AdMergeX Privacy
Policy
Effective
Date:
August 1, 2025
Welcome to the AdMergeX official website (URL: https://www.admergex.com/, hereinafter referred to as the "Website"). AdMergeX (hereinafter referred to as "we," "us," or "our") is the operator of the Mediatom Monetization SaaS & Services Platform, MergeX Ad Exchange SaaS Platform, and MedPro Intelligent Ad Serving Platform (hereinafter referred to as the "Mediatom Platform," "MergeX Platform," and "MedPro Platform," respectively). We fully recognize the importance of personal information to you and will take all reasonable measures to ensure the security and reliability of your personal information. We are committed to maintaining your trust and will process your personal information in accordance with the principles of legality, propriety, necessity, and good faith.
This Privacy Policy (hereinafter referred to as "this Policy") is designed to help you fully understand how we collect, use, store, share, and transfer your information when you visit the Website, as well as the methods we provide for you to access, update, delete, and protect such information.
If you are under 18 years of age or do not meet the legal age required to use the Website in your place of residence, or if there are other circumstances where you do not meet the legal requirements for user behavior, please read this policy under the guidance of a guardian and ensure that the guardian consents to the content of this Policy before using the Website.
Before visiting the Website, please carefully read this Policy and fully understand the content of each clause. You may make choices you deem appropriate in accordance with the guidance provided in this Policy. We have attempted to use concise language for relevant terms in this Policy to facilitate your understanding. If you have any questions, please contact us.
This Policy will help you understand the following:
1. Who We Are
2. How We Collect and Use Your Personal Information
3. Cookies and Similar Technologies
4. International Data Transfers
5. Sharing of Personal Information with Third Parties
6. How We Protect Your Personal Information
7. Data Retention Period
8. Automated Decision-Making Explanation
9. How You Can Manage Your Personal Information
10. How We Process Minors’ Personal Information
11. Policy Updates
12. Contact Us
13. Data Breach Response Mechanism
14. Other
15. EEA+ Privacy Statement
16. Privacy Statement for Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, or California
1. Who We Are
AdMergeX (which operates the Mediatom Platform, MergeX Platform, and MedPro Platform) is an enterprise focused on ad monetization services, registered in Hong Kong (registered address: Room 602, Block 6, Qiru Commercial Building, 2C Argyle Street, Mong Kok, Hong Kong).
This Website is the official brand website of AdMergeX, primarily used to display brand information, introduce services of platforms such as Mediatom, and provide channels for cooperation inquiries. It does not directly provide core platform services (for privacy rules related to services of platforms like Mediatom, please refer to the separate privacy policies publicly available on those platforms).
1.1 Scope of Application
- Website Visitors: Individuals or corporate users who access the AdMergeX official website;
- Inquiry Users: Individuals or corporate users who submit cooperation inquiries or product questions about platforms such as Mediatom through the Website;
- Event Participants: Individuals or corporate users who participate in industry surveys, online seminars, and other events hosted on the Website.
1.2 Contact Information
Data Protection Officer: marketing@admergex.com
(For privacy-related inquiries about platforms such as Mediatom, please refer to the dedicated contact information in the privacy policies of those platforms.)
2. How We Collect and Use Your Personal Information
We will collect and use your personal information in accordance with the principles of propriety, legality, and necessity for the purposes stated in this Policy. This includes personal information you actively provide when visiting the Website, personal information generated from your visit to the Website, and relevant personal information we obtain from third parties.
If we need to use your personal information for purposes not specified in this Policy, or use information collected for a specific purpose for another purpose, we will notify you in a reasonable manner and obtain your consent again before such use.
We adhere to the "principle of minimum necessity" and do not collect sensitive personal information (such as biometric data, medical and health information, religious beliefs, etc.).
