Out of the Box Privacy Policy
Last updated: 07/02/2024
Out of the Box Technology, LLC (“Out of the Box,” “we,” “us,” or “our”) provides back-office services, including bookkeeping services, controller services, data migration services, product implementation services, and CFO services, (our “Services”). This Privacy Policy (“Privacy Policy”) provides information about our personal information processing practices in the context of marketing and selling our Services to prospective customers, providing our Services to our customers, and operating our business.
We collect, use, and disclose information for the purpose of marketing, selling, and providing services to businesses and other organizations in the United States, and not individuals. To the extent we process personal information about an individual (“you”), it is for the purpose of marketing and selling to the organization which employs you (or with which you are affiliated), or it is in connection with (a) providing our Services to the organization which has collected your data and (b) operating or improving our Services. As a provider of services to organizations we do not knowingly process data of individuals who are under sixteen years old.
If you visit one of our offices, please refer to the privacy notice that is provided to you when you check in.
If you have questions regarding our Privacy Policy or practices, or if you are a California or Virginia resident and wish to exercise any of the rights described below, please contact us at legal@outoftheboxtechnology.com.
INFORMATION FOR PROSPECTIVE CUSTOMERS
This section applies to you if you are a visitor to our website, if you have attended an Out of the Box-organized or Out of the Box-sponsored event (whether online or in person), if we have obtained your contact information in the context of our other marketing and sales activities (for example, via a referral, lead purchase, or marketing survey), or if you are in the process of purchasing our Services on behalf of your employer.
Information We Process
Categories of personal information we collected in the context of our sales and marketing efforts in the last twelve months and sources from which we obtain personal information are set forth in the table below:
Personal Information Category | Example | Source(s) |
Website visitor; Event attendee; Referral, lead purchase, or other marketing; Representative of prospective customer purchasing Services |
||
Identifiers |
|
|
Employment-related information |
|
|
Website visitor; Representative of prospective customer purchasing Services |
||
Identifiers |
|
|
Internet activity information |
|
|
Inferences from personal information |
|
|
Geolocation data |
|
|
Event attendee |
||
Other |
|
|
Representative of prospective customer purchasing Services |
||
Audio and visual information |
|
|
How We Use Your Information
We collect and process personal information for the business purposes of marketing and selling our Services. We process your personal information with the goal of entering into an agreement to provide our Services with your employer or organization with which you are affiliated. This includes, for example:
- Sending you marketing communications like emails or newsletters to (1) make you aware of, or provide you with information you have requested about, our Services or the services of our partners, (2) engage with you, and (3) analyze and improve our marketing efforts based on your engagement with our marketing communications, including analyzing whether you opened an email and how you interacted with it.
- Communicating with you during the sales process, including, for example, via email, SMS, call or videoconference. During the sales process, you may provide samples of your business’s financial data or access to repositories containing such financial data that we use to determine the appropriate Services to quote you.
- Creating, managing, and maintaining lead lists.
- Collecting information about your visits to our websites to (1) collect information about your organization’s needs and your position within your organization, (2) determine how to optimize our sales efforts with respect to your organization, (3) measure and improve the effectiveness of our website, and (4) measure the effectiveness of targeted marketing efforts. Please see “Operation of our corporate website” below for additional information.
- Analyzing our interactions with you to optimize our sales processes.
- Improving our sales and marketing processes, including training our sales personnel and updating strategies and initiatives.
- Conducting market research and product research and development.
- Conducting surveys for marketing or product research and development purposes, for example, to assess the needs of the industries that we serve.
- Managing event registrations and attendance, including communicating with you about the event.
