Campus.com Privacy Policy

Last Modified as of January 3, 2023

1. Introduction.

Jenzabar, Inc. (“Campus.com”, “we”, or “us”) is committed to maintaining strong and meaningful protections for our users. This Privacy Policy (the “Policy”) applies to information collected by Campus.com including through your use of the Campus.com website available at www.campus.com and any subdomains thereof, (the “Website”), and the services, features, and information available via the Website we may offer now and in the future, including without limitation expert reviews that aggregate and curate training or forms of training (together with the Website, along with associated and successor websites, applications, features, information, and services, or any part thereof, the “Services”). This Policy describes the types of personal information we may collect or receive in connection with these Services and our practices for collecting, using, maintaining, protecting, and disclosing that personal information. Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. This Policy is incorporated into, and part of, and governed by the Campus.com Terms of Use . By using the Services and submitting such information on it, you hereby accept this Policy and you voluntarily consent to the collection, use, and processing of your information as described herein.

As used in this Policy: “you” and “your” mean a user of the Services and “personal information” is information that identifies you or can be used to identify or contact you. Personal information amounts to ‘personal data’ for the purposes of and as defined in the European Data Protection Laws (as defined below) (to the extent applicable). All references to personal information shall be deemed to include ‘personal data’ as defined and used in the European Data Protection Laws (to the extent applicable).
We process your personal information only when we have an appropriate basis. For example, we may process your personal information as necessary to provide Services that are subject to terms you have accepted, such as the Campus.com Terms of Use, when necessary to comply with legal obligations, pursuant to your consent, or for purposes of pursuing our legitimate interests (such as providing and improving our Services, fixing bugs, performing analysis and analytics, communicating with you, preventing fraud, enforcing legal claims, and security purposes) if doing so is consistent with your rights and appropriate to the context.

As used in this Policy (a) “GDPR” means the General Data Protection Regulation (EU) 2016/679; (b) “UK Data Protection Laws” means the UK GDPR and the UK’s Data Protection Act 2018 (“UK DPA 2018”); (c) “UK GDPR” means the UK equivalent of the GDPR, as defined in section 3(10) (and as supplemented by section 205(4)) of the UK DPA 2018; and (d) “European Data Protection Laws” means the GDPR and/or UK Data Protection Laws, in each case to the extent applicable.

You should carefully read this Policy. To the extent that the Services are available to individuals located in the European Economic Area or the United Kingdom, this Policy sets out our practices and obligations under the European Data Protection Laws, to the extent applicable. To the extent we process your personal information for any other lawful business purpose of ours, under the European Data Protection Laws, to the extent applicable, we will act as a controller of such personal information and this Policy will apply to the processing of such personal information.

As used in this Policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization Campus.com or among our affiliates within the United States or internationally.

2. INFORMATION WE COLLECT ABOUT YOU.

When you use or access the Services, we may collect personal information that you submit to us, such as name, username, password, e-mail address, phone number, mailing address, and state and country of residence. In addition, we may also collect from you your preferences, areas of interest, desired skills, and any information you submit on forms on our website (including in connection with requesting support) or information you submit when you complete surveys.

You may be required to establish an account in order to take advantage of certain features of the Services. If so, if you wish to establish an account you will be required to provide us with information (including personal information) such as name, username, password, and e-mail address.

We may collect information at live events, such as when we collect your contact information at a trade-show event or our annual convention. We may also collect information related to our Services that you send through our listserv or comments or other information we receive when you interact with our social media accounts, such as Twitter, Vimeo, and Facebook.

When you use the Services, we may automatically collect information, such as the following:

Your device type, manufacturer, operating system name, and operating system version.
Your mobile device identifier (such as Android UDID and iOS UUID).
The Internet protocol (IP) address your device uses to access the Internet.
Other information, such as usage analytics data.

We may use the following automated technology to collect information in connection with the Services:

Browser and Device Information: Certain information is collected by most browsers or automatically through your device, such as your device type, operating system name and version, device manufacturer and model, Internet browser type and version and the name and version of the online services (such as apps) you are using. We use this information to ensure that the Services function properly.
Cookies: Cookies are pieces of information stored directly on the computer or mobile device that you are using. Cookies allow us to collect information such as browser type, time spent on the online services, pages visited, referring URL, and other website traffic data. We may use cookies for purposes including enabling you to log in, and stay logged in, to the Services. Refer to the Choices section of this Policy for information on how you may be able to reject or disable cookies.

