Effective & Last Updated: August 2021
CATEGORIES AND SOURCES OF PERSONAL INFORMATION
The personal information we collect depends on how you interact with us, the products you use, and the choices you make. We collect personal information about you from different sources and in various ways:
Information You Provide to Us. You may choose to share information with us when you create or modify an account, request services, or otherwise communicate with us. For example, we collect the following:
Contact Information: Depending on the nature of your interaction with us, we collect personal or business information such as name, email address, postal address, and phone number. We may also ask you to provide contact lists or email addresses of others, for example if you use a “tell-a-friend” tool.
Demographics: When creating or modifying an account, you may also provide additional information such as your age and gender.
Payment Data You Provide: If you make a purchase, we collect credit card numbers and other payment or billing information.
Preferences: We may collect your preferences such as communication, language, and time zone.
Audio/Visual: In some cases, you can upload a photo for a profile image when creating an account or at an event or as part of a contest or sweepstakes.
Identification Numbers You Provide: Unique identification numbers associated with you.
Security: When you create an account, we collect passwords, security questions, etc.
Content of Communications: We will collect your communications with us, such as emails, customer service requests, survey responses, or social media posts or messages.
When you are asked to provide personal information, you may decline (such as not entering a credit card to make a purchase). But if you choose not to provide or allow information that is necessary for certain products or features, those products or features may not be available or function correctly.
Information From Your Devices. When you use our websites and online services, we automatically collect some information from your devices (such as mobile phone, tablet, smartwatch, or computer). For example:
Device Details and Network Information: Some devices share and our servers log information such as type of device, hardware model, MAC Address, OS, version, settings, configuration, and network-related information such as IP address, mobile network provider. As further described in the Cookies section below, our websites and online services store and retrieve data using cookies set on your device.
Digital Activity: When you connect to our online services, we collect information about online activity and usage patterns, such as access times, webpages visited, web logs, app features used, etc.
Device and Mobile Location: Depending on your device and app settings, we also collect location data from your devices when you use our apps or online services.
You may use app or device controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain products or features, those products or features may not be available or function correctly.
Information We Generate About You. We infer new information from the data we collect, such as:
Digital Activity: When you connect to our online services, we may infer your zip code, city, state, and country location based on your IP address. We may also make inferences from your online activity and usage patterns, such as access times, webpages visited, web logs, app features used, etc.
Inferred Preferences: We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics. For example, we may use information about your past purchases to determine your likely readiness to make a new purchase, which we may use for marketing, advertising, or other purposes.
Identification Numbers We Generate: When you interact with us, we may generate unique identification numbers such as account ID, or customer ID. In some cases, we generate unique identifiers assist with our processing of personal data. For example, in our exhibits at auto shows or other events, we may generate a bar code for each visitor that you can swipe as you interact with the exhibit. It may also allow you to access and share photos and videos if you use available technology to take your picture and/or video at the event.
Payment Data We Generate: We may generate information when you pay for products and services, e.g., transaction history.
Other Sources of Information About You. In addition to information we collect from you and your devices and the information we generate or infer, we also obtain information from others when you direct them to share information with us and in the following cases:
Service Providers and Suppliers: We may receive Contact Information or other personal information from our vendors or agents working on our behalf for the purposes described in this Policy.
Business Partners: We receive personal information from other companies with which we work together to offer services to our customers, or to reach potential customers with our marketing messages. Examples include:
Joint Marketing Partners: We may receive personal information from partners with which we offer co-branded service or engage in joint marketing activities
Social Media Platforms: If you sign into our site using a social media sign-on (such as Facebook Connect), or pre-populate fields in a form using such tools, you allow us to access your information that is publicly available or that you have made publicly available (e.g., name, user ID, profile picture) and any information the platform makes available. We encourage you to review the privacy policies for the social media platforms and authentication methods you use.
Law enforcement agencies, courts, regulatory agencies, and others: We may receive personal information from government agencies or courts for legal compliance purposes, to protect your personal safety or the safety of others, to protect our or others’ rights, or to investigate fraud. We may also receive personal information from others; for example, in connection with litigation settlements, we may acquire information about you from third parties for the purpose of meeting our tax reporting obligations.