Operation of Our Corporate Website
Cookies and tracking technologies. In accordance with applicable law, Out of the Box, our service providers, and other third party website services providers whose services we use on our corporate website use commonly-used tools to recognize your visit and track your interactions with our corporate website (including subpages) such as cookies, web beacons, pixels, local shared objects, local storage, and other tracking technologies (collectively, “Cookies”). We use this tracking data to operate our corporate website. For example, we use Cookies to personalize and improve your experience on our corporate website and to record your preferences. If you identify yourself on our corporate website, for example, by completing a web form, we match (using a service provider) your identifying information with a Cookie associated with you (but which does not identify you by name, email, or phone number) to analyze the effectiveness of our marketing efforts (such as measuring the results of marketing campaigns), communicate with you and provide you relevant information, and determine sales efforts to apply to your company. We also combine data about your visit to our corporate websites collected from Cookies with that of other website visitors to improve your and other website visitors’ experience. For example, we use Crazy Egg’s tool to create heat maps of our website, which includes the collection of anonymous data about visitors, and which enables us to analyze how visitors interact with our corporate website, including engagement with content and how and where visitors click and spend their time navigating through our corporate website. Third party website services providers, like Microsoft, may collect personal information from visitors to our websites for their own purposes. Microsoft collects information about our website visitors to provide us with certain analytics services and also uses that personal information to provide Microsoft Advertising. For more information about Microsoft’s privacy practices please refer to the Microsoft Privacy Statement.
We also use Google Analytics to analyze how visitors interact with our corporate website. When you visit one of our websites that has Google Analytics enabled, the URL of the webpage and your internet protocol address are sent to Google so that Google can provide us its analytics services. Google also reads Google Analytics Cookies that are placed on your browser when you visit our corporate website. Please refer to the Google Privacy & Terms for more information.
Social Media Features. Our corporate website uses social media features, like buttons that enable you to share content on our corporate website on social media platforms (“Social Media Features”). These Social Media Features may collect your internet protocol address and which page you are visiting within our corporate website, and may set a Cookie to enable the feature to function properly. Social Media Features are either hosted by a third party or hosted directly on our corporate website. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.
Links to other sites. Our corporate website includes links to other websites whose privacy practices may differ from those of Out of the Box. If you visit or submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.
Re-targeted advertising. Re-targeted advertising or behavioral advertising uses information about an individual’s web browsing behavior such as the webpages they have visited or the searches they have made. This information is then used to display more relevant ads. The information collected is linked to a cookie ID (alphanumeric number). The information used for targeted advertising either comes from Out of the Box or through third party website publishers. If you would like to opt out of re-targeted advertising from Out of the Box that occurs when visiting our third party advertising publishers, please visit the opt-out pages of Network Advertising Initiative, here, and the Digital Advertising Alliance, here, or if located in the European Union, click here. If you are located in California or Virginia, you may also opt-out of our corporate website placing targeting Cookies on your browser, by clicking the “Do not sell or share my personal information” link at the bottom of our corporate website. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.
How long we retain information for prospective customers
We retain your business contact information and related sales and marketing activity in our systems for purposes of maintaining a record of our relationships with customers and prospective customers, analyzing and improving our sales and marketing efforts and Services (including developing new Services based on feedback you may share with us in the course of our interactions with you in the sales and marketing context), complying with legal obligations, resolving disputes, enforcing our agreements, completing any outstanding transactions, and detecting and preventing fraud. We generally retain this information until the earlier of your request that we delete your information and our determination that we no longer need your information for the purpose of marketing and selling our services to your employer. We may retain your business email address indefinitely to keep a record of email marketing opt-out or deletion requests.
If you have not identified yourself on our website, the primary marketing tool that we use to monitor website and email marketing activity delete records of your visit or email engagement starting 90 days after your last activity in accordance with its retention policies.
Retention of internet activity information collected by third-party website services providers is determined by the applicable third party.
INFORMATION FOR CUSTOMERS
This section applies to you if you are affiliated with one of our customers and would like to understand how we process personal data in the context of providing our Services and operating our business.
Information We Process
In connection with providing our Services, we process Customer Data, Business Records Data, and Administrative Data. The sections below describe each of these data categories, purposes of processing, and retention period. The section titled “General Information” describes the categories of third parties to whom personal information is or may be disclosed.
Customer Data. Customer Data is data provided by our customers or at their direction for the provision of the Services, and excerpts and reports of such data prepared as part of the Services for customers.
Customer Data includes financial and business information of our customers that they provide or make available to us that enables us to provide our Services. We receive this information directly from our customers or when they authorize us to access third party data repositories (including customer vendors and data aggregating services). For example, we may import transaction data from a customer’s payment processing service, payroll service provider, bookkeeping software, or other service provider of customer via software integration (such as an application programming interface) or obtain transaction data via log-in information provided by the customer. We may develop ways to obtain transaction information from third party repositories that are more efficient than the initial method, and may update the ways of obtaining transaction data under a customer’s initial authorization.
