CONORA CREDIT INC. PRIVACY NOTICE

This Privacy Notice (“Privacy Notice”) explains how Concora Credit Inc. and its subsidiaries (collectively, “company,” “we,” or “us,” or “our”) collect personal information from business contacts who have a business relationship with us. This Privacy Notice supplements other privacy notices you may receive in connection with your relationship with us and applies when we are interacting or processing your personal information, including in a business capacity.

This Privacy Notice does not cover the personal information we collect about employees, independent contractors or job applicants.

Notice at Collection: Personal Information We Collect and Have Collected in the Past 12 Months – Sources and Categories.

In the 12 months preceding the date of this Privacy Notice, we collected your personal information when you engaged with us on behalf of your employer, company with whom you have a business relationship or yourself when acting as a business entity; when you interacted with us at an event, conference, association, or other similar gathering; when you communicated with us online about products and/or services that we offer on behalf of financial institutions; when you engaged in a contract with us. We will continue to collect personal information from the same sources.

The categories of personal information we collected from these sources during the 12 months preceding the date of this Privacy Notice and will continue to collect, include the following:

• Personal identifiers: name, contact details IP address, account and password information for applications and/or accounts; photos
• Internet or other electronic activity information: information we obtain through your interaction with our network, tools, or applications, including information on your location when using VPN or using mobile devices
• Professional information: records of your work; records of your performance; records regarding your work location, job title and seniority; personal preferences
• Educational information: education history; trade school records; certificates and diplomas obtained
• Audio or video information: meeting or presentation recordings; security camera footage
• Inferences drawn from the above categories of personal information

Notice at Collection: Purposes for Collection of Personal Information

We use your personal information to undertake the following:

• To carry out administrative operations relating to agreements, orders, receipt of deliveries, invoices, payments, accounting in relation to customer accounts management, etc.
• To manage communications and account use including authorizing, granting and administering access to or use of our systems, facilities, devices and records;
• For network and system security and access-related issues, including by protecting the company by monitoring internet access and use and emails transmitted;
• Managing customer relationship information, including records of services provided;
• To send you marketing communications regarding our services and products
• For health and safety purposes;
• To investigate and resolve complaints;
• For our insurance purposes;
• To comply with any applicable law, court order, other judicial process, or the requirements of a regulator;
• To enforce our legal rights and obligations, and for any purposes in connection with any legal claims made by, against or otherwise involving you;
• To protect the rights of third parties;
• In contemplation of and/or in connection with a business transaction such as a merger, or a restructuring, or sale; and
• Any other purposes relating to carrying out our business or where you provide consent.

Notice at Collection: Retention Periods

We retain the categories of personal information we collect for the length of time necessary to provide our Services and to comply with legal obligations or to protect our legal rights.

Use or Disclosure of Sensitive Personal Information

We do not use or disclose sensitive personal information to create profiles about individuals or for any purposes other than providing our Services.

Disclosure of Personal Information for Business Purposes in the Past 12 Months

The following chart describes the categories of personal information we disclosed to third parties for a business purpose in the 12 months prior to the date of this Policy:

Business Purposes for Such Disclosures

We disclosed the aforementioned categories of personal information to the categories of third parties identified above for the following purposes: to manage customer, supplier and vendor accounts and relationships; verify consumers’ identities; engage in advertising and marketing; operate our IT systems and secure our systems; prevent fraud and other illegal activities; and to obtain professional advice about legal and accounting matters.

Additional Information About How We May Disclose Personal Information and Purposes for Disclosures

We may also share your personal information as required or permitted by law to comply with a subpoena or similar legal process or government request, or when we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property or the rights, property or safety of others, including to law enforcement agencies, and judicial and regulatory authorities. We may also share your personal information with third parties to help detect and protect against fraud or data security vulnerabilities. And we may share or transfer your personal information to a third party in the event of an actual or potential sale, merger, reorganization of our entity or other restructuring.

Our Use of Cookies and Analytics

We may use cookies, pixel tags, web beacons and other similar tracking technologies (“tracking technologies”) to automatically collect information through our website. Tracking technologies are essentially small data files placed on your computer, tablet, mobile phone, or other devices that record certain pieces of information when you visit our website. We may use these tracking technologies to help identify irregular behavior, prevent fraudulent activity and improve security, as well as making it possible for you to save your preferences and help us understand how you interact with our website.

You may set your browser to notify you when you receive a cookie. Many web browsers also allow you to block cookies. You can disable cookies from your computer system by following the instructions on your browser or at www.youradchoices.com.