For the avoidance of doubt, the Services use third-party service platforms (including to help analyze how users use the Services). These third-party service platforms may place cookies on your computer or mobile device. If you would like to disable “third party” cookies, you may be able to turn them off by going to the third party’s website.

Here are links to the main third-party platforms we may use:

Google Analytics: Google Analytics uses cookies to help us analyze how visitors use the Services. The information generated by the cookies about your use of the Services includes your IP address, and will be transmitted to and stored by Google on its servers. Google will use this information for the purpose of evaluating your use of our websites, creating reports on website activity, and providing other services relating to Internet usage. Google may also pass this information onto third parties when required to do so by judicial or administrative process or otherwise to the extent required by law, or when such third parties process the information on Google’s behalf. If you so choose, you may be able to opt out by turning off cookies in the preferences settings in your browser, or by downloading and installing the Google Analytics Opt-Out Browser Add-On from http://tools.google.com/dlpage/gaoptout. For more information on Google Analytics, including how Google Analytics collects, uses, and discloses information, refer to the following page: https://policies.google.com/technologies/partner-sites.
IP Address: Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications, and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering our Services. We may also derive your country of location from your IP address to understand from what regions of the world our website visitors come. We may also combine information collected from cookies with information that you may provide, such as information provided in a form that you complete.

The Services may feature various community areas and other public forums such as a blog area (the “Public Areas”) where Services users with similar interests can share information and post comments. These Public Areas are open to the public and should not be considered private. We cannot prevent information included within a Public Area from being used in a manner inconsistent with this Policy, the law, or your personal privacy. We are not responsible for the results of such postings or for the accuracy of any information contained in those postings.

Any information you share in a Public Area (including personal information) is by design open to the public and is not private. You should think carefully before posting any information in any Public Area. What you post can be seen, disclosed to or collected by others and may be used by others in ways we cannot regulate or predict. As with any public forum on any website, the information you post may also show up in third-party search engines like Google, Yahoo, and Bing. If you mistakenly post personal information in a Public Area you can send us an e-mail to request that we remove it by contacting us at privacy@jenzabar.com. You should understand that in some cases, we may not be able to remove your information.

Any information shared in the Public Areas of the Services is available to the public, including to all users. Such information is not treated as confidential. If you wish to keep any information private or proprietary, do not submit it to the Public Areas of the Services. NOTWITHSTANDING THE FOREGOING, WE HAVE NO RESPONSIBILITY OR LIABILITY IF A USER’S INFORMATION OR IDENTITY IS MISUSED OR STOLEN, OR IF A USER SUFFERS HARM AS A RESULT OF VOLUNTARY DISCLOSURES.

3. HOW WE USE YOUR INFORMATION.

We may use personal information that we collect or receive about you for purposes including the following:

Providing you with the Services and responding to your requests.
Completing transactions and performing our contractual obligations.
Unless you opt out, to the extent permitted by applicable law, communicating with you and providing you with information that you request from us or which we feel may interest you, including newsletters, white papers, company updates, survey reports, invitations to events, and otherwise marketing our products and Services.
To create aggregated or deidentified data.
Conducting demos of our products and Services.
Understanding how you use our Services.
Improving our Services.
Calculating user levels and diagnosing server problems.
To debug, identify, or repair errors or effectuate similar functional enhancements in connection with our Services.
Determining your country of location.
Customizing our Services according to your individual interests and preferences.
Analyze and enhancing our marketing communications and strategies.
Storing information about your preferences and recognizing you when you use the Services.
Notifying you when updates to the Services are available and of changes to the Services.
For our internal business operations, such as operating our business, evaluating and improving the effectiveness of our operations, including our Services and marketing efforts, conducting research and analysis, developing new services, and performing other internal business operations, including as described elsewhere in this Policy.
Enforcing our policies, Terms of Use, or rights arising from contracts.
Protecting the rights, property, or safety of us, our affiliates, our employees, our users, and others
Complying with any court order, law, or legal process, and responding to lawful requests from public authorities, including to meet national security or law enforcement requirements.
Investigating or preventing unlawful activities or misuse of the Services, and/or complying with any court order, law, or legal process, including to respond to any government or regulatory request.
For such purposes as you may authorize or direct.