This financial and business information may include personal information such as identifiers, names of individuals, relationships of individuals with our customers (like job title), and commercial information or employment-related information related to transactions between individuals and our customers (like invoice amounts or payroll amounts), as well as information related to entities (like names, transaction dates, and amounts). Customer Data provided in the context of certain of our services commonly includes the names of corporate officers and directors, ownership information, business contact information, and social security numbers of certain individuals for purposes of inclusion in the customer’s tax return or for completion of information returns. Customer Data provided in the context of our stock administration services may include employment status (active or terminated), personal contact information (personal email and address), and social security numbers (if provided by the individual equity holder).
Customer Data also includes financial information that we generate on behalf of our customers in the course of providing our Services, such as reports of financial information provided by our customers or at their direction, which may incorporate personal information. For example, we prepare financial statements on behalf of our bookkeeping customers, which contains data that we compute on our customers’ behalf. Depending on the customer’s form of business organization, the financial statements may include the names of individuals as line item names.
For customers who subscribe to more than one of our Services, one Service may obtain Customer Data from another Service to prevent duplicative requests for the same information. For longer term customers, we may use Customer Data from prior years’ Services for current Services.
IMPORTANT NOTE: Customers provide us access to third-party systems. Information practices of these third parties are governed by their privacy policies and data governance programs and are outside of Out of the Box’s control.
How we use Customer Data. We process Customer Data on behalf of our customers for purposes of providing Services to our customers, and maintaining and improving our Services. For example, we process Customer Data:
To provide, monitor, and improve our Services. We process Customer Data on behalf of our customers to provide, monitor, and improve our Services. For example:
- Our service delivery personnel review reconciliations of transaction data to prepare financial statements on behalf of our customers.
- We may create automated rules that increase efficiency in tasks such as categorizations based on learnings from Customer Data.
- We monitor a customer’s expenses to ensure appropriate pricing.
- We track changes in a customer’s business to monitor account health and identify opportunities for customer outreach, for example, if a customer has a financing event we may contact the customer regarding additional offerings.
- We test and analyze new features of our Services intended to improve their efficiency or to enable customer insights into their financial information. These activities may include processing of Customer Data.
- We make product development investments based on trends in customer behavior.
To Provide Customer Service and Technical Support. We may also process Customer Data in connection with customer support requests.
For Research, Including Publishing or Sharing Combined Information from Multiple Customers or Users, But Only in a Way that Would Not Allow the Customer or Any Other Person to be Identified. Only in a way that would not allow a customer or any other identifiable person to be identified, we may prepare and share information, such as benchmarking studies, about our customers with third parties, such as advertisers or partners, for research, academic, marketing and/or promotional purposes. We or our third party partners may publicly report the aggregated findings of the research or analysis, but only in a way that would not allow a customer or any other identifiable person to be identified. For example, we might analyze which vendors our customers most commonly use and disclose the results on our website. We might sample aggregate expense data from our customers to publish insights on our website.
How long we retain Customer Data. Except as discussed below in Business Records Data, we retain Customer Data relating to tax preparation for at least seven years from the due date (including extensions) of the related tax filing and we retain other Customer Data for the purposes of assisting former customers (upon request at current hourly rates) with post-termination questions related to our Services as they transition, for example, to a different service provider, complying with legal obligations, resolving disputes, enforcing our agreements, completing any outstanding transactions, and detecting and preventing fraud. We retain Customer Data until we receive a request to delete it, in which case, subject to any applicable legal requirements, we will take reasonable steps to remove or de-identify Customer Data in our systems that is not contained in Business Record Data. We retain Customer Data incorporated into our reconciliation rules in a manner that does not identify the customer indefinitely and in accordance with applicable law.
