PRIVACY POLICY
1. Definitions
“CCPA” means the California Consumer Protection Act. If you are a California resident, you should read this Policy together with its Additional Privacy Details for California Residents section at the end of the Policy, which provides additional information about our California information practices, including a description of CCPA rights available to some Californians.
“Controller” means the entity that has certain legal rights to determine the purposes for which Personal Data will be Processed and the means by which that Processing will occur.
“GDPR” means the EU General Data Protection Regulation.
“Our Company” means Digital Revenue LLC, 3400 Cottage Way Ste G2 #12615, Sacramento, CA 95825.
“Our Website” means https://www.revloq.com
“Personal Data” means any information about an identified or identifiable individual, such as their name or contact information.
“Platform” means programming solution Revloq developed, provided and maintained by Our Company.
“Policy” means this Privacy Policy.
“Privacy Shield” means EU – U.S. and Switzerland – U.S. Privacy Shield Principles described in this Policy.
“Process,” “Processed,” and “Processing” refer to any operation or set of operations that can be performed on Personal Data or on sets of Personal Data. This includes, for example, collection, recording, structuring, storage, adaptation or alteration, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure and destruction.
“Processor” means an entity that Processes Personal Data on behalf of a Controller.
“Service Data” is Personal Data or other information that Users:
(i) input directly into the Platform as part of registration process, or
(ii) provide to Our Company through authorized methods as part of the Service.
“Service” means the Platform and services provided by Our Company to support the Platform.
“User” means the individual or entity that has signed up to use the Platform or receive Service.
2. Scope of this Policy and Handling of Service Data
Where indicated, this Policy applies to Service Data. We do not control the content of Service Data, and, because of security features in the Platform, in most cases we are unable to read such content. Under the GDPR and similar laws, Our Company is considered the Processor of any Personal Data in the Service Data.
It is Our Company’s policy that the Personal Data collected from Users will be used for limited purposes. Our Company Processes Personal Data in the Service Data under the instructions of the relevant User or as required by applicable law. On the Platform, the relevant User is the one that Our Company authorizes to control the administrator account. Specifically, the User is the Controller for all information submitted by that User to the Platform. Users may contact Our Company to make inquiries with respect to their User account at contact@revloq.com
Our Company may disclose any Service Data, including certain deleted Service Data, or data previously received from deactivated User, to the relevant User. In addition, Our Company provides the User with certain tools for modifying, deleting or taking other steps with Service Data. If Our Company receives a request from a User to exercise rights in Service Data, we will cooperate with that User’s handling of the request, subject to any special contractual arrangement with that User.
The Policy also applies to our handling of Personal Data that is not Service Data, such as Personal Data about:
(i) visitors to Our Website, and
(ii) current Users, in relation to their procurement of Service and management of the relationship with Our Company.
This Policy does not cover any data we Process in the context of our own recruiting and human resources management.
3. Types of Personal Data We Collect
Personal Data that we may collect include the following:
(i) contact data, which includes information such as User name, email address, mailing address, zip code, phone numbers or country;
(ii) transaction data, including advertisements placed, inquiries, and information about how the Users use the Platform;
(iii) geo-location data, such as information about User physical location collected from geolocation features on User device, including User IP address and as otherwise may be transmitted to Our Company by User mobile phone or other location-aware devices;
(iv) internet/network information, such as User IP address (a unique identifier that devices use to identify and communicate with each other on the Internet), or browser or device information; and
(v) payment information.
4. How We Collect Personal Data
Our Company may collect Personal Data directly from Users when Users voluntarily submit them to us as part of User account registration process or that we ask Users for when Users interact with us. We also obtain Personal Data from User browser or device, information generated from User online browsing and Platform usage activity.
5. How We Use Personal Data
We use Personal Data to detect fraud and prevent financial losses for Users, Our Company and our advertising partners, including in order to detect unauthorized advertising practices. Our Company does not sell, share, or otherwise distribute User Personal Data to third parties for their marketing purposes.
Our Company uses Personal Data as follows:
(i) to provide and improve our Service, including internal analysis of aggregate usage patterns;
(ii) to respond to questions, concerns, or inquiries by Users about our Service, and to otherwise fulfill User requests;
(iii) to analyze market conditions and use of our Service;
(iv) to enforce the legal terms that govern our business and online properties;
(v) to comply with law and legal process and protect rights, safety and property;
(vi) to anonymize data so that it is no longer Personal Data;
(vii) for Our Website administration, fraud prevention, corporate governance, reporting, and legal compliance; and
(viii) for other purposes requested or permitted by Users or other relevant individuals, such as visitors of Our Website.