In particular, we would like you to be aware that we use algorithms to make recommendations to individual users and therefore we may use the personal information described in this Policy so that we can identify courses in which you may be interested, based on your preferences, areas of interest, desired skills, past courses, and information you submit on forms on our website or information you submit when you complete surveys. Under the European Data Protection Laws (to the extent applicable), this usage may be considered profiling. The European Data Protection Laws define “profiling” as “any form of automated processing of personal information consisting of the use of personal information to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements”. To the extent Campus.com’s processing constitutes profiling under the European Data Protection Laws (to the extent applicable), you have the right to specifically object to the processing of your personal information for the purpose of profiling in accordance with Section 5 below. However, certain profiling may be necessary to provide Services and, if you object to such profiling, certain aspects of the Services may not work properly or at all. To learn more, please reach out to privacy@jenzabar.com.

4. DISCLOSURE OF YOUR INFORMATION.

We may disclose aggregated, anonymized information about our users to third parties. In addition, when users use our Services, third parties (including without limitation third-party analytics service providers) may directly collect personal information about our users’ online activities over time and across different websites. The third parties to which we may provide or who may independently directly collect personal information may include analytics services providers and other similar parties. We may also disclose information (personal or otherwise) collected about you:

To our “Corporate Affiliates”, meaning any person or entity which directly or indirectly controls, is controlled by or is under common control with Campus.com, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise.
To our contractors, service providers, and other third parties we use to support our business (collectively, “Outside Contractors”); note that in the course of providing products or services to us, our Outside Contractors may have access to information collected through the Services, including your personal information. We use reasonable efforts to ensure that these Outside Contractors are capable of protecting the security of your personal information.
To professional advisors such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
To comply with any court order, law, or legal process, and respond to lawful requests from public authorities, including to meet national security or law enforcement requirements.
To enforce our policies, Terms of Use, or rights arising from any contracts entered into between you and us.
To investigate or prevent unlawful activities or misuse of the Services.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us or others.
To a buyer or other successor or investor or organization in the event of an actual or potential merger, divestiture, investment or financing transaction, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, including as part of bankruptcy, liquidation, or similar proceeding.
At your direction, we may share your personal information with businesses seeking to recruit individuals with certain skills.
With such other parties, or for such other purposes, as you may authorize or direct.

5. CHOICES AND ACCESS.

We strive to provide you with choices regarding your personal information. We have created the following mechanisms to provide you with control over your information:

Cookies. If you do not want information collected through the use of cookies, you may be able to adjust your browser or device settings to automatically decline cookies or be given the choice of declining or accepting the transfer to your device of a particular cookie (or cookies) from a particular site. If, however, you do not accept cookies, you may experience some reduced functionality associated with the Services.
Email. We include instructions in our marketing emails describing how you can opt out of future marketing or promotional emails.

Some Internet browsers have a “do-not-track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, and our Services are not set up to respond to do-not-track signals and we take no action in response to automated “do-not-track” requests. However, if you wish to exercise any legal rights you may have with respect to your information, please contact us with your request, using our contact details provided below.

Under certain circumstances and in compliance with the European Data Protection Laws, you may have the right to:

Request access to your personal information (commonly known as ‘subject access request’). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
Request erasure of your personal information. This enables you to ask us to delete or remove your personal information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your personal information in certain circumstances;
Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information, for example, if you want us to establish its accuracy or the reason for processing it;
Request the transfer of your personal information to another party; and
Lodge a complaint with the relevant supervisory authority (as defined in the European Data Protection Laws). If you have any complaints about the way we process your personal information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.

Please note that certain processing of your information may be necessary to provide Services and, if you object to such processing, request erasure of such information, or request the restriction of such processing, certain aspects of the Services may not work properly or at all.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party, please contact privacy@jenzabar.com.

Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personal information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personal information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

6. DATA SECURITY.

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include storing personal information you provide to us on secure cloud servers.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in the Public Areas (to the extent applicable).

