Last updated: Oct 3rd, 2023
California consumers can find specific disclosures, including "Notice at Collection" details, farther down in this Policy.
PERSONAL DATA WE COLLECT
The personal data we collect depends on the way in which you interact with Riza, the choices you make (including your privacy settings), the Services and features you use, your location, and applicable law.
We collect information about you from different sources and in various ways when you use our Services, including information you provide directly, information collected automatically, information from third-party data sources, and data we infer or generate from other data.
Information You Provide Directly
We collect personal data you provide to us. For example:
Name and contact information. We collect your name, and contact details such as email address.
Emails and other communications. If you send us email messages or other communications, we collect and retain those communications.
Information We Collect Automatically
When you use our Services, we collect some information automatically. For example:
Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device's operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the "Cookies, Mobile IDs, and Similar Technologies" section below, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
Geolocation data. Depending on your settings, we may collect geolocation data when you use our Services.
Usage data. We automatically log your activity on our websites, apps and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website.
Information We Create or Generate
We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics ("inferences"). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.
Information We Obtain from Third-Party Sources
We may occasionally receive your personal information from third parties including:
Affiliates or partners. The types of information we collect from our third-party affiliates, marketing, and research partners may include contact information, demographic data, content, and employment affiliation. These third parties may enrich our data concerning you with additional personal information, based on personal information in our possession which we provided to them for this purpose.
Identity providers. If you integrate or link a third-party identity provider with our Services, we may receive personal information about you from that third party based on the permissions you established with such third-party service, and that third party's privacy practices. The types of information we collect from third-party identity providers may include contact information, demographic data, and content. We use this information to maintain and improve the accuracy of the records we hold about you, and to identify new users. We may combine this information with other information we collect about you through our Site and other Services.
COOKIES, MOBILE IDs, AND SIMILAR TECHNOLOGIES
What are cookies and similar technologies?
Cookies are small text files stored on your device at the request of a web server. A cookie can later be read when your browser or other software connects to a web server in the same domain that placed the cookie. The text in a cookie often contains a random string of numbers and letters that may uniquely identify your device and can encode other information as well. Receiving a cookie later allows a web server to recognize your device over time, each time it connects to that web server.
Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a web page or email. When your browser opens a web page or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content.
We, and our analytics and advertising partners, use these technologies in our websites, apps, and online services to collect personal data (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our Services, including personal data about your online activities over time and across different websites or online services. This data is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site or app, develop inferences, combat fraud, and fulfill other legitimate purposes. We and/or our partners also share the data we collect or infer with third parties for these purposes. For more information about the third-party analytics and advertising partners that collect personal information on our services, please see the "Our Disclosure of Personal Data" section of this Policy.
What controls are available?
There are a range of cookie and related controls available through browsers, mobile operating systems, and elsewhere. See the "Choice and Control of Personal Data" section below for details.
OUR USE OF PERSONAL DATA
Riza uses the personal data we collect for the purposes described in this Policy or as otherwise disclosed to you. For example, we use personal data for the following purposes:
Providing the Services. We process your personal information to provide, maintain, and improve the Riza Services.
Communicating with you about the Services. We may send you service and technical emails and other types of notifications (for example, product updates and improvements) as part of administering and providing the Riza Services. In most cases you cannot opt out of these communications but if an opt-out is available, the communication will provide instructions to opt out.
Providing necessary functionality. We process your personal information in order to provide you with the necessary functionality required during your use of the Riza Services.
To facilitate transactions. We process your personal information to complete transactions and send you related information to perform our agreement with you.
Handling contact and support requests. If you request support, or if you contact us by other means including via a phone call, we process your personal information to perform our agreement with you, or (if we have not entered into an agreement with you) to the extent it is necessary to fulfill your requests and communicate with you.
Administering Events. We process your personal information to plan and host events or webinars for which you have registered or that you attend, including sending related communications, billing, registration and connecting you with other event attendees.
Developing and improving our Site and other Services. We process your personal information to analyze trends and to track your usage of and interactions with our Site, the other Services, and our marketing activities to the extent it is necessary for us to develop, improve and troubleshoot, and to provide you with more relevant content and service offerings, or in reliance on your consent.
Sending marketing communications. We will process your personal information for marketing purposes in accordance with your stated preferences, such as to communicate with you via email, SMS, or telephone about services, features, surveys, newsletters, promotions or events we think may be of interest to you. Please see the "Choice and Control of Personal Data" section below, to learn how you can control the processing of your personal information for marketing purposes.
Promoting the security of our Services. We process your personal information to the extent necessary to promote the safety and security of our Services, to investigate and prevent fraudulent transactions, unauthorized access to the Services, and other unauthorized and/or illegal activities.