We may combine data collected from Users with other sources to help us improve the accuracy of our communications as well as to help expand or tailor our interactions with Users. This includes combining Personal Data we obtain for the purposes described above. We may anonymize or aggregate personal information and use it for the purposes described above and for other purposes to the extent permitted by applicable law. We also may use Personal Data for additional purposes that we specify at the time of collection. We will obtain User consent for these additional uses to the extent required by applicable law.
6. Disclosures of Personal Data
We may share Personal Data as follows:
(i) for the uses of information described in Section 5, How We Use Personal Data, above, including to make appropriate disclosures in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements, and
(ii) in connection with an actual or potential business sale, merger, consolidation, change in control, transfer of substantial assets or reorganization.
For those purposes, we may share information with:
(a) other entities that help us with any of the above, such as our sub-processors, data storage and backup providers, customer relationship management providers, accounting providers, technical service providers and payment processors, or
(b) other entities involved in the legal-related matters described in Section 5, How We Use Personal Data, above.
7. Legal Bases for Processing Personal Data
The laws in some jurisdictions require that we tell Users about the legal grounds relied upon by Our Company to use or disclose their Personal Data. To the extent those laws apply, our legal grounds for Processing Personal Data are as follows:
(i) To honor the contractual commitments of Our Company to individuals: Some of our Processing of Personal Data is carried out to meet our contractual obligations to the individuals to whom the Personal Data relate, or to take steps at their request in anticipation of entering into a contractual relationship with them. For example, when an individual User accesses the Platform, we may Process their payment information on this basis.
(ii) Legitimate interests: In many cases, Our Company handles Personal Data on the grounds that it furthers the legitimate interests of Our Company in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. The examples of such commercial activities include:
(a) preventing fraud by Users;
(b) User support;
(c) protecting our Users, personnel and property;
(d) protecting our business partners;
(e) analyzing and improving our business and Service; and
(f) managing legal issues.
(iii) Legal compliance: We need to use and disclose Personal Data in certain ways to comply with our legal obligations.
8. Consent to Processing in the United States
Our Website and the Platform are owned and operated by Digital Revenue LLC in the United States and the data Users provide is accessible to Our Company in the United States. Furthermore, if a particular User is visiting Our Website from a country other than the United States, User interaction with Our Website will necessarily result in the transfer of data across international boundaries. The level of legal protection for Personal Data is not the same in all countries. However, Our Company will take the security measures described in the Policy in an effort to keep User data secure. By using Our Website, each User consents to the collection, storage, and processing of User data in the United States.
9. Cookies and Automated Data Collection
On Our Website, we may collect certain information by automated means such as cookies, browser-based and other similar techniques and technologies.
The information we collect by such means includes unique browser identifiers, unique device identifiers, IP address, browser and operating system information, geolocation, other device information, Internet connection information, as well as details about User interaction with Our Website. Such details include, for example, the URL of the third-party website from which User came and the pages that User visits on Our Website.
As part of this process, we may use automated means to read or write information on User device, such as in various types of cookies and other local storage. Cookies and local storage are files that can contain data, such as unique identifiers or other information, that we may transfer to or read from a User’s device for the purposes described in the Policy.
The cookies and other technologies described fall into four basic categories:
(i) Essential: These are strictly necessary to provide Users with online presence, such as access to secure areas that require registration. Users cannot refuse them without impacting functionality.
(ii) Functional: These allow Users to browse or benefit from some of the inherent features, such as setting language preferences. Similar to the essential technology described above, disabling these technologies could impact User experience to use some functionality. The functional technologies also allow Our Company to track User online activities over time. For example, Our Company may use different types of cookies, other automated technology, and data (a) to recognize individuals and their devices, and (ii) to report on ad impressions.
Users may be able to set their web browsers to refuse certain types of cookies, or to alert Users when certain types of cookies are being sent.
10. Personal Data Rights and Choices
All Users can:
(i) Review and update certain User information by logging in to the relevant portions of the Platform.
(ii) deactivate their accounts by contacting Our Company at contact@revloq.com, subject to any contractual provisions between Our Company and the User responsible for the account. Except when the User has requested closure of all User accounts, information in a deactivated User account may be available to the User for some time.