2.1 Directly Collected Information
|
Scene |
Data Type |
Collection Method |
Example Explanation |
|
Submission of Cooperation Inquiries |
Name, contact phone number, email address, name of affiliated company |
User actively fills out a formn |
Used to respond to cooperation needs for platforms such as Mediatom and provide feedback on inquiry results |
|
Event Registration (e.g., Seminars) |
Name, email address, corporate position, number of participants |
User actively submits registration information |
Used to send event notifications and confirm registration eligibility |
|
Customer Service Communication |
Contact information, Communication content |
User proactively initiates inquiries (via email/form) |
Used to log service tickets and resolve Website usage issues or product questionse |
|
Subscription to Updates (e.g., Industry News) |
Email address |
User actively checks the subscription option |
Used to regularly send ad industry news and update notifications for platforms such as Mediatom |
2.2 Indirectly Collected Information
|
Scene |
Data Type |
Source |
Example Explanation |
|
Website Visit Analysis |
Device model, browser type, IP address, browsing records (page paths, duration of stay) |
Cookies and web logs |
Used to count Website traffic and optimize page layout (e.g., adjusting the position of the "Cooperation Inquiry" section) |
|
Technical Adaptation Optimization |
Screen resolution, network type (Wi-Fi/4G) |
Automatic feedback from devices |
Used to ensure the Website’s compatibility on mobile phones, computers, and other devices and avoid layout errors |
|
Security Protection |
IP address, access time, records of abnormal operations (e.g., repeated form submissions within a short period) |
Server logs |
Used to identify malicious access, block bot attacks, and ensure the stable operation of the Website |
2.3 Notes on Information Use
The Website-related information we collect is only used to respond to inquiry needs, optimize Website experience, ensure operational security, and meet compliance requirements. It is not used for core transaction services of the Mediatom Platform (such as ad serving and traffic settlement).
3. Cookies and Similar Technologies
3.1 We may use COOKIES or similar technologies to obtain and use your information, and store such information as log data.
3.2 A COOKIE is a small amount of data sent from a web server to your browser and stored on your computer’s hard drive. We use COOKIES to enhance your experience when visiting the Website—for example, remembering that you have closed the "Privacy Policy Pop-up" to avoid repeated pop-ups during subsequent visits.
3.3 COOKIES enable us to provide better and more efficient services to you and make your Website visit experience more personalized. You can refuse or manage COOKIES or similar technologies through your browser settings or user preference tools. However, please note that disabling COOKIES or similar technologies may prevent us from providing you with the optimal Website experience, and certain functions (such as form submission) may not work properly.
3.4 We use Cookies for the following purposes:
|
Type |
Purpose |
Management Method |
|
Necessary Cookies |
Maintain login status for update subscription accounts and save language preferences |
Cannot be disabled; otherwise, some Website services will be unavailable |
|
Analytical Cookies |
Count Website traffic and optimize page layout (e.g., adjusting the position of frequently visited sections) |
Consent is requested via a pop-up upon first visit and can be withdrawn at any time |
|
Advertising Cookies |
Personalized ad recommendations |
Requires separate authorization, can be turned off through preference center |
|
Functional Cookies |
Record the status of the "Privacy Policy Pop-up" you have closed |
Can be deleted via browser settings; after deletion, you will need to reconfirm the Privacy Policy during your next visit |
4. International Data Transfers
In principle, personal information you provide through the Website is stored within the territory of the People’s Republic of China. If international data transfer is necessary (e.g., for international cooperation inquiries), we will:
4.1 Complete the security assessment conducted by the national cyberspace administration;
4.2 Obtain your separate consent via pop-ups or SMS, and inform you of the purpose of the transfer, the type of data, and information about the recipient;
4.3 Sign a data protection agreement with the recipient to clarify its obligations and responsibilities for information protection.
5. Sharing of Personal Information with Third Parties
5.1 We share your Website-related personal information in accordance with the principles of "legality, propriety, minimum necessity, and clear purpose." We will conduct a Personal Information Protection Impact Assessment (PIA) for any personal information sharing activities, and take effective technical protection measures for the output format, circulation, and use of the data. At the contractual level, we strictly require partners to assume information protection obligations and responsibilities, and sign data security protection agreements with business partners prior to cooperation.
5.2 We do not sell personal information. We only share personal information in the following scenarios:
|
Sharing Object |
Data Type |
Purpose |
Safety and Security |
|
Cloud Service Provider |
Website access logs, non-sensitive inquiry records (excluding contact information) |
Website server hosting and data storage |
Sign data processing agreements, restrict use to Website-related services only, and conduct regular security audits |
|
Email Service Providers |
Subscribers’ email addresses, update content |
Sending industry news and event notifications |
Provide only necessary email information, use TLS encryption for data transmission, and prohibit data retention |
|
Judicial Authorities |
All relevant data types |
Assisting in investigations |
Strictly verify the legality of legal documents |
6. How We Protect Your Personal Information
We attach great importance to the security of personal information you provide through the Website. To this end, we have adopted industry-standard security technologies, organizational management measures to minimize the risks of your information being leaked, damaged, misused, accessed without authorization, disclosed without authorization, or altered. We take the following measures to ensure data security:
6.1 Technical Measures
(1) Data Transmission: Adopt TLS 1.3 encryption technology (the Website displays the "https" identifier);
(2) Data Storage: Use SHA-256 hash processing for sensitive fields (such as contact phone numbers and email addresses);
(3) Access Control: Implement the RBAC (Role-Based Access Control) model and maintain audit trails for all operations.