For our related business purposes. We process your personal information for data analysis, audits, fraud monitoring and prevention, developing new products and features, enhancing, improving or modifying our products and services, identifying usage trends and expanding our business activities.
Complying with legal obligations. We process your personal information when cooperating with government authorities in accordance with our legal obligations to the extent this requires the processing or disclosure of personal information to protect our rights or is necessary to protect against misuse of the Riza Services, to protect personal property or safety, to pursue remedies available to us and limit our damages, to comply with court or other legal orders, or to respond to lawful requests.
Reviewing compliance with applicable usage terms. We process your personal information to review compliance with our agreement with you or your organization.
Other purposes. We collect and process personal information about you, as necessary to provide the Riza Services, operate the Site and our business, meet our contractual and legal obligations, protect the security of our systems and our users, or fulfill other interests as described in this Policy and in our notices to you. We will process your personal information for other purposes about which we notify you in advance, or for which we receive your consent to the extent such consent is required by applicable law.
OUR DISCLOSURE OF PERSONAL DATA
We disclose personal data with your consent or as we determine necessary to complete your transactions or provide the services you have requested or authorized. In addition, we disclose each of the categories of personal data described above, to the types of third parties described below, for the following business purposes:
Providing the services. We provide personal data to third-party service providers working on our behalf for the purposes described in this Policy. For example, companies we've hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. We may enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access helps us to provide our services and operate our business.
Financial services & payment processing. When you provide payment data, for example to make a purchase, we will disclose payment and transactional data to banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services.
Processing corporate transactions. We may disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
Fulfilling legal obligations. We will access, disclose, and preserve personal data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
Maintaining security and protecting rights. We will disclose personal data if we believe it is necessary to:
protect our users and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or
protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.
Third party analytics and advertising companies also collect personal data through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as described in the "Cookies" section of this Policy. For example, we use Plausible Analytics on our website to help us understand how users interact with our website; you can learn how Plausible collects and uses information at https://plausible.io/data-policy.
Some of the data disclosures to these third parties may be considered a "sale" or "sharing" of personal information as defined under the laws of California and other U.S. states. Please see the "Choice and Control of Personal Data" and "California Privacy Rights" sections below for more details.
Please note that some of our services also include integrations, references, or links to services provided by third parties whose privacy practices may differ from ours. If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.
Finally, we may disclose de-identified information in accordance with applicable law.
CHOICE AND CONTROL OF PERSONAL DATA
We provide a variety of ways for you to control the personal data we hold about you, including choices about how we use that data. In some jurisdictions, these controls and choices may be enforceable as rights under applicable law.
Access, Portability, Correction, and Deletion
If you wish to access, correct, or delete personal data about you that we hold, you may access your account by logging into the Dashboard.
We would like to keep in contact with you in ways that you find helpful. If you do not want us to use your contact information to communicate with you for promotional purposes, please tell us that when you provide your contact information. You can also let us know your preference later by following the instructions in various communications that we may send you. Keep in mind that if you opt out of receiving promotional communications, we may still send you transactional communications (for example, non-promotional emails such as technical or security notices). The preceding rights may depend on your location and your jurisdiction. We will respond to your requests within the appropriate time frames required by applicable law.
Browser or Platform Controls
Cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect the functionality of the Riza Services you use. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
Global Privacy Control. Some browsers and browser extensions support the "Global Privacy Control" (GPC) or similar controls that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales and/or targeted advertising, as specified by applicable law. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting or similar control that is recognized by regulation or otherwise widely acknowledged as a valid opt-out preference signal.
Do Not Track. Some browsers include a "Do Not Track" (DNT) setting that can send a signal to the websites you visit indicating you do not wish to be tracked. Unlike the GPC described above, there is not a common understanding of how to interpret the DNT signal; therefore, our websites do not respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the GPC, cookie controls, and advertising controls described above.
Mobile advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the advertising IDs.
Email Web Beacon Controls
Most email clients have settings that allow you to prevent the automatic downloading of images, including web beacons, which prevents automatic connections to the web servers hosting those beacons.
Except for the automated controls described above, if you send us a request to exercise your rights or these choices, to the extent permitted by applicable law, we may decline requests in certain cases. For example, we may decline requests where granting the request would be prohibited by law, could adversely affect the privacy or other rights of another person, would reveal a trade secret or other confidential information, or would interfere with a legal or business obligation that requires retention or use of the data. Further, we may decline a request where we are unable to authenticate you as the person to whom the data relates, the request is unreasonable or excessive, or where otherwise permitted by applicable law. If you receive a response from us informing you that we have declined your request, in whole or in part, you may appeal that decision by submitting your appeal using the contact method described at the bottom of this Policy.