(iii) Obtain confirmation of whether Our Company holds Personal Data about them, and to receive information about Processing thereof.
(iv) Obtain a copy of the Personal Data, and in some cases, receive it in a structured, commonly used and machine-readable format, or have it transmitted to a third party in such form.
(v) Update, correct or delete the information.
(vi) Object to our Processing of the information for direct marketing purposes.
(vii) Object to other Processing of the information.
(viii) Withdraw consent previously provided for the Processing of the information.
Residents of the European Economic Area, the UK and Switzerland also have certain rights under the Privacy Shield, as described in Section 13, International Data Transfers, below.
To exercise any of those rights with respect to the Personal Data Our Company controls, Users should contact Our Company as described at the end of the Policy.
Many of the rights described above are subject to significant limitations and exceptions under applicable law. For example, objections to the Processing of Personal Data, and withdrawals of consent, typically will not have retroactive effect.
Every User also has a right to lodge a complaint with the relevant supervisory authority.
11. Security
To provide security for Service Data within the Platform, we maintain physical, organizational and technical safeguards, which are subject to periodic changes. The use of available safeguards will impact the level of protection available for the Service Data. Communications with Our Company through other methods such as email are not subject to those protections. Third-party software and services integrated into our Service are handled by such third parties subject to their own privacy and security procedures, which we do not control.
We use different safeguards to help secure the other Personal Data we handle.
No security method is perfect, and we cannot guarantee that any data will remain secure.
12. Data Retention
We hold Personal Data for as long as necessary to fulfill the purposes set forth in this Policy. Information may persist in copies made for backup and business continuity purposes for additional time.
13. International Data Transfers
We are headquartered in the United States, and recipients of the data disclosures described in this Policy are located in the United States and elsewhere in the world, including where privacy laws may not provide as much protection as those of country of residence of specific Users.
Users may also transfer Personal Data to Our Company on the basis of legal mechanisms approved by the European Commission and other relevant authorities for cross-border data transfers. Our Company adheres to the EU – U.S. Privacy Shield Framework and the Switzerland – U.S. Privacy Shield Framework regarding the collection, use, and retention of Personal Data from European Economic Area member countries, the United Kingdom, and Switzerland transferred to the United States pursuant to Privacy Shield. Our Company recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU – U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export Personal Data to outside the UK and the European Economic Area. Our Company will continue to honor its obligation to comply with the Privacy Shield Principles with respect to such data. If there is any conflict between the principles set forth in this Policy and additional protections for individuals that are provided under the Privacy Shield Principles, the additional protections in the Privacy Shield Principles shall govern with respect to data subject to the Privacy Shield.
The following statements apply to all EEA, UK and Swiss Personal Data that is received by Our Company in the United States pursuant to the Privacy Shield:
Our Company is subject to the jurisdiction and enforcement authority of the United States Federal Trade Commission. EEA, Swiss and UK individuals have the right to access their Personal Data that has been transferred into the United States and to correct or update that information. Individuals also have the right to erase information that has been processed in violation of the Privacy Shield Principles. To exercise any such rights, which are subject to exceptions under the Privacy Shield Principles, individuals should refer to the contact information at the end of the Policy.
Covered European residents should direct any questions, concerns or complaints regarding Our Company’s compliance with the Privacy Shield to Our Company as described at the bottom of the Policy. Our Company will attempt to answer User questions and accommodate User concerns in a timely and complete manner as soon as possible. If, after discussing the matter with Our Company, User issue or complaint is not resolved, Our Company has agreed to participate in the Privacy Shield independent dispute resolution mechanisms listed below. Please contact Our Company first.
For human resources Personal Data that Our Company receives under the Privacy Shield (defined under Privacy Shield essentially as information about an employee collected in the context of the employment relationship): cooperation with the EEA data protection authorities (DPA’s), the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC).
For other Personal Data Our Company receives under the Privacy Shield: Our Company has further committed to refer unresolved privacy complaints under the EU – U.S. and Switzerland – U.S. Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. Please do not submit human resources complaints to BBB EU Privacy Shield.
If User Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, Users may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
14. Notification of Changes
Our Company may change this Policy to reflect changes in the law, our data handling practices or the features of our business. The updated Policy may, from time to time, be posted on Our Website.
15. Contact Information
If you have questions, requests or complaints relating to handling of your Personal Data or this Privacy Policy, please contact us as described at the end of this Policy.