6.2 Management Measures
(1) We conduct security and privacy protection training courses to enhance employees’ security awareness and understanding of personal information protection policies and procedures;
(2) Conduct annual penetration testing and vulnerability remediation to simulate high-risk attacks and identify Website security vulnerabilities;
(3) Develop the Website Data Security Incident Emergency Response Plan to clarify the handling procedures and responsibility allocation for information security incidents.
6.3 Disclaimer
Please note that while we will make every effort to ensure the security of any information you send to us, the Internet environment is not 100% secure. We shall not be liable for any risks or losses arising from or related to information security incidents caused by factors beyond our control, such as your own operational errors (e.g., leaking form verification codes) or third-party attacks.
6.4 Notification of Security Incidents
In the event of a personal information security incident, we will promptly notify you in accordance with legal requirements, including: the basic details of the security incident and its potential impact, the measures we have taken or will take to address it, recommendations for you to independently prevent and mitigate risks, and remedial measures for you. We will notify you of relevant incident details via email, letter, phone call, push notification, or other means. If it is impracticable to notify each individual data subject, we will issue a public announcement through reasonable and effective channels. At the same time, we will report the handling of the personal information security incident to the regulatory authorities in accordance with their requirements.
7. Data Retention Period
|
Data Type |
Retention Period |
Processing Method |
|
Cooperation Inquiry Records, Event Registration Information |
Retained for 1 year from the date of inquiry closure/event conclusion |
Anonymized upon expiration (identifiable fields are removed, only aggregated statistical data is retained) |
|
Subscribers’ Email Addresses |
Retained for 30 days from the date of unsubscription |
Deleted upon expiration to avoid unintended notifications |
|
Information Required by Law to Be Retained (e.g., Regulatory Audit Logs) |
Retained for the period specified by applicable laws (maximum 5 years) |
Encrypted for archiving and destroyed upon expiration |
8. Automated Decision-Making Explanation
8.1 Currently, the AdMergeX official website does not use automated decision-making technologies (such as algorithm-based recommendations or automatic prioritization of inquiries). If such functions are added in the future, we will:
(1) Issue an announcement on the Website to specify the rules and scope of impact of automated decision-making;
(2) Provide you with a channel to request manual review of decision results (e.g., a customer service appeal portal);
(3) Allow you to opt out of services based solely on automated decision-making (identity verification is required).
(4) Your Rights:
① Request manual review of decision results through the appeal portal;
② Opt out of services based solely on automated decision-making (identity verification is required).
9. How You Can Manage Your Personal Information
9.1 We attach great importance to your ability to manage your personal information and make every effort to protect your statutory rights to access, correct, delete, and withdraw consent regarding Website-related personal information, enabling you to fully protect your privacy and personal information security.
9.2 Except as required by law, you have the right to access and correct your personal information at any time. For other personal information generated during your visit to the Website that you wish to access or correct, please contact us at any time. We will respond to your request in the manner and within the timeframe specified in this Policy.
9.3 Deletion of Your Personal Information
You may request the deletion of your personal information in the following circumstances:
(1) If our processing of your personal information violates laws or regulations;
(2) If you no longer require Website-related services (e.g., canceling a cooperation inquiry);
(3) If we discontinue the provision of Website-related functions;
(4) If you withdraw your consent;
(5) If the purpose of processing your personal information has been achieved, cannot be achieved, or is no longer necessary for achieving the processing purpose.
9.4 Withdrawal of Consent
You may terminate our authorization to continue collecting your personal information by deleting your information or withdrawing your consent. Please note that some Website functions may require the collection of necessary personal information to operate properly. If you withdraw your consent, we will no longer be able to provide the services corresponding to the withdrawn consent, but this will not affect the personal information processing activities previously conducted based on your authorization.
9.5 Identity Verification for Request Processing
If you are unable to exercise your rights in the manner described above, please contact us using the contact information provided in this Policy. To ensure the security of your information, we may first require you to verify your identity before processing your request.
9.6 Fees for Request Processing
We generally do not charge fees for reasonable requests. However, for repeated requests that exceed a reasonable scope, we may charge a reasonable cost fee. We may refuse requests that are unfounded, require excessive technical resources, pose risks to the legitimate rights and interests of others, or are otherwise impracticable.