Consumer Data Analytics Firms: We receive Demographics and other data from third parties for purposes such as supporting our marketing campaigns and personalizing services to our customers.
Parties to Corporate Transactions: We may receive personal information as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or at transfer, divestiture, or sale of all or a portion of business or assets.
We may combine personal information you provide to us, information from your devices, information about you we receive from others, and information we generate about you.
We also collect information in a form that cannot reasonably be linked back to you.
COOKIES AND SIMILAR TECHNOLOGIES
Cookies on our websites are used to store your preferences and settings, enable you to sign-in, provide interest-based advertising, combat fraud, analyze how our products perform, and fulfill other legitimate purposes.
Our websites may also contain electronic images known as web beacons (also called single-pixel gifs) that we use to help deliver cookies on our websites, count users who have visited those websites, and gather usage and performance data. We also include web beacons in our promotional email messages or newsletters to determine whether you open and act on them, and in our ads appearing on other sites to measure the performance of those ads.
Our website often includes web beacons and cookies from third-party service providers. In some cases, that is because we have hired the third party to provide services on our behalf, such as site analytics or advertising. In other cases, it is because our web pages contain third-party content (such as embedded videos, maps, plug-ins, or ads) that contain web beacons used to determine the effectiveness and track your interaction with that content. When your browser connects to a third party’s web server to retrieve content and/or web beacons, that third party is able to set or read its own cookies on your device and may collect information about your online activities over time and across different websites or online services that also contain that third party’s content or web beacons.
For example, we use Google Analytics and other Google services to support the operation of our website. To learn about how Google uses and shares data it collects through these services, we encourage you to visit https://www.google.com/privacy.html and https://www.google.com/policies/privacy/partners/.
Industry-wide Opt-outs. Many of these companies are also members of associations, which provide a simple way to opt out of analytics and ad targeting, which you can access at:
United States: NAI (http://www.networkadvertising.org/managing/opt_out.aspx) and DAA (http://www.aboutads.info/choices/)
Canada: Digital Advertising Alliance of Canada (https://youradchoices.ca/)
Europe: European Digital Advertising Alliance (http://www.youronlinechoices.com/)
Mobile advertising ID controls. Apple and Android mobile devices each generate an advertising identifier that can be accessed by apps and used by advertisers in much the same way that cookies are used on websites. Each operating system provides options to limit tracking and/or reset the advertising ID.
Browser Cookie Controls. Web browsers vary on whether they are set to accept various types of cookies by default. You can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
Do Not Track. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.
Email Web Beacons. You can disable web beacons in email messages by changing the settings on your email client to prevent the automatic downloading of images.
OUR USE OF PERSONAL INFORMATION
We use the personal information we collect for purposes described in this Policy or otherwise disclosed to you. For example, we have used personal information for the following purposes over the past 12 months:
Purposes of Use Categories of Personal Information
Product and Service Delivery. To provide and deliver our products and services, including operating, securing, and troubleshooting; and providing customer service and technical support. Contact Information, Demographics, Payment Data You Provide, Preferences, Audio/Visual, Identification Numbers You Provide, Security, Content of Communications, Device Details and Network Information, Digital Activity, Device and Mobile Location, Inferred Preferences, Identification Numbers We Generate, Payment Data We Generate
Product Improvement. To improve existing products and services. Contact Information, Demographics, Preferences, Audio/Visual, Content of Communications, Media Analytics, Device Details and Network Information, Digital Activity, Device and Mobile Location, Identification Numbers We Generate, Payment Data We Generate,
Inferred Preferences Research and Development. To conduct research and develop new products and services. Demographics, Preferences, Audio/Visual, Content of Communications, Media Analytics, Device Details and Network Information, Digital Activity, Device and Mobile Location, Inferred Preferences, Identification Numbers We Generate, Payment Data We Generate
Personalization. To understand you and your preferences to enhance and personalize your experience. Contact Information, Demographics, Preferences, Audio/Visual, Content of Communications, Media Analytics, Device Details and Network Information, Digital Activity, Device and Mobile Location, Inferred Preferences, Identification Numbers We Generate, Payment Data We Generate
Business Operations. To operate our business, such as accounting, finance, tax, regulatory compliance, litigation, information security, fraud detection and prevention, supplier and vendor management, human resources, information technology, and improving our internal operations. Contact Information, Demographics, Payment Data You Provide, Preferences, Audio/Visual, Identification Numbers You Provide, Security, Content of Communications, Device Details and Network Information, Digital Activity, Device and Mobile Location, Inferred Preferences, Identification Numbers We Generate, Payment Data We Generate
In carrying out these purposes, we combine data we collect from different sources to give you a more seamless, consistent, and personalized experience.