16. Additional Privacy Details for California Residents
The sub-paragraphs below apply only to “personal information” covering California residents (as such term is defined in the CCPA). It supplements the information in the remainder of the Policy above. Data about individuals who are not residents of California are treated differently and are not subject to the rights described below. Nor do these sub-paragraphs apply to Service Data (as defined in this Policy), which are treated as described in Paragraph 2 of the Policy, even when Service Data relate to residents of California.
The specific pieces of personal information we collect falls into the following categories under California law, to the extent that such information is personally identifiable:
(i) identifiers (such as name, address, email address and other contact information);
(ii) commercial information (such as transaction data and information about a User’s interactions with Our Company);
(iii) financial data (such as payment information); internet or other network or device activity, and other information described in Section 9, Cookies and Automated Data Collection;
(iv) geolocation information;
(v) other information that identifies or can be reasonably associated with a specific User; and
(vi) inferences drawn from any of the above.
Our Company uses the personal information as follows:
(a) to provide and improve our Service, including internal analysis of aggregate usage patterns;
(b) to respond to questions, concerns, or User service inquiries, and to otherwise fulfill User requests;
(c) to send information about our current and future Service, including marketing communications by email, online display advertising, and other channels;
(d) to analyze market conditions and use of our Service;
(e) to customize the content and advertising Users see on Our Website;
(f) to enforce the legal terms that govern our business and online properties;
(g) to comply with law and legal process and protect rights, safety and property; and
(h) for other purposes requested or permitted by Users or visitors to Our Website.
17. “Sale” of California Personal Information under CCPA
The CCPA requires businesses that “sell” personal information, as the term “sell” is defined under the CCPA, to provide an opt-out from such sales. Some representatives of the business community have taken the view that when a website or application uses third-party cookies and similar technology for its own analytics or advertising purposes, the website/application is engaged in a “sale” under the CCPA if the third parties have some ability to use, disclose or retain the data to improve their service. Some representatives of the business community take this view even when the website/application pays the third party (not vice versa), and in most cases merely provides the third party with an opportunity to collect data directly, instead of providing personal information to the third party. If a particular User adheres to the position that any of the relationships described above involve a “sale” within the meaning of the CCPA, then such User may consider Our Company to have “sold” what the CCPA calls “identifiers” (such as IP addresses), “internet or other electronic network activity information” (like information regarding an individual’s browsing interactions on Our Website), and “commercial information” (like the fact that a browser visited a page directed to people who are considering purchasing from Our Company) to marketing and analytics companies. As California legal professionals await clarity on this point and, if applicable, the arrival of a proven method for handling CCPA-like choice options for it, Our Company continues to offer opportunities to limit and/or opt out of the collection and/or use of data via certain third-party cookies and similar technology for analytics and advertising purposes, as described in the Cookies and Automated Data Collection paragraph of this Policy. In any case, no matter how “sale” is defined, Our Company has no actual knowledge of selling the personal information of natural persons under 16 years of age.
18. California Privacy Rights
California law permits Users who are California residents to request that Our Company provides to Users information on the following:
(i) the categories of personal information Our Company has collected about a User in the last twelve months;
(ii) the categories of sources of such information;
(iii) the categories of personal information that Our Company sold or disclosed about a User for a business purpose;
(iv) the business or commercial purpose for collecting or selling User personal information; and
(v) the categories of third parties to whom Our Company has “sold” or otherwise disclosed personal information for a business purpose.
California law also requires that Our Company provides access to and/or a copy of certain information that Our Company holds about Users and deletes certain information that Our Company has about Users.
Certain information is exempt from such requests under California law. Users may also be entitled to receive certain information about the financial incentives offered by Our Company to such Users (if any). Under CCPA, Users shall not be subject to negative consequences for exercising CCPA rights.
Our Company will take steps to verify User identity before responding to User request, which may include requesting that User responds to an email that Our Company sends to User, or otherwise verifying User name, email address or other information that will help Our Company to confirm User identity.
If User is an agent making a request on behalf of another person, User must verify that it is authorized to make that request, which may include requiring User to provide Our Company with written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney. We also may require the consumer to verify their identity directly with Our Company.
To request to exercise any of these rights, please write to our address as follows:
Digital Revenue LLC
3400 Cottage Way
Ste G2 #12615
Sacramento, California 95825
contact@revloq.com