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information collected, received, or transmitted in connection with our Services. We are not responsible for circumvention of any privacy settings or security measures we provide.

7. DATA RETENTION.

We store personal information for as long as we reasonably need it to fulfill the purposes for which it was collected. We will also retain your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

8. INTERNATIONAL DATA TRANSFERS.

Personal information collected on the Services may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the Services may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such information. By using the Services and submitting such information on it, you voluntarily consent to the trans-border transfer and hosting of such information. Without limitation of the foregoing, you hereby expressly grant consent to Campus.com to: (a) process and disclose such information in accordance with this Policy; (b) transfer such information throughout the world, including to the United States or other countries that do not ensure adequate protection for personal information (as determined by the European Commission or the UK Information Commissioner’s Office, as applicable, each, an “Inadequate Jurisdiction”) and/or countries that may not have laws of general applicability regulating the use and transfer of such information; and (c) disclose such information to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements. To the extent required by applicable law: whenever we transfer your personal data (as defined in the European Data Protection Laws) to third parties (as described in this Policy) located in an Inadequate Jurisdiction, we ensure a similar degree of protection is afforded to it; we may use specific contracts approved by the European Commission or the UK Information Commissioner’s Office, as applicable, which give personal data the same protection it has in the European Economic Area or the United Kingdom, as applicable, under the European Data Protection Laws; and if we rely on another basis to transfer your personal data to an Inadequate Jurisdiction, we will keep you updated or contact you if required. Please contact us if you want further information on the specific mechanisms used by us when transferring your personal data to an Inadequate Jurisdiction.

9. ADDITIONAL INFORMATION FOR RESIDENTS OF CALIFORNIA AND YOUR CALIFORNIA PRIVACY RIGHTS.

This Section 9 shall apply only to the extent that we are regulated as a business (as defined in the California Privacy Rights Act of 2020 (collectively with any regulations promulgated thereunder, the “CPRA”) under the CPRA. This Section 9 shall apply to you only if you are a California resident.

As used in this Section 9, “sell” (including any grammatically inflected forms thereof) means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, consumer information (as defined below) to a third party for monetary or other valuable consideration.

“Selling” does not include (i) disclosing consumer information to a third party at your direction, (ii) where you intentionally interact with one or more third parties, or (iii) transfers of your consumer information to a third party as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of Campus.com, provided that information is used or shared consistent with the CPRA.

As used in this Section 9, “share” (including any grammatically inflected forms thereof) means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, consumer information to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions with a third party for cross-context behavioral advertising for our benefit in which no money is exchanged.

“Sharing” does not include (i) disclosing consumer information to a third party at your direction, (ii) where you intentionally interact with one or more third parties, or (iii) transfers of your consumer information to a third party as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of Campus.com, provided that information is used or shared consistently with the CPRA.

9.1 Consumer Information Collected:

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with particular California residents or households (“consumer information”). Consumer information does not include deidentified or aggregated information, publicly available information or lawfully obtained, truthful information that is a matter of public concern, or any other information that is excepted from the definition of “personal information” under the CPRA, or any information that is otherwise not regulated by the CPRA. For purposes of this Section 9.1, “publicly available information” means information that is lawfully made available from federal, state, or local government records, or information that we have a reasonable basis to believe is lawfully made available to the general public by you or from widely distributed media, or information made available by a person to whom you have disclosed the information if you have not restricted the information to a specific audience.

For purposes hereof, “sensitive consumer information” means: (1) consumer information that reveals (A) your social security, driver’s license, state identification card, or passport number; (B) your account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (C) your precise geolocation; (D) your racial or ethnic origin, religious or philosophical beliefs, or union membership; (E) the contents of your mail, email, and text messages, unless we are the intended recipient of the communication; (F) your genetic data; and (2)(A) consumer information consisting of biometric information processed for the purpose of uniquely identifying you; (B) consumer information collected and analyzed concerning your health; or (C) consumer information collected and analyzed concerning your sex life or sexual orientation. We use or disclose your sensitive consumer information, provided that we only use or disclose your sensitive consumer information for the purposes specified in Section 7027(m) of the CPRA regulations, and we only collect or process sensitive consumer information without the purpose of inferring characteristics about you.

