacy Notice as required to keep current with rules and regulations, new technologies and security standards. We will post those changes on the website or update the Privacy Notice modification date below. In certain cases and if the changes are material, you will be notified via email or a notice on our website.
We are committed to ensuring that our communications are accessible to people with disabilities. To make accessibility-related requests or report barriers, please contact us at email@example.com.
CALIFORNIA PRIVACY RIGHTS
If you are a California resident, the California Consumer Privacy Act (“CCPA”) and other laws may provide you with the following rights with respect to your personal information:
Your Right to Know About Personal Information We Collect
We are committed to ensuring that you know what personal information we collect. To that end, you can ask us for the following information from us with respect to the personal information that we have collected about you in the 12 months prior to our receipt of your request:
- Specific pieces of personal information we have collected about you;
- Categories of personal information we have collected about you;
- Categories of sources from which such personal information was collected;
- Categories of personal information that the business sold or disclosed for a business purpose about the consumer;
- Categories of third parties to whom the personal information was sold or disclosed for a business purpose; and
- The business or commercial purpose for collecting or selling your personal information.
Your Right to Request Deletion of Personal Information We Have Collected From You
Upon your request, we will delete the personal information we have collected about you, except for situations where the law authorizes us to retain specific information, including when it is necessary for us to operate our business and support your functioning as our employee or contractor; perform a contract we entered into with you; for other internal uses; to maintain the functionality or security of our systems; or to comply with or exercise rights provided by the law.
Your Right to Request to Correct Personal Information We Hold About You
You have the right to request that we correct personal information we hold that you believe is not accurate. We will take steps to determine the accuracy of the personal information that is the subject of your request to correct, and in doing so will consider the totality of the circumstances relating to the personal information you have identified as being incorrect. We may ask that you provide documentation regarding your request to correct in order to assist us in evaluating the request.
Our Commitment to Honoring Your Rights
Exercising Your Rights and How We Will Respond
To exercise your access or deletion rights, or to ask a question about your data subject rights, contact us at 800-229-0364 or firstname.lastname@example.org.
We will first acknowledge receipt of your request within 10 business days of receipt of your request. We will then provide a substantive response to your request as soon as we can, generally within 45 days from when we receive your request, although we may be allowed to take longer to process your request under certain circumstances.
We usually act on requests and provide information free of charge, but we may charge a reasonable fee to cover our administrative costs of providing the information in certain situations.
In some cases, the law may allow us to refuse to act on certain requests. When this is the case, we will endeavor to provide you with an explanation as to why.
Verification of Identity – Requests to Know, Delete or Correct
We will ask you for two or three pieces of personal information and attempt to match those to information that we maintain about you.
If we are unable to verify your identity with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of the denial.
You may designate an agent to submit requests on your behalf. The agent can be a natural person or a business entity that is registered with the California Secretary of State.
If you would like to designate an agent to act on your behalf, you and the agent will need to comply with our verification process. Specifically, if the agent submits requests to access, know or delete your personal information, the agent will need to provide us with your signed permission indicating the agent has been authorized to submit the request on your behalf. We will also require that you verify your identity directly with us or confirm with us that you provided the agent with permission to submit the request.
Please note that this subsection does not apply when an agent is authorized to act on your behalf pursuant to a valid power of attorney. Any such requests will be processed in accordance with California law pertaining to powers of attorney.