Finally, we may use de-identified information for any purpose in accordance with applicable law.
OUR SHARING OF PERSONAL INFORMATION
We share personal information with your consent, when you direct us to share it with others, or as necessary to complete your transactions or provide the products you have requested or authorized. For example, when you provide payment data to make a purchase, we will share that data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services. We also share personal information with:
Service Providers and Suppliers. We share personal information with vendors or agents working on our behalf for the purposes described in this Policy. In such cases we require these vendors to protect the confidentiality of the personal information and to use it only to provide the services to us. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal information to provide those functions.
Business Partners. We share personal information with other companies that we work together with to offer services to our customers, or to reach potential customers with our marketing messages. Examples include:
Advertising and Analytics Companies. Please see the Cookies section of this Policy for a description of how we work with advertising and analytics providers
Social Media Platforms. We share hashed emails from our marketing database with social media advertising platforms, such as Facebook, so that they can create Custom Audiences and deliver advertisements on our behalf to their users. Those users are identifiable to the Social Media company when it matches our hashed data to its hashed data of its users.
Joint Marketing Partners. We share information with partners with which we offer co-branded service or engage in joint marketing activities.
Law Enforcement Agencies, Courts, Regulatory Agencies, and Others. We will access, transfer, disclose, and preserve personal information when we believe that doing so is necessary to:
comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; detect, investigate, and prevent fraud, or to help prevent the loss of life or serious injury; operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks; or protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
Parties to Corporate Transactions. We may also disclose personal information as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or at transfer, divestiture, or sale of all or a portion of our business or assets.
Finally, we may share de-identified information in accordance with applicable law.
CHOICE AND CONTROL OF PERSONAL INFORMATION
Access, correction, and deletion. You can access, edit or delete some of the personal information we have collected by logging into your account and accessing the information displayed in your profile or account settings.
If you cannot access certain personal information we have directly through the site, you can always contact us as described at the bottom of this Policy. However, to the extent permitted by applicable law, we reserve the right to charge a fee or decline requests that are unreasonable or excessive, where providing the data would be prohibited by law or could adversely affect the privacy or other rights of another person, or where we are unable to authenticate you as the person to whom the data relates.
Communications preferences. You can choose whether to receive promotional communications from us by email, physical mail, and telephone by contacting us (see How To Contact Us at the bottom of this Policy). If you receive promotional email messages from us and would like to stop, you can do so by following the directions in that message. If you receive text (SMS) messages from us, you can stop delivery of further messages of that type by following the instructions provided or replying “STOP,” after which you will receive a single message confirming your choice. These choices do not apply to mandatory service communications that are part of certain of our products (e.g., recall notices).
Choices for Cookies and Similar Technologies. See the Cookies section for choices about cookies and other analytics and advertising controls.
CALIFORNIA PRIVACY RIGHTS
California Consumer Privacy Act (“CCPA”) – If you are a California resident and the processing of personal information about you is subject to the CCPA, you have certain rights with respect to that information:
Access/Right to Know. You have a right to request that we provide you with the following information:
The categories and specific pieces of personal information we have collected about you in the last 12 months.
The categories of sources from which we collect personal information.
The purposes for collecting, using, or selling personal information.
The categories of third parties with which we share personal information.
The categories of personal information we have disclosed about you for a business purpose.
Note that the CCPA defines “business purpose” broadly; and because we use service providers for a number of business purposes that require access to our systems that hold personal information (such as supplying cloud data storage, maintaining the security of our systems, and providing customer support), in the past 12 months we have disclosed for a business purpose data from all of the categories of personal information that we maintain.