Business Record Data. In the course of providing our Services, our personnel communicate with representatives of our customers through a number of channels, including email, messaging applications, and conference calls (including video conference calls), all of which generate Business Record Data. Business Record Data includes customer instructions and authorizations that we rely on to provide our Services to our customers, as well as work papers and other information incidental to Service delivery, such as meeting scheduling information and follow up questions to customers (and information relating to our methodology that guides our processes and timing of gathering information from customers in order to provide our Services). Categories of personal information we collected in Business Record Data in the last twelve months and sources from which we obtain personal information are set forth in the table below:
Personal Information Category | Example | Source(s) |
Identifiers |
|
|
Employment-related information |
|
|
Audio and visual information |
|
|
Inferences from personal information |
|
|
How we use Business Record Data. We collect and process Business Record Data for our business purposes, which include, for example:
To Provide Our Services and Operate Our Business. We process Business Record Data to provide our Services and customer support to our customers and for our business purposes, including service delivery management, analysis and improvement, new product and process development, and record keeping.
Customer Service and Technical Support. We may offer various Internet chat services, for example, to speak with an Out of the Box support representative. A transcript of the chat session may be retained to resolve questions or issues related to our Services.
How long we retain Business Record Data. We retain Business Record Data for the purposes of maintaining documented customer instructions and approvals and a record of our relationships with customers, complying with legal obligations, resolving disputes, enforcing our agreements, completing any outstanding transactions, and detecting and preventing fraud. We retain this data for as long as we may have a legal reason to keep it, which is up to the end of the longest applicable statute of limitations period. We may delete this data earlier if we determine that it is not necessary to retain for the purposes mentioned above. Customer Data may also be included in emails, messages, or call recordings. To the extent Customer Data exists in our Business Record Data, it is incidental to our business purpose for retaining Business Record Data, and we process this Customer Data only for record keeping and legal purposes, and only in the context of our business relationships with our customers.
Administrative Data. Administrative Data includes information related to Service management (for example, user account credentials, billing information, etc.), information about the usage of our Services (for example, log data or metadata from service delivery communications and customer interactions, such as email senders and recipients, subject lines, dates of communication, and response times), and Usage Data. Usage Data is usage information that we automatically collect part of our Services, such as IP addresses, log files, unique device identifiers, pages viewed, browser type, any links you click on to leave or interact with our Services, and other usage information collected from Cookies.
Categories of personal information we collected in the last twelve months and sources from which we obtain personal information are set forth in the table below:
Personal Information Category | Example | Source(s) |
Identifiers |
|
|
Employment-related information |
|
|
Internet activity information |
|
|
Inferences from personal information |
|
|
How we use Administrative Data. We collect and process Administrative Data for our business purposes, which include, for example:
Account Registration. We may use your name, business address, business phone number, and business email address to register an account for you for certain Services we provide (for example, to create an account in our application) and to communicate important information to you. If you set up an account that may be accessed by people other than you, please note that they may see and have the ability to change or delete your personal information.
To Provide Our Services and Operate Our Business. We may use your information to operate our business, including providing our Services to your employer, providing support related to our Services, and protecting our Services, including to combat fraud and to protect your information. For example, we collect Usage Information for the purpose of facilitating the proper, efficient, and secure operation of our Services. For example, we may collect IP addresses to track and aggregate non-personal information, such as using IP addresses to monitor the regions from which users navigate to our Services to comply with US trade restrictions. We may also collect IP addresses from users when they log into the Services as part of our log-in and security features. We use Cookies to remember your preferences and navigation through our application to provide you an efficient experience with our application.
Customer Service and Technical Support. We may use your name, business address, business phone number, business email address, how you interact with our Services, and information about your computer configuration to resolve questions you may have about our Services and to follow up with you about your experience.
Communicate with You and Tell You About Other Services. We may use your business contact information to communicate with you about our Services and to give you offers for third party (for example, our Integration Partners) products and services that we think may be of use to you. Please see below under “General Information—Your Rights and Managing Your Privacy” for the choices you have regarding these communications.
To Improve Services and Develop New Services. We use Administrative Data to personalize or customize your experience and the Services, develop new features or services, and to improve the overall quality of Out of the Box’s Services. For example, we collect Usage Data to improve our application.
Feedback. We may use (a) any suggestions that you make to us and (b) information you volunteer in surveys you answer for us, and combine them with feedback and/or answers from other customers, in order to better understand our Services and how we may improve them. Answering any survey is optional.