In particular, with respect to the Services, we have collected the following categories of consumer information from California residents or households within the last twelve (12) months and we may collect the following categories of consumer information from California residents or households:

Category	Consumer information collected	Purposes (including business or commercial purposes) for which we collect or use consumer information	Categories of third parties with whom we have shared consumer information and the business or commercial purpose for sharing such consumer information	Categories of third parties to whom we have sold consumer information and the business or commercial purpose for selling such consumer information	Categories of third parties to whom we have disclosed consumer information for a business purpose and the business or commercial purposes for disclosing consumer information	Categories of sources from which consumer information is collected
A. Identifiers.	Name, username, password, e-mail address, phone number, mailing address, state and country of residence, preferences, areas of interest, desired skills, past courses, and any information you submit on forms on our website or information you submit when you complete surveys. We may also collect information at live events, such as when we collect your contact information at a trade-show event or our annual convention. We may also collect information related to our Services that you send through our listserv or comments or other information we receive when you interact with our social media accounts, such as Twitter, Vimeo, and Facebook.	For the purposes set out in Section 3 of this Policy, titled HOW WE USE YOUR INFORMATION.	N/A	N/A	To the categories of third parties set out in Section 4 of this Policy, titled DISCLOSURE OF YOUR INFORMATION. And for the purposes described in column 3 of this table.	From the categories of sources set out in Section 2 of this Policy, titled INFORMATION WE COLLECT ABOUT YOU.
B. Personal information described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	Name, mailing address, and phone number.	For the purposes set out in Section 3 of this Policy, titled HOW WE USE YOUR INFORMATION.	N/A	N/A	To the categories of third parties set out in Section 4 of this Policy, titled DISCLOSURE OF YOUR INFORMATION. And for the purposes described in column 3 of this table.	From the categories of sources set out in Section 2 of this Policy, titled INFORMATION WE COLLECT ABOUT YOU.
C. Protected classification characteristics under California or federal law.	N/A	N/A	N/A	N/A	N/A	N/A
D. Commercial information.	N/A	N/A	N/A	N/A	N/A	N/A
E. Biometric information	N/A	N/A	N/A	N/A	N/A	N/A
F. Internet or other electronic network activity information.	Device type, manufacturer, operating system name, and operating system version; mobile device identifier (such as Android UDID and iOS UUID); IP address; country of location; and other information such as usage analytics data.	For the purposes set out in Section 3 of this Policy, titled HOW WE USE YOUR INFORMATION.	N/A	N/A	To the categories of third parties set out in Section 4 of this Policy, titled DISCLOSURE OF YOUR INFORMATION. And for the purposes described in column 3 of this table.	Automatically collected when you use the Services, as described in Section 2 of this Policy, titled INFORMATION WE COLLECT ABOUT YOU.
G. Geolocation data.	N/A	N/A	N/A	N/A	N/A	N/A
H. Audio, electronic, visual, thermal, olfactory, or similar information.	N/A	N/A	N/A	N/A	N/A	N/A
I. Professional or employment-related information.	N/A	N/A	N/A	N/A	N/A	N/A
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	N/A	N/A	N/A	N/A	N/A	N/A
K. Inferences drawn from other personal information.	Courses you may be interested in, as identified on the basis of preferences, areas of interest, desired skills, past courses, and any information you submit on forms on our website or information you submit when you complete surveys.	For the purposes set out in Section 3 of this Policy, titled HOW WE USE YOUR INFORMATION.	N/A	N/A	To the categories of third parties set out in Section 4 of this Policy, titled DISCLOSURE OF YOUR INFORMATION. And for the purposes described in column 3 of this table.	Generated by us on the basis of other information we have collected about you.

