Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer or device (“Personal Information”). Personal Information does not include (i) publicly available information that is lawfully made available to the general public by way of federal, state, or local government records; (ii) de-identified or aggregated consumer information; and (iii) information excluded from the CCPA’s scope, like: (a) health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data, and (b) Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
We have collected the following categories of Personal Information from Consumers within the last twelve (12) months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES|
|B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.||YES|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||YES|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||YES|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES|
|G. Geolocation data.||Physical location or movements.||YES|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||YES|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||YES|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences drawn from other Personal Information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||YES|
We obtain the categories of Personal Information listed in the table above from the following categories of sources:
Directly from You. For example, (i) if you visit our websites, respond to a survey, participate in a telephone interaction, fill out a registration form, complete employer-employee or benefit-related forms, or otherwise interact with us on a professional basis, (ii) if you fill out a form or communicate with us through one of our websites to receive information about our business to business services or to schedule a demonstration of our online, media, marketing, or data services products or programs, (iii) if you expressed interest in being contacted by us at a trade show in which we participated or hosted, (iv) if you have retained our firm, through electronic or written banking, checking, wire transfer, or other forms of payment information, as well as information regarding personal information and protected health information relating to our services, and (v) other health or medical information relating to employee benefit administration, onboarding, or other traditional employee-employer relationships and documentation.
Directly from our Clients or their agents. For example, from documents or files that our Clients provide to us including, but not limited to, claim, health, medical, payment, or other information used in the scope of professional services, whether through website/Internet portals or protocols, and other forms of electronic or hard copy submissions and transmissions.
Indirectly from our Clients or their agents. For example, through information we collect from our Clients in the course of providing services to them, client clearinghouses, investigators, consultants, or vendors.
Directly and indirectly from activity on our websites or Internet Portals. For example, from observing your actions on our websites or Internet Portals, through exchanges of information regarding our professional services, trainings, marketing efforts, or other routine business operations.
From Third Parties that contract with us or interact with us in connection with the services we perform. For example, from (i) vendors and partners that help us to build contact lists, supplement or update your information in our database, or confirm/verify our records and information are accurate and up to date, (ii) third parties that may contact you, on our behalf, to provide you relevant content and/or to become a member, or (iii) third parties (including, other B2B contact providers) that integrate their services with ours or provide us access to their services.
USE OF PERSONAL DATA COLLECTED
LFLM may also use the personal data it collects for internal purposes, namely, for solving technical problems, calculating overall usage statistics, for internal marketing and promotional purposes, product development, and content improvement. LFLM will not disclose to third parties any individually identifying information, such as names, postal and e-mail addresses, telephone numbers, and other personal information which users voluntarily provide to LFLM, except to the extent necessary to comply with applicable laws or legal processes (e.g., subpoenas, regulatory requests or investigations), or to protect the rights or property of LFLM. LFLM will cooperate with law enforcement authorities around the world.
LFLM will also use and disclose personal data and information, with respect to files or claims it is managing, to carry out its professional functions as the provider of legal services to its clients, which may includes the sharing or transmission of data and information to vendors, clients, consultants, employers, and other parties legally or operationally interested in the cases and matters for which we have been retained.
LFLM will also use and disclosure personal data and information, in its role as a corporation and employer, to meet its business, regulatory, or other required operational functions, and disclose such information to regulators, insurers, vendors, or others as may be reasonable or necessary to carry out its corporate or employer-related functions.
In the preceding twelve (12) months, LFLM has disclosed information from each of the categories of collected Personal Information set forth above for a business purpose in a manner authorized by law, contract, or extended authorization. We have not, however, sold any personal information for the benefit of LFLM.
Your Rights and Choices
The CCPA provides consumers (California residents) with certain rights regarding their Personal Information. This section describes your CCPA rights and how to exercise those rights.
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:
You have the right to request that we delete any of your Personal Information that we collected from you and retained in our databases, subject to certain exceptions, including our legal obligation to retain such information by law, statute, or duty to our clients in carrying out our professional services. Once we receive and confirm your verifiable consumer request, we will delete (and direct our Service Providers to delete) your Personal Information from our records, unless an exception applies, unless it falls within an applicable exception.
In addition to the foregoing reasons for not deleting your information, we may also deny your deletion request if retaining the information is necessary for us or our Service Providers to:
To exercise the access, data portability, and deletion rights described above, please submit a verifiable request to us using one of the following options – via email at: email@example.com, call us at (925) 499-4999 or postal mail to LFLM One Capitol Mall, Suite 400, Sacramento, CA 95814. Only you or a person registered with the California Secretary of State who you authorize to act on your behalf may make the request. We will then seek to promptly use reasonable methods to verify your request including, for example, comparing the email address you used to affiliate with LFLM or affiliated third party website.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Because we do not sell personal information, there are no opt-out rights on this basis.
Where required under applicable data privacy rights, however, LFLM will not send promotional materials unless you have opted-in to receive these communications. Users may at any time opt out of having their personal information used by LFLM to send promotional correspondence to the user, by contacting LFLM via any of the contact methods noted herein.
LFLM has implemented, and will continue to implement, security features to prevent the unauthorized release of or access to personal information, although LFLM cannot guarantee the confidentiality of any communication or material transmitted to/from LFLM via the Site or e-mail. Accordingly, LFLM is not responsible for the security of information transmitted via the Internet. For more private communication, users can contact LFLM by telephone at the main office and direct line telephone numbers provided on the Site.
ACCESS TO AND ABILITY TO CORRECT PERSONAL DATA
Upon request via postal mail, e-mail, or telephone, LFLM will provide to users a summary of any personally identifiable information retained by LFLM regarding the user. Users may modify, correct, change or update personally identifiable information that LFLM has collected by the Site or may request that their personal record to be removed from LFLM’s database by contacting LFLM via postal mail, e-mail, or the telephone number indicated in the section above.
COLLECTION OF PERSONAL DATA FROM CHILDREN
LFLM does not knowingly solicit information from children (under the age of 16) and we do not knowingly market the Site or its services to children. No one under the age of 16 should submit any personal information to LFLM and/or the Site.
LFLM’S RIGHT TO CONTACT VISITOR/SUBSCRIBER
We will not discriminate against you for exercising any of your CCPA rights. We may choose in the future to offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects.
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our websites that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send us an electronic message at firstname.lastname@example.org.
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will provide a notice of the change on our website, by way of change to the access link (“Updated Privacy Notice”) for 60 days, and by updating our internal Change Log.
Laughlin, Falbo, Levy & Moresi, LLP.