Research, Including Publishing or Sharing Combined Information from Multiple Customers or Users, But Only in a Way that Would Not Allow the Customer or Any Other Person to be Identified. Only in a way that would not allow a customer or any other identifiable person to be identified, we may prepare and share information about our customers with third parties, such as advertisers or partners, for research, academic, marketing and/or promotional purposes. We or our third party partners may publicly report the aggregated findings of the research or analysis, but only in a way that would not allow a customer or any other identifiable person to be identified.
How long we retain Administrative Data. We will retain Administrative Data as long as necessary to serve you, to maintain a customer’s account for the entire period during which a customer subscribes to our Services, or as otherwise needed to operate our business. We retain and use Administrative Data as required by applicable law and our records and information management policies to comply with our legal obligations, resolve disputes, enforce our agreements, complete any outstanding transactions, and for the detection and prevention of fraud, as well as to improve our Services, develop new services, and for any other business use, including disclosure to third parties or publicly, provided that we will not publicly disclose information that identifies a customer by name or its employees without the customer’s consent, unless otherwise required by law. We retain Administrative Data until we determine that we no longer need it for the purposes described above. We may retain different types of Administrative Data for different periods. Currently, we retain a record that a customer’s account existed (and related billing and customer relationship management information) and the individuals who are associated with the customer and who have access credentials and other Administrative Data indefinitely.
When you close your account, we may continue to communicate with you about our Services, give you important business updates that may affect you, and, unless you have opted out of receiving marketing communications, let you know about products and services that may interest you.
GENERAL INFORMATION
Call Recordings
As noted above, we record calls and video conferences both in the sales and service delivery context. Recordings contain identifiers of individual participants in the call, such as name, as well as audio and, if a participant has their camera on in a video conference, visual information. We use these recordings for training, note-taking, service delivery, process analysis and optimization, recordkeeping (for example, as Business Record information), and research and development. Recordings may be shared with Out of the Box employees, contractors, or vendors who need to access it for these business purposes. We store the recordings in our systems, including those of our vendors that we use to store and analyze the recordings. We retain recordings until the earlier of your request that we delete your information (subject to any limitations provided by applicable law) and our determination that we no longer need your information for the purpose for which we collected it.
How We Disclose Your Personal Information
In the course of providing our Services and operating our business, we disclose personal information outside of Out of the Box. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Service Providers. We provide or make available information (or service providers collect information on our behalf), to service providers who perform various functions to enable us to provide our Services and help us operate our business, including, for example, functions like website design, telephony and system administration, marketing (including website marketing tools), sales (including sales tools), customer support, data enrichment, email communications, communication management, fraud detection and prevention, customer care, data storage, or performing analytics. Our contracts with these third parties require them to maintain the confidentiality of the personal information we provide to them, only act on our behalf and under our instructions, and/or not use personal information we provide to them for purposes other than the product or service they’re providing to us or on our behalf or as otherwise permitted by applicable law. Use of our service providers’ services may generate data (for example, log data or aggregated usage data) that we do not input into these services and over which we have no control. These types of usage data are subject to the privacy policies of the applicable service provider.
Service Fulfillment Partners. We work with non-affiliated service providers which fulfill certain of our Services. These service providers generally contract directly with our customers. With customer consent (1) we disclose customer business contact information to these service fulfillment partners for customer relationship management purposes and (2) we also disclose, or make available with our access, Customer Data to these service fulfillment partners so that they can perform the necessary 3rd party services.
Integration Partners. As noted above, we may access Customer Data that we need to perform our Services through integrations with other vendors who provide back office or financial services (for example, payroll services providers). Accessing data via integrations increases the efficiency of our Services. We develop, or work with these integration partners to develop, these integrations. Out of the Box may let customers know about the service or product (by contacting an individual point of contact at a customer or providing reference materials to customers) of an integration partner, or an integration partner may let its customers know about a Out of the Box service or product. In some cases, we participate in partner programs with these integration partners and may receive incentives from the partner for providing referrals. It will be clear who is referring the service or product, and who is providing the service or product. If a customer (whether a Out of the Box or integration partner customer) chooses to accept an integration partner’s services, after providing consent to either the integration partner or to us, we may exchange information regarding a customer, including personal information about individuals representing the customer (for example, business contact information), as well as information about how the customer or its users interact with each company’s service or product. This exchange of information is necessary to maintain business operations and to provide ongoing service. By requesting or accepting these products or services, customers and their representatives are permitting us to provide information, including personal information, to the other party. These partners’ activities are subject to their privacy policies and data governance programs.