European Data Protection Rights
If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
You can request access to, and rectification or erasure of, personal data;
If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format;
If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing;
You can object to, or obtain a restriction of, the processing of personal data under certain circumstances; and
For residents of France, you can send us specific instructions regarding the use of your data after your death.
To make such requests, please use the contact information at the bottom of this Policy. When we are processing data on behalf of another party that is the "data controller," you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our users, or fulfill other legitimate interests.
California Consumer Privacy Rights
If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act ("CCPA"), you have certain rights with respect to that information.
NOTICE AT COLLECTION. At or before the time of collection, you have a right to receive notice of our practices, including the categories of personal information and sensitive personal information to be collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained. You can find those details in this Policy.
RIGHT TO KNOW. You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such information. Note that we have provided much of this information in this Policy. You may make such a "request to know" your personal information (subject to our verification of your identity and a number of exceptions) by contacting us at firstname.lastname@example.org.
RIGHT TO REQUEST CORRECTION OR DELETION. You also have the right to request that we correct inaccurate personal information and to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to correct or delete, contact us at email@example.com.
RIGHT TO LIMIT USE AND DISCLOSURE OF SENSITIVE PERSONAL INFORMATION. You have a right to limit our use of sensitive personal information for any purposes other than to provide the services or goods you request or as otherwise permitted by law. Note that we do not use sensitive personal information for any such additional purposes.
RIGHT TO OPT-OUT / "DO NOT SELL OR SHARE MY PERSONAL INFORMATION." You may also have the right to opt out from future "sales" or "sharing" of your personal information as those terms are defined by the CCPA.
Note that the CCPA defines "sell," "share," and "personal information" very broadly, and some of our data sharing described in this Policy may be considered a "sale" or "sharing" under those definitions. In particular, we let advertising and analytics providers collect identifiers (IP addresses, cookie IDs, and mobile IDs), activity data (browsing, clicks, app usage), device data, and geolocation data through our sites and apps when you use our online services, but do not "sell" or "share" any other types of personal information. If you do not wish for us or our partners to "sell" or "share" personal information relating to your visits to our sites for advertising purposes, you can make your request by updating your cookie preferences, using a Global Privacy Control, emailing us using the contact information at the bottom of this Policy, or using other controls described in the "Choice and Control of Personal Data" section of this Policy. If you opt-out using these choices, we will not share or make available such personal information in ways that are considered a "sale" or "sharing" under the CCPA. However, we will continue to make available to our partners (acting as our service providers) some personal information to help us perform advertising-related functions. Further, using these choices will not opt you out of the use of previously "sold" or "shared" personal information or stop all interest-based advertising.
We do not knowingly sell or share the personal information of minors under 16 years of age.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
Further, to provide, correct, or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to confirm account information necessary to verify your account.
Finally, you have a right to not be discriminated against for exercising these rights set out in the CCPA.
Additionally, under California Civil Code section 1798.83, also known as the "Shine the Light" law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes ("California users") may request information about whether the business has disclosed personal information to any third parties for the third parties' direct marketing purposes.
We comply with this law by offering our users a choice about the disclosure of personal information to third parties for their direct marketing purposes, and you can make or change such choice by updating your cookie preferences, using a Global Privacy Control, emailing us using the contact information at the bottom of this Policy, or using other controls described in the "Choice and Control of Personal Data" section of this Policy.
RETENTION OF PERSONAL DATA
We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
LOCATION OF PERSONAL DATA
The personal data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers process data. Currently, we primarily use data centers in the United States. The storage location(s) are chosen to operate efficiently and improve performance. We take steps with the intent of processing and protecting as described in this Policy wherever the data are located.
SECURITY OF PERSONAL DATA
We take reasonable and appropriate steps to help protect personal data from unauthorized access, use, disclosure, alteration, and destruction. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.
CHANGES TO THIS POLICY
This Policy may be revised from time to time when necessary to reflect changes in our services, how we use personal data, or applicable law. If this Policy changes, the revised policy will include a new effective date, and we will notify you of such changes by posting the revised policy on this page. Please be sure to check the Policy whenever you submit personal information or use our website. If we make any material changes to this Policy, we will provide you with additional notice or obtain consent to the extent required by applicable law.
If you have any questions, complaints, or concerns about how your information is handled, please email us at firstname.lastname@example.org. You can also contact us at our physical address which is 9450 SW Gemini Dr, PMB 93521, Beaverton, Oregon 97008-7105.