9.7 Exceptions to Request Responses
We may be unable to respond to your request in the following circumstances:
(1) The request is related to our fulfillment of legal obligations;
(2) The request is directly related to national security or national defense security;
(3) The request is directly related to public security, public health, or major public interests;
(4) The request is directly related to criminal investigation, prosecution, trial, or execution of judgments;
(5) We have sufficient evidence to prove that you have acted with subjective malice or abused your rights;
(6) The request is necessary to protect your life, property, or other major legitimate interests or those of a third party, but it is difficult to obtain your consent;
(7) Responding to the request would cause serious harm to the legitimate rights and interests of you or other individuals or organizations;
(8) The request involves trade secrets.
9.8 Specific Operation Guidelines and Response Timeframes
|
Right |
Operation Guidelines |
Response Timeframe |
|
Inquiry/Copy |
Send an email to the Data Protection Officer (marketing@admergex.com), specifying the type of information to be inquired about and completing identity verification (e.g., providing the phone number used when submitting the inquiry) |
15 working days |
|
Correction |
Send an email specifying the reason for correction and relevant information (e.g., inquiry record ID), and the correction will be made after verification that there is no legal requirement to retain the original information |
15 working days |
|
Deletion |
Provide the reason for deletion and relevant supporting documents |
15 working days |
|
Complaint/Report |
Submit complaint details to the Data Protection Officer via email or call 12377 (National Internet Illegal Information Reporting Hotline) |
N/A |
|
Unsubscribe from Updates |
Click the "Unsubscribe" link at the bottom of marketing emails or send an email to request unsubscription |
Within 24 hours |
10. How We Process Minors’ Personal Information
10.1 If you are under 18 years of age, under the minimum age required by the jurisdiction where you reside to visit the Website, or in other circumstances where you do not meet the statutory requirements for engaging in user-related activities, please comply with local legal requirements by either (A) refraining from visiting the Website, or (B) reading this Policy under the accompaniment and guidance of a legal guardian, and visiting the Website only after ensuring the guardian has consented to the content of this Policy (if required by applicable law).
10.2 We attach great importance to the protection of minors’ personal information. When minors provide personal information, they should enhance their awareness of personal protection, exercise caution, and use the Platform services correctly under the guidance of a legal guardian.
10.3 We will protect the confidentiality and security of minors’ user information in accordance with applicable laws, regulations, and the provisions of this Policy. If we discover that we have collected a minor’s personal information without first obtaining verifiable consent from their parent or legal guardian, we will take prompt measures to delete the relevant data or adopt other appropriate actions in compliance with applicable laws. If you are the legal guardian of a minor and have any questions regarding the minor’s use of our services or the user information they have provided to us, please contact us promptly using the contact information specified in Section 12 of this Policy.
11. Policy Updates
11.1 For material changes (such as changes to processing purposes or data types), we will notify you through the following channels:
- Website Announcement: Post a prominent notice at the top of the Policy page on the Website;
- SMS/Email: Send notifications to users who have previously submitted inquiries or subscribed to updates.
11.2 For non-material changes (such as optimizing wording or supplementing operation guidelines), we will only update the "Effective Date" at the top of the Policy and will not send separate notifications. You can view the revised content at any time through the "Privacy Policy" page on the Website.
Your continued use of the Website after the revised Policy takes effect constitutes your acceptance of the terms of the revised Policy. If you do not agree to the revised content, you may cease using the Website and request the deletion of your relevant information held by us.
12. Contact Us
If you have any questions, comments, or suggestions regarding this Policy, please contact us through the following channels:
- Data Protection Officer: marketing@admergex.com
In general, we will respond to your inquiry within 15 working days. If you are not satisfied with our response—especially if our personal information processing activities have infringed upon your legitimate rights and interests—you may also file a complaint or report with regulatory authorities such as the cyberspace administration, telecommunications department, public security bureau, or industry and commerce department, or seek resolution by filing a lawsuit with a people’s court that has jurisdiction over the defendant’s domicile.
13. Data Breach Response Mechanism
In the event of a Website data breach, we will:
13.1 Initiate an emergency response within 24 hours and take technical measures to contain the spread of risks (e.g., closing vulnerable ports, isolating affected data);
13.2 Notify affected users via SMS/email within 72 hours, explaining the basic details of the incident, potential impacts, and remedial measures;
13.3 Submit an incident report to the cyberspace administration within 10 working days, including the cause of the breach, handling results, and improvement measures.