Promotional Partners. From time to time we present events or content with partners who provide other services of interest to our customers. We may share attendee information with these partners at an attendee’s direction. These partners may contact attendees based on these lists. These partners’ activities are subject to their privacy policies and data governance programs.
Third Party Website Services Providers. We use services of third parties that are not “service providers” (as defined in the California Consumer Privacy Act (CCPA)) on our website. These include ad networks and analytics and marketing services that we use for internet marketing and website analytics purposes.
Response to Subpoenas and Other Legal Requests. We may share information with courts, law enforcement agencies, or other government bodies when we have a good faith belief we’re required or permitted to do so by law, including to meet national security or law enforcement requirements, to protect our company, or to respond to a court order, subpoena, search warrant, or other law enforcement request. We may also share information with litigants in civil litigation in accordance with our customer agreements and as required by law.
Protection of Out of the Box and Others. We may share account information, personal information and Usage Data when we believe it is appropriate to enforce or apply our agreements; or protect the rights, property, or safety of Out of the Box, our Services, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. This does not include selling, renting, sharing, or otherwise disclosing personal information of our customers for commercial purposes in violation of the practices described in this Privacy Policy.
Affiliates. We may disclose the information you provide or that we collect to our affiliates for service delivery purposes.
Sale of Our Business. If we sell, merge, or transfer any part of our business, we may transfer to the acquirer information in our possession or control, including personal information.
Business Advisors. We may disclose information customers provide to us or that we collect or prepare to professional advisors who are subject to professional or contractual confidentiality requirements such as lawyers, bankers, auditors, brokers, and insurers.
With your Consent. Other than as set out above, we will provide you with notice and the opportunity to choose when your personal information may be shared with other third parties.
Per Customer Instructions. An authorized representative of a Out of the Box customer may from time to time instruct us to disclose information to a third party that includes personal information.
De-identified and Aggregated Data
Once de-identified or aggregated in a way that does not permit reidentification, data is not personal information and we may use it for any purpose and retain it for any period.
International Data Transfers
In accordance with and as permitted by applicable laws and regulations, we reserve the right to transfer your information, process and store it outside your country of residence to locations where we or our third party service providers operate. Our service fulfillment partners use personnel who are located outside of the United States. Information that we provide or make available, or that you provide directly, to our service fulfillment partners may, as permitted by law, be transferred outside the United States for purposes of Service fulfillment.
How to Contact Us
If you have questions or comments about this Privacy Policy, please contact us. We welcome your feedback and comments.
Via Email. If you have questions or complaints regarding our Privacy Policy or practices, please contact us by email at legal@outoftheboxtechnology.com
Via Direct Mail. Out of the Box Technology PO BOX 1720 Oregon City, OR 97045
Changes to our Privacy Policy
From time to time we may change or update our Privacy Policies. We reserve the right to make changes or updates at any time. More information about how we will notify you is below.
If we make material changes to the way we process your Personal Information, we will provide you notice via our Services or by other communication channels, such as by email or posting on this website. Please review any changes carefully. If you object to any of the changes and no longer wish to use our Services, you may provide a notice of non-renewal in accordance with your agreement with us. All changes are effective immediately upon posting and your use of our Services after a notice of material change or posting of an updated Privacy Policy shall constitute your consent to all changes.
Your Rights and Managing Your Privacy
Updates and Access. You can update information that you have provided to us (for example, in the context of account creation). Contact your account manager to make a request or email legal@outoftheboxtechnology.com. In addition, as required by applicable law (see for example, “California and Virginia Privacy Rights” below), you may contact us to confirm whether we maintain any of your personal information and to review it in order to verify its accuracy. Where you have determined that the personal information we collected about you is inaccurate, you may also request that your personal information be updated or corrected. Subject to applicable law, you may also request that we delete your personal information. Requests for access to your personal information and to have it corrected, amended, or deleted should be sent to legal@outoftheboxtechnology.com If you believe that one of our customers collects data about you that we are processing, please contact the customer directly.