The categories of personal information we have sold about you for each category of third party to which the personal information was sold. Note that the CCPA defines “sell” very broadly, and some of our data sharing described in this Policy may be considered a “sale” under that definition. We do not knowingly sell the personal information of minors under 16 years of age without affirmative authorization.
In the past 12 months, we have shared personal information with others for commercial purposes or their independent uses as follows:
Advertising and Analytics Companies. We share Device Details and Network information, Digital Activity, Preferences, Demographics, Device and Mobile Location.
Joint Marketing Partners. We share the following information with partners for co-branded service offerings or joint marketing activities:
Contact Information, Demographics, Preferences, Inferred preferences, Content of Communications, , Device Details and Network information, and Digital Activity.
Right to Delete. You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions.
Right to Opt-Out From Sales. You also have a right to opt-out from future sales of personal information, which you can exercise by clicking on the “Do Not Sell My Personal Information” button on our website. See also the Cookies section of this Policy to learn how to opt out of analytics and ad targeting.
How to Exercise Your California CCPA Rights
You can exercise your CCPA rights by submitting your request(s) to us using the web form located at the bottom of PULSEPerformance.com.
If you want to exercise more than one of your CCPA rights, please submit a separate request for each CCPA right, which will help us handle your requests more effectively. Please be aware that we will process your requests in the order we receive them.
Whether you use the web form or call us, we will need information from you to process your request so that we can confirm you are a California resident, determine if we have personal information about you, and, for access and deletion requests, verify your identity. We may also need to contact you about your request, and you can choose the contact method you would like us to use.
Please be aware there might be circumstances where we will not honor your request, as permitted under the CCPA. For example, if we are not able to verify your identity and that you are a California resident, we may not honor your access or deletion request. In addition, we may not delete your personal information if an exception under the CCPA applies.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
If you want an authorized agent to submit a “Delete My PI” or “Access My PI” request on your behalf, the authorized agent must provide proof of their registration with the California Secretary of State, as well as proof that you gave the authorized agent written permission to submit the request(s) on your behalf. We may also require you to verify your identity with us.
If you want an authorized agent to submit a “Do Not Sell My PI” instruction on your behalf, the authorized agent must provide proof of their registration with the California Secretary of State, as well as proof that you gave the authorized agent written permission to submit the instruction on your behalf.
You have a right to not be discriminated against for exercising rights set out in the CCPA.
California Shine the Light
Additionally, under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2020 will receive information regarding 2019 sharing activities).
We will provide the requested information to you at your e-mail address in response. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response. Please also note that we may not be required to respond to requests made by means other than through the above designated e-mail address.
California Business and Professions Code Section 22581
California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please send a detailed description of the specific content or information you wish to have removed; see How to Contact Us below. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
EUROPEAN DATA PROTECTION RIGHTS
If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
You can request access to, and rectification or erasure of, personal data;
If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format;
If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing;
You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and
For residents of France, you can send us specific instructions regarding the use of your data after your death.
To make such requests, contact us at the address at the bottom of this Policy. When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests.
RETENTION OF PERSONAL INFORMATION
We retain personal information for as long as necessary to provide the products and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
LOCATION OF PERSONAL INFORMATION
The personal information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. The storage location(s) are chosen to operate efficiently and improve performance. We take steps designed to ensure that the data we collect under this Policy is processed according to the provisions of this Policy and applicable law wherever the data is located.
Location of Processing European Personal Data. We transfer personal data from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protections, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
SECURITY OF PERSONAL INFORMATION
Safeguarding personal information is important to us. While no systems, applications, or websites are 100% secure, we take reasonable and appropriate steps to help protect personal information from unauthorized access, use, disclosure, alteration, and destruction.
To help us protect personal information, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.
We will update this Privacy when necessary to reflect changes in our products, how we use personal information, or the applicable law. When we post changes to the Policy, we will change the “Last Updated” date at the top of the Policy. If we make material changes to the Policy, we will provide notice or obtain consent regarding such changes as may be required by law.
HOW TO CONTACT US
If you have a privacy concern, complaint, or a question for PULSE Performance, please contact us at: [email protected]
We are committed to working with consumers to obtain a fair and rapid resolution of any complaints or disputes about privacy and the handling of your data. We will be happy to respond to your questions and comments.