14. Other
If you believe that our personal information processing activities have infringed upon your legitimate rights and interests, you may report the matter to the relevant government authorities.
Any disputes arising from this Policy or our processing of your personal information shall be governed by the laws of the Chinese Mainland. Such disputes may be submitted to the Beijing Arbitration Commission (BAC) for arbitration. The place of arbitration shall be Beijing, the language of arbitration shall be Chinese, and the arbitration award shall be final and binding.
15. EEA+ Privacy Statement
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland (collectively referred to as "EEA+"), please refer to the EEA+ Supplementary Privacy Statement in this section. We provide this EEA+ Privacy Statement only to individuals located in EEA+. This document supplements our AdMergeX Privacy Policy and describes how we process your personal data when you use or interact with our products and/or services. In the event of any inconsistency between the AdMergeX Privacy Policy and this EEA+ Privacy Statement, this Statement shall prevail.
If you are located in the EEA, the processing of your personal data is subject to the European Union's General Data Protection Regulation and local data protection laws (as applicable). If you are located in the United Kingdom, the processing of your personal data is subject to the UK's General Data Protection Regulation. References to "GDPR" refer to the applicable General Data Protection Regulation in your country. If you are located in Switzerland, the processing of your personal data is subject to Switzerland's Federal Data Protection Act (FDPA), and references to GDPR should be interpreted analogously to apply to the FDPA.
15.1 On what legal grounds and legitimate interests do we rely?
If we have entered into a contract with you and the processing is necessary for the performance of that contract or for taking steps at your request prior to entering into a contract, the legal basis is Article 6(1)(b) of the GDPR.
If the processing is necessary for us to comply with a legal obligation under EEA or UK law, the legal basis is Article 6(1)(c) of the GDPR.
In certain cases, based on an assessment of our legitimate interests and your privacy and other fundamental rights, the processing is necessary for us to achieve legitimate interests, including our efforts to provide you with a positive user experience, compliance with laws or regulations outside the EEA or the UK, maintaining the security and integrity of our products and/or services and related platforms and systems, operating and optimizing our business, improving our products and/or services, developing new services, and managing our relationship with users. In these cases, the legal basis is Article 6(1)(f) of the GDPR. If you would like more information on our assessment of the balance between our legitimate interests and your privacy and other fundamental rights, this can be provided upon request.
In certain cases, we rely on your consent under Article 6(1)(a) of the GDPR to process your personal data, including when we use non-essential cookies or other technologies to process your data.
15.2 Where is your personal data processed, and on what basis do we transfer personal data across borders?
We may disclose personal data to third parties located in the People's Republic of China, among other places. We take measures to ensure that our processors have appropriate safeguards in place and properly implement data transfer arrangements to provide an adequate level of data protection.
15.3 How long do we process personal data?
We only retain your personal data for as long as necessary for the purposes for which it is processed or as required by law. The period for which we retain personal data depends on the purposes for which we collect and use it and the need to retain personal data to comply with applicable laws (including to meet any legal, regulatory, tax, accounting, or reporting requirements). If we retain personal data solely to meet legal requirements, we will take measures to prevent further processing of your personal data. Once personal data is no longer necessary for the purposes for which it was collected, we will delete it.
15.4 What data protection rights do you have?
In the EEA, Switzerland, and the UK, you have the following rights, subject to the conditions of the GDPR and/or local data protection laws:
a. To object to our processing of your personal data on grounds relating to your particular situation. This includes the right to object to the use of your personal data for direct marketing (also known as mass marketing under Swiss law), and to object to our processing of your personal data when it is carried out in the public interest or for the legitimate interests of us or a third party. If we process your personal data based on our legitimate interests or those of a third party, or for reasons related to legal claims, you can object to such processing, and we will cease processing your personal data unless the processing is based on compelling legitimate grounds or is required for legal reasons. When we use your personal data for direct marketing of our own products and services, you can object at any time and unsubscribe from future marketing communications through the unsubscribe links in these communications or other means.
b. To obtain confirmation from us as to whether or not your personal data is being processed and, where that is the case, to request access to detailed information on how we process your personal data and to a copy of your personal data.
c. To obtain from us the rectification of inaccurate personal data concerning you.
d. To request that we erase your personal data, provided that it is not necessary for legal requirements or for security and integrity purposes.
e. To request the restriction of processing of your personal data, in which case it will be marked and used by us only for specific purposes.
f. To receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to have the right to transmit that data to another entity without hindrance from us.
g. To withdraw your consent at any time. This will not affect the lawfulness of our use of your personal data prior to withdrawal.
h. To lodge a complaint with a supervisory authority.
i. In certain jurisdictions (such as France and Portugal), you also have the right to provide us with instructions regarding the handling of your personal data after your death.
