OpengateTPV Statement of California Consumer Privacy Act (CCPA) Compliance

At OpengateTPV (“OpengateTPV”), we take your privacy seriously. OpengateTPV’s general privacy policies are published on its website at OpengateTPV.com/privacy-policy. This Statement of CCPA Compliance (the “Statement”) provides additional information regarding how OpengateTPV complies with the California Consumer Privacy Act (CCPA). If you are a OpengateTPV customer, by using or accessing our products or services you acknowledge that you accept the practices and policies outlined in this Statement. For California-based consumers, this Statement provides the information for you to exercise your privacy rights under the CCPA.

About Personal Information and Privacy

As part its business operations, OpengateTPV obtains personal consumer information (hereafter, ‘Personal Data’) as this is defined by the California Consumer Privacy Act (CCPA) and other similar privacy laws. OpengateTPV does not itself collect consumer Personal Data. All such information obtained, stored, and used by OpengateTPV is derived through contractual relationships with third-party vendors. These third-party vendors collect the Personal Data and provide it to OpengateTPV. OpengateTPV provides access to some of this information to its customers.

OpengateTPV’s Sources of Consumer Personal Information

At present, OpengateTPV obtains consumer Personal Data from the following third-party vendors:


• FullContact Inc. (www.fullcontact.com)

• IPONWEB Limited (www.iponweb.com)

• Veraset LLC (www.veraset.com)


Any consumer Personal Data in the possession of OpengateTPV and provided to its users is the exclusive, proprietary property of these third-party vendors. Consequently, requests from consumers to exercise their privacy rights regarding this Personal Data under the CCPA and other such laws—e.g. to obtain a summary of their Personal Data, a copy of the information, to have that information deleted, and/or to opt out of the sale of their Personal Data—can only be fulfilled by the third-party vendors who provide OpengateTPV this information. In this Statement we have included links to web pages of these third-party vendors so that California consumers may exercise these rights.

What this Statement Covers

This Statement covers how we treat Personal Data that we obtain from our third-party vendors. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or Personal Data under applicable data privacy laws, rules, or regulations.

OpengateTPV’s Statement of CCPA Compliance does not cover the practices of companies we don’t own or control or people we don’t manage, such as the third-party vendors from whom we obtain consumer Personal Data referenced above.

Categories of Personal Data We Use

The following chart details the categories of Personal Data that we have obtained, used, and provided to our customers over the past twelve (12) months. Throughout this Statement, we will refer back to the categories of Personal Data listed in this chart (for example, “Category A. Personal identifiers”).

Category of Personal DataPersonal Data CollectedWhat is the source of this Personal Data?

A. Personal identifiers

Examples: Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number or other similar identifiers.

Unique personal identifier, online identifier, IP address, email address.

Third Parties.

B. Customer records identified by state law

(Including the California Customer Records statute (Cal. Civ. Code 1798.80(e))) Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number or any other financial information, medical information or health insurance information.

We do not obtain or use this category of Personal Data.

Third Parties.

C. Protected classification characteristics under state or federal law

Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status or genetic information (including familial genetic information).

Age, race, gender.

Third Parties.

D. Commercial information

Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

We do not obtain or use this category of Personal Data.

Third Parties.

E. Biometric information

Examples: Genetic, physiological, behavioral, and biological characteristics or identifying activity patterns, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health or exercise data.

We do not obtain or use this category of Personal Data.

Third Parties.

E. Biometric information

Examples: Genetic, physiological, behavioral, and biological characteristics or identifying activity patterns, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health or exercise data.

We do not obtain or use this category of Personal Data.

Third Parties.

F. Internet or other similar network activity information

Examples: Browsing history, search history, or information on a consumer's interaction with a website, application or advertisement.

Browsing history, search history, interaction with a website, application, or advertisement.

Third Parties.

G. Geolocation data

Examples: Physical location or movements.

Physical location and movements.

Third Parties.

H. Sensory data

Examples: Audio, electronic, visual, thermal, olfactory or similar information.

We do not obtain or use this category of Personal Data.

Third Parties.

I. Professional or employment-related information

Examples: Current or past job history or performance evaluations.

We do not obtain or use this category of Personal Data.

Third Parties.

J. Non-public education information

(per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records.

We do not obtain or use this category of Personal Data.

Third Parties.

K. Inferences drawn from other personal information

Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.

Person’s preferences, psychological trends, behavior, attitudes, intelligence, abilities, and aptitudes.

Third Parties.

L. Age or date of birth

Age

Third Parties.

M. Special categories of data under the EU General Data Protection Regulation

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; genetic data or biometric data processed for the purpose of uniquely identifying a natural person; data concerning health; or data concerning a natural person’s sex life or sexual orientation.

We do not obtain or use this category of Personal Data.

Third Parties.