Sensitive Consumer Information Category	Consumer information collected	Purposes (including business or commercial purposes) for which we collect or use consumer information	Categories of third parties with whom we have shared consumer information and the business or commercial purpose for sharing such consumer information	Categories of third parties to whom we have sold consumer information and the business or commercial purpose for selling such consumer information	Categories of third parties to whom we have disclosed consumer information for a business purpose and the business or commercial purposes for disclosing consumer information	Categories of sources from which consumer information is collected
A. Government identifiers (social security, driver’s license, state identification card, or passport number)	N/A	N/A	N/A	N/A	N/A	N/A
B. Complete account access credentials (account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account)	Username and password.	To provide the Services to you.	N/A	N/A	To Outside Contractors and Corporate Affiliates as set out in Section 4 of this Policy, titled DISCLOSURE OF YOUR INFORMATION. And for the purposes described in column 3 of this table.	N/A
C. Precise geolocation	N/A	N/A	N/A	N/A	N/A	N/A
D. Racial or ethnic origin	N/A	N/A	N/A	N/A	N/A	N/A
E. Religious or philosophical beliefs	N/A	N/A	N/A	N/A	N/A	N/A
F. Union membership	N/A	N/A	N/A	N/A	N/A	N/A
G. Genetic data	N/A	N/A	N/A	N/A	N/A	N/A
H. Mail, email, or text messages contents not directed to us	N/A	N/A	N/A	N/A	N/A	N/A
I. Biometric information processed for the purpose of uniquely identifying you	N/A	N/A	N/A	N/A	N/A	N/A
J. Health information	N/A	N/A	N/A	N/A	N/A	N/A
K. Information concerning sex life or sexual orientation	N/A	N/A	N/A	N/A	N/A	N/A

9.2 Purposes for Collection of Consumer Information; Categories of Sources:

We collect consumer information for the business or commercial purposes described in the tables above and in the manner described in Sections 2 and 3 of this Policy with respect to personal information. Regarding the categories of sources from which consumer information is collected, we collect consumer information from the categories of sources described in the tables above and in the manner described in Section 2 of this Policy with respect to personal information.

9.3 Disclosures of Consumer Information for a Business or Commercial Purpose:

Campus.com may disclose your consumer information described in the tables above to a third party for a business or commercial purpose, as described in the tables above and in Sections 2 and 4 of this Policy with respect to personal information. In the preceding twelve (12) months, Campus.com has disclosed each of the categories of consumer information described in the tables above for a business or commercial purpose to the categories of third parties described in the tables above.

9.4 Sharing and Sales of Consumer Information:

In the preceding twelve (12) months, Campus.com has not shared or sold, nor does it or will it share or sell, consumer information.

9.5 California Residents’ Rights and Choices:

The CPRA provides California residents with specific rights regarding their consumer information. This Section 9.5 describes your CPRA rights (to the extent applicable to you) and explains how to exercise those rights.

9.5.1 Access to Specific Information and Data Portability Rights:

You may have the right to request that Campus.com disclose certain information to you about our collection and use of your consumer information over the past twelve (12) months or such other period required by the CPRA. Once we receive and confirm your verifiable consumer request (in the manner described in Section 9.6 below), to the extent required by the CPRA, we will disclose to you:

The categories of consumer information we collected about you.
The categories of sources for the consumer information we collected about you.
Our business or commercial purpose for collecting that consumer information.
The categories of third parties to whom we disclose that consumer information.
The specific pieces of consumer information we collected about you (also called a data portability request).
If we disclosed your consumer information for a business or commercial purpose, a list disclosing disclosures for a business or commercial purpose, identifying the categories of recipients to whom such consumer information was disclosed and the consumer information categories that each category of recipient obtained.

9.5.2 Deletion Request Rights:

You have the right to request that Campus.com delete any of your consumer information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm a verifiable request from you or your authorized agent (in each case if you are a California resident) in the manner described in Section 9.6 below (“verifiable consumer request”), we will delete (and notify our service providers and/or contractors to delete, unless this proves impossible or involves disproportionate effort) your consumer information from our records, unless an exception applies or retention of your consumer information is otherwise permitted by the CPRA. We may deny your deletion request if retaining the information is reasonably necessary for us or our service provider(s) and/or contractor(s) to:

Complete the transaction for which we collected the consumer information, provide a product or service that you requested, take actions reasonably anticipated by you within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
Help to ensure security and integrity to the extent the use of your consumer information is reasonably necessary and proportionate for those purposes.
Debug to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise that consumer’s free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the ability to complete the research, if you have provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us and compatible with the context in which you provided the information.
Comply with a legal obligation.