15.5 Are you required to provide your personal data to us?
You are not legally obligated to provide us with personal data. However, if we do not receive certain personal data from you, we will not be able to provide our products and/or services.
16. Privacy Statement for Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, or California
16.1 If you reside in Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, or California, please refer to this section of the privacy statement.
We provide this U.S. Supplementary Privacy Statement only to residents of the United States. This statement does not reflect our collection, use, or disclosure of personal information of U.S. residents under exceptions to U.S. privacy laws.
The following content applies only to residents of Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, and New Jersey.
16.2 Subject to the conditions of applicable law, you have the right to request that your personal data controller:
a. Confirm whether or not your personal data is being processed and provide you with a copy of that data;
b. Correct inaccuracies in your personal data, considering the nature of the personal data and the purposes of processing consumer personal data, except in Iowa and Utah where this right is not available;
c. Delete personal data provided by or concerning you;
d. Opt out of processing your personal data for the following purposes: (i) targeted advertising, (ii) sale of personal data, or (iii) profiling that produces legal or similarly significant effects on you.
When you use our products and/or services, we may collect, use, and disclose your information for the purposes described in Section 2 above. Under some laws applicable to our processing of personal data, our collection, use, and disclosure of personal data for targeted advertising purposes is considered a "sale" of personal data. You can opt out of targeted advertising and such "sales" by clicking on the relevant "settings" to disable programmatic ad recommendations or through other means within our products and/or services.
16.3 California
The following content applies only to residents of California.
Collection Notice: For the types of personal information we collect, please refer to Section 2 above. The categories of personal information correspond to the categories of "personal information" defined in the California Consumer Privacy Act (CCPA) and their respective letter groupings:
(A) — Identifiers, including name, mailing address, telephone number, unique personal identifier, IP address, email address, and account name.
(B) — Information that identifies you or can be associated with you.
(D) — Commercial information, including information regarding products or services purchased, obtained, or considered through our products and/or services, as well as other purchase or consumption history or tendencies.
(F) — Internet or other electronic network activity information.
(G) — Geolocation data.
(K) — Inferences drawn from any of the above information that reflect your preferences and characteristics.
(L)(C) — Precise geolocation data.
Regarding our use of personal information, we may collect, use, and disclose personal information of California residents for cross-context behavioral advertising purposes, which CCPA considers "selling" and "sharing" personal information. Below is a copy of our CCPA Privacy Policy, which includes our notice of the right to opt out of the sale/sharing of personal information.
We retain personal information only for as long as necessary for the purposes for which it was collected or as required by law. The period for which we retain personal information depends on the purposes for which we collect and use it and the need to retain personal information to comply with applicable laws (including to meet any legal, regulatory, tax, accounting, or reporting requirements). Once personal information is no longer necessary for the purposes for which it was collected, we will delete it.
16.4 CCPA Privacy Policy:
a. Right to Know What Personal Information Is Collected, Disclosed, or Sold
We describe here the personal information of California residents that we collect, use, and disclose. You have the right to request that we disclose to you the specific pieces of personal information we have collected, used, disclosed, and sold about you ("right to know").
We will ask you to provide certain information to verify your identity. If you have a password-protected account with us, we may verify your identity through our existing authentication process for your account. The information we ask you to provide to verify your identity will depend on your previous interactions with us and the sensitivity of the personal information involved. We will respond to your request in accordance with the CCPA. If we deny your request, we will explain the reason.
b. Right to Request Deletion of Personal Information
You have the right to request that we delete personal information about you that we have collected or maintained. To submit a request to delete personal information, please contact us via email or send an email request with the subject line "California Deletion Request." Please clearly specify in your request the personal information you wish to have deleted, as required by the CCPA. This can be all of your personal information.
We will ask you to provide certain information to verify your identity. If you have a password-protected account with us, we may verify your identity through our existing authentication process for your account. The information we ask you to provide to verify your identity will depend on your previous interactions with us and the sensitivity of the personal information involved. Once we have verified your identity, we may ask you to confirm that you wish to delete your personal information. Once confirmed, we will respond to your request in accordance with the CCPA. If we deny your request,we will explain why.