N. Personal Data about children under the age of 16

This includes any type of Personal Data that relates to someone under the age of 16.

We do not obtain or use this category of Personal Data.

Third Parties.

How We Use Your Personal Data

We use Personal Data to provide services to our clients for the following purposes:


• To personalize advertisements, offers, and/or website content and communications based on your preferences.

• To improve and develop the Services, including testing, research, analysis, and product development.

• To protect against or deter fraudulent, illegal, or harmful actions and maintain the safety, security, and integrity of our Services.

• To comply with our legal or contractual obligations and resolve disputes.

• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

• For any other business purpose stated as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act (the “CCPA”).


We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes.

How We Share Your Personal Data - Disclosures of Personal Data for a Business Purpose

We disclose your Personal Data to our clients for the following business purposes:


• Short-term, transient use of Personal Data that is not used by another party to build a consumer profile or otherwise alter your consumer experience outside the current interaction.

• Performing services on our behalf, including; maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider

• Undertaking internal research for technological development and demonstration.


OpengateTPV discloses Personal Data it obtains from its third-party vendors only to its clients. Our clients use that data in advertising campaigns and as an analytical tool. OpengateTPV has two categories of clients who use this data:


• Direct Clients: OpengateTPV customers who use Personal Data from the OpengateTPV platform to directly advertise to their own customers.

• Consultants and/or Advertiser Clients: OpengateTPV customers who use the Personal Data from the OpengateTPV system on behalf of their clients, who themselves use the OpengateTPV platform to directly advertise their customers.

How We Share Your Personal Data - Sales of Personal Data

We sell your Personal Data to the following categories of third parties:


• Advertisers


Over the past twelve months, we have sold the following categories of your Personal Data to third parties:


•• Personal identifiers.

•• Customer records identified by state law.

•• Protected classification characteristics under state or federal law.

•• Commercial information.

•• Internet or other similar network activity information.

•• Geolocation data.

•• Professional or employment-related information.

•• Non-public education information.

•• Inferences drawn from other Personal Data.

•• Age or date of birth.

•• Special categories of data under the EU General Data Protection Regulation.

Data Security and Retention

We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational, and administrative security measures based on the type of Personal Data and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your information in our possessions please be aware that no method of transmitting data over the Internet or storing data is completely secure. We cannot guarantee the complete security of any data we have obtained from our third-party vendors and except as expressly required by law, we are not responsible for the theft, destruction, loss or inadvertent disclosure of your information or content.

Personal Data of Children

We do not knowingly collect or solicit Personal Data from children under 16. For further details on our privacy policies regarding data from children under 16, please see our general privacy policy published on the OpengateTPV website at www.opengatetpv.com/privacy-policy.

California Resident Consumers’ Personal Data Rights

If you are a California resident, you have the rights outlined in this Statement. As given earlier in this Statement, OpengateTPV does not directly collect or control your Personal Data for the purposes of exercising your rights under the CCPA. If you have any questions about this section or any issues regarding your rights, please contact OpengateTPV at ‘webmaster “at” opengatetpv.com’.


Under the CCPA, and other similar privacy laws, you have the following rights regarding your Personal Data:


• To obtain a summary of your Personal Data.

• To obtain a copy of your Personal Data information.

• To have your Personal Data deleted.

• To opt out of the sale of your Personal Data.

• To prevent disclosure of your Personal Data to third parties.

• Any other Personal Data rights as provided for in the California Consumer Privacy Act.

Exercising Your Personal Data Rights

To exercise the rights described above you must contact OpengateTPV’s third-party vendors, who are the source of any Personal Data that OpengateTPV may possess. Links to the appropriate webpages for each of these vendors are provided below.

In general, when you submit a request please ensure that (1) it provides sufficient information to allow the vendor to verify that you are the person about whom they have collected Personal Data, and (2) it describes your request in sufficient detail to allow them to understand, evaluate, and respond to it. Any request that meets both of these criteria will be considered by them a “Valid Request.” They may not respond to requests that do not meet these criteria. They will only use Personal Data provided in a Valid Request to verify you and complete your request. You do not need an account to submit a Valid Request.

Generally, our third-party vendors will work to respond to your Valid Request within 45 days of receipt. They will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If they determine that your Valid Request warrants a fee, they should notify you of the fee and explain that decision before completing your request.


OpengateTPV Third-Party Vendors to Contact to Exercise Your Personal Data Rights

• Throtle - www.Throtle.io/data-privacy-manager/

• IPONWEB Limited - www.iponweb.com/ccpa-privacy-center/

• Veraset LLC - www.veraset.com/ccpa-privacy-policy


You must contact one or all of these vendors in order to exercise any of the rights enumerated above.

Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, your choices and rights regarding such use, please do not hesitate to contact us at ‘webmaster “at” opengatetpv.com’ or www.opengatetpv.com/contact.