9.5.3 Correction Request Rights:

You have the right to request that we correct inaccurate consumer information about you that we maintain, taking into account the nature of the consumer information and the purposes of the processing of the consumer information. If we receive a verifiable consumer request from you to correct inaccurate consumer information, we will use commercially reasonable efforts to correct such inaccurate consumer information as directed by you, pursuant to Section 1798.130 of the CPRA and regulations adopted pursuant to the CPRA.

9.5.4 Correction Request Rights:

9.6 Exercising Access, Data Portability, Correction, and Deletion Rights:

9.6.1

To exercise the access, data portability, correction, and deletion rights described in Section 9.5 above, please submit a verifiable consumer request to us by either: (1) calling us at +1 (833) 470-1234 ; (2) visiting https://www.jenzabar.com/contact-us; or (3) contacting us in accordance with Section 13. Only you, or someone legally authorized to act on your behalf (such as an authorized agent), may make a verifiable consumer request related to your consumer information. Someone legally authorized to act on your behalf (such as an authorized agent) may make a verifiable consumer request on your behalf, provided that you have duly authorized that person or entity to make such a verifiable consumer request on your behalf and provided that that person or entity can provide verification of their authority to make such a request on your behalf where required. You may also make a verifiable consumer request on behalf of your minor child. You may make a verifiable consumer request for access or data portability no more than twice within a twelve (12) month period. The verifiable consumer request must: (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected consumer information or an authorized agent; and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with consumer information if we cannot verify your identity or authority to make the request and confirm the consumer information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use consumer information provided for the purposes of verification of a consumer request to verify the requestor’s identity or authority to make the request. In order to verify your request, we may require you to provide information such as your first and last name, email address, zip code, and any other information necessary for us to verify your request. To the extent applicable, if you have a password-protected account with us, we consider requests made through that account sufficiently verified when the request relates to the consumer information associated with that specific account.

9.6.2

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. If you have an account with us, we may deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will provide your consumer information to you via an encrypted email in a format that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. If your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either charge a reasonable fee, taking into account the administrative costs of providing the information or communication or taking the action requested, or refuse to act on the request and notify you of the reason for refusing the request.

9.7 Non-Discrimination:

We will not discriminate against you for exercising any of your CPRA rights, including, unless permitted by the CPRA, by:

Denying you goods or services;
Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
Providing you a different level or quality of goods or services;
Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services; or
Retaliating against an employee, applicant for employment, or independent contractor, as defined in subparagraph (A) of paragraph (2) of subdivision (m) of Section 1798.145 of the CPRA for exercising their rights under the CPRA.

9.8 Consumer Information Retention:

We will only retain your consumer information (including sensitive consumer information) for as long as necessary to fulfill the purposes for which we collected it or as otherwise permitted by applicable law. To determine the appropriate retention period for consumer information, we consider the amount, nature, and sensitivity of that consumer information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your consumer information and whether we can achieve those purposes through other means, and the applicable legal requirements.

9.9 Contact:

If you have any questions or concerns relating to this Policy our consumer information practices, please contact us in accordance with Section 13.

10 CHANGES TO OUR POLICY.

It is our practice to post any changes we make to our Policy on this page. The date this Policy was last revised is identified at the top of the page. We will not make changes that result in significant additional uses or disclosures of your personal information without allowing you to “opt in” to such changes. We may also make non-significant changes to this Policy that generally will not significantly affect our use of your personal information, for which your opt-in is not required. We encourage you to check this page periodically for any changes. If any non-significant changes to this Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the Services.

11 CHILDREN.

Our Services are not intended for children under the age of 13, and we do not knowingly collect personal information from children under the age of 13.

12 EXTERNAL WEBSITES AND SERVICES.

Some hyperlinks and banners contained in our Services may link to third-party websites or services. We do not operate these third-party websites or services and they are not subject to this Policy. For information on how your Personal Information will be collected, used, and disclosed, check the privacy policies of these third-party websites or services. This Policy applies solely to information collected by us through the Services.

13 CONTACT INFORMATION.

To ask questions or comment about this Policy and our privacy practices, contact us at privacy@jenzabar.com, by phone at+1.540.432.5200, or

Jenzabar, Inc.
181 South Liberty Street
Harrisonburg, VA 22801
Attention: Chief Compliance Officer

Additionally, EEA and UK residents may contact our data protection officer with any questions or concerns regarding how we process their personal information at: privacy@jenzabar.com.