IMPORTANT NOTE: If you believe that one of our customers processes personal information about you, please contact that customer entity directly.
Managing Marketing Communications From Us. We will honor your choices about receiving marketing communications from us. Please note that even if you choose not to receive marketing communications from us, we will continue to send you required Service or transactional communications.
Managing SMS Communications From Us. If you would like to stop receiving SMS communications from us in the sales context, please contact us per above or follow opt-out instructions in the SMS text message (such as replying or texting “STOP” if you receive an SMS from us). Please note that even if you choose not to receive SMS messages from us in the sales context, we may continue to use your phone number in the context of providing our Services to you or for security purposes.
Cookies and Other Tracking Technologies. You have control over some of the Cookies that we use on our corporate websites. Information on changing your browser settings to opt out of Cookies can be found in your browser settings. For the third party services and re-targeted advertising described in “Information for Prospective Customers—Types of information we collect—Operation of our corporate website” you can opt-out by following the instructions at the links provided. If you opt-out and later delete your Cookies, use a different browser, or buy a new computer, you may need to renew your opt-out choices.
Do Not Track. Like most other companies, our Services and corporate website are not currently configured to respond to browsers’ “Do Not Track” signals.
California and Virginia Privacy Rights
If the California Consumer Privacy Act (CCPA) or the Virginia Consumer Data Protection Act (VCDPA), applies to you (for example, if you are a “consumer” under the CCPA), you have the following rights with respect to personal information that we process in our capacity as a “business” under the CCPA (“controller” under the VCDPA), which includes personal information described in the following sections and subsections:
- “Information for Prospective Customers,”
- “Information for Customers”
- “Business Record Data” (other than any “Customer Data” contained in “Business Record Data”) and
- “Administrative Data” sections of “Information for Customers,”
- “General Information”
- “Call Recordings”
If you submit a verifiable consumer request, you have the right, subject to either the CCPA or VCDPA, if and as applicable:
- To receive disclosure of:
- The categories of personal information that we have collected about you;
- the categories of sources of the personal information we have collected about you;
- the business or commercial purpose for our collecting, selling or sharing of personal information about you;
- the categories of third parties to whom we disclose your personal information (please note that this Privacy Policy provides the information that we would provide upon verifiable request for this data category and the above three data categories);
- the categories of personal information that we have sold or shared;
- the categories of third parties to whom personal information was sold or shared;
- the categories of third parties to whom personal information was disclosed for a business purpose; and
- the specific pieces of personal information that we have collected about you (subject to applicable legal limitations);
- To request deletion of your personal information by us, subject to applicable legal limitations;
- To request correction of inaccurate personal information;
- To be free of discrimination on the basis of having exercised your rights under the CCPA or VCDPA.
In the last twelve months, we have “sold” or “shared” within the meaning of the CCPA the following categories of personal information to the following categories of third party:
Category of Personal Information | Category of Third Party to Whom Disclosed |
Identifier (cookie or internet protocol address) | Third party web services providers |
Internet activity information | Third party web services providers |
Geolocation data (to the extent that is determinable from your internet protocol address) | Third party web services providers |
For disclosures required by CCPA Section 1798.110(c) and Section 1798.115(c)(2), as well as additional information related to our data processing in our capacity as a “business” under the CCPA, please see the tables and sections set forth above in this Privacy Policy.
You have the right to opt out of “sales” or “sharing” within the meaning of the CCPA of your personal information if you are a California resident. You can opt out of our “selling” or “sharing” of your personal information if you are a California resident, or targeted advertising if you are a Virginia resident, by clicking the “Do Not Sell or Share My Personal Information” link at the bottom of our webpages. To our knowledge, we have not sold personal information of consumers (as defined in the CCPA) under 16 years of age.
If you have any questions about how we handle your information, the contents of this Policy, how to update your records or how to obtain a copy of the information that we hold about you or exercise your rights under the CCPA or VCDPA, please write to legal@outoftheboxtechnology.com. We will generally verify your identity using information in your inquiry and data in our possession. We may ask you for additional information to verify your request.