We use Google Analytics to evaluate the use of our website. Google Analytics uses cookies and other identifiers to collect information, such as how often users visit a Site, what pages they visit when they do so, and what other websites they visited prior to visiting our Site. For information about Google’s privacy practices, please refer to the Google Privacy Policy: https://policies.google.com/privacy?hl=en-US#infocollect.

Personal Information of Minors

We do not contract or maintain a business relationship with minors under the age of 16 and do not knowingly collect or sell the personal information of such minors.

Do Not Track Signals

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals.

How We Keep Your Personal Information Secure

We maintain reasonable security measures appropriate to the nature of the personal information that we collect, use, retain, transfer or otherwise process. Those measures include administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. However, data security incidents and breaches can occur due to a variety of factors that cannot reasonably be prevented; therefore, our safeguards may not always be adequate to prevent all breaches of security.

Changes to This Policy

We will review and update this Privacy Notice as required to keep current with rules and regulations, new technologies and security standards. We will post those changes on the website or update the Privacy Notice modification date below. In certain cases and if the changes are material, you will be notified via email or a notice on our website.

Accessibility

We are committed to ensuring that our communications are accessible to people with disabilities. To make accessibility-related requests or report barriers, please contact us at caprivacynotice@concoracredit.com.

Contact Us

If there are any questions regarding this Privacy Policy or to request a copy of this Privacy Policy in another format you may contact us at caprivacynotice@concoracredit.com.

CALIFORNIA PRIVACY RIGHTS

If you are a California resident, the California Consumer Privacy Act (“CCPA”) and other laws may provide you with the following rights with respect to your personal information:

Your Right to Know About Personal Information We Collect

We are committed to ensuring that you know what personal information we collect. To that end, you can ask us for the following information from us with respect to the personal information that we have collected about you in the 12 months prior to our receipt of your request:

• Specific pieces of personal information we have collected about you;
• Categories of personal information we have collected about you;
• Categories of sources from which such personal information was collected;
• Categories of personal information that the business sold or disclosed for a business purpose about the consumer;
• Categories of third parties to whom the personal information was sold or disclosed for a business purpose; and
• The business or commercial purpose for collecting or selling your personal information.

Your Right to Request Deletion of Personal Information We Have Collected From You

Upon your request, we will delete the personal information we have collected about you, except for situations where the law authorizes us to retain specific information, including when it is necessary for us to operate our business and support your functioning as our employee or contractor; perform a contract we entered into with you; for other internal uses; to maintain the functionality or security of our systems; or to comply with or exercise rights provided by the law.

Your Right to Request to Correct Personal Information We Hold About You

You have the right to request that we correct personal information we hold that you believe is not accurate. We will take steps to determine the accuracy of the personal information that is the subject of your request to correct, and in doing so will consider the totality of the circumstances relating to the personal information you have identified as being incorrect. We may ask that you provide documentation regarding your request to correct in order to assist us in evaluating the request.

Our Commitment to Honoring Your Rights

If you exercise any of the rights explained in this Privacy Policy, we will continue to treat you fairly. If you exercise your rights under this Privacy Policy, you will not be denied or charged different prices or rates for goods or services, or provided a different level or quality of goods or services than others.

Exercising Your Rights and How We Will Respond

To exercise your access or deletion rights, or to ask a question about your data subject rights, contact us at 800-229-0364 or caprivacynotice@concoracredit.com.

We will first acknowledge receipt of your request within 10 business days of receipt of your request. We will then provide a substantive response to your request as soon as we can, generally within 45 days from when we receive your request, although we may be allowed to take longer to process your request under certain circumstances.

We usually act on requests and provide information free of charge, but we may charge a reasonable fee to cover our administrative costs of providing the information in certain situations.

In some cases, the law may allow us to refuse to act on certain requests. When this is the case, we will endeavor to provide you with an explanation as to why.

Verification of Identity – Requests to Know, Delete or Correct

We will ask you for two or three pieces of personal information and attempt to match those to information that we maintain about you.

If we are unable to verify your identity with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of the denial.

Authorized Agents

You may designate an agent to submit requests on your behalf. The agent can be a natural person or a business entity that is registered with the California Secretary of State.

If you would like to designate an agent to act on your behalf, you and the agent will need to comply with our verification process. Specifically, if the agent submits requests to access, know or delete your personal information, the agent will need to provide us with your signed permission indicating the agent has been authorized to submit the request on your behalf. We will also require that you verify your identity directly with us or confirm with us that you provided the agent with permission to submit the request.

Please note that this subsection does not apply when an agent is authorized to act on your behalf pursuant to a valid power of attorney. Any such requests will be processed in accordance with California law pertaining to powers of attorney.

Return to Top of Page  ▲