us

U.S. State Privacy Notice

I. Overview

This U.S. State Privacy Notice (“Privacy Notice”) explains how Connexity, Inc. (“Connexity”) collects, uses, and discloses your Personal Data.

This Privacy Notice explains how to exercise rights you may have under the California Consumer Privacy Act, the California Privacy Rights Act, the Colorado Privacy Act, the Connecticut Act Concerning Personal Data Privacy and Online Monitoring, the Nevada Senate Bill 220, and the Virginia Consumer Data Protection Act, and any similar state law when and if such law(s) have taken effect. We call these laws collectively the “U.S. State Privacy Laws.”

This Privacy Notice applies if you are a natural person who is a resident of a state covered by the U.S. State Privacy Laws (“Consumer” or “you”) who uses our services. This Privacy Notice supplements the information in our Privacy Policy at https://connexity.com/privacy-policy. However, this Privacy Notice is intended solely for, and is applicable only as to, Consumers. If you are not a Consumer, this does not apply to you and you should not rely on it. In this Privacy Notice,  “Personal Data” means information we collect from you or about you or your device, which may include personal information or personal data as defined by applicable U.S. State Privacy Laws.. Please note that Personal Data, as used in this Privacy Notice, is different from the term “Personal Data” mentioned in our Privacy Policy or the term Personally Identifiable Information (“PII”).

You should read this entire Privacy Notice, but here is a partial list of some of the key topics.

●        Click here to learn what categories of personal information we collect from Consumers.

●        Click here to learn about our disclosure and/or sales of personal information.

●        Click here to learn about our purposes for collecting and sharing personal information.

●        Click here to learn about your rights and choices with respect to your personal information and how to exercise those rights.

●        Click here to learn how to contact us for more information about our privacy practices.

●        Click here to learn more about the U.S. State Privacy Laws for Controllers/Third Parties (for businesses).

 

II. Personal Data we collect about Consumers

Depending on how you interact with us, we may collect the following categories of information summarized in the table below:

Our Personal Data Collection Practices
 

Category Examples
Identifiers unique personal identifier (cookie), Internet Protocol address
Commercial information records of purchases
Internet or other similar network activity. information about categories of consumer interests derived from online usage, and information on a consumer’s
interaction with a website, application, or advertisement.
Geolocation data Internet Protocol address.
Inferences drawn from any information above profile reflecting a consumer’s preferences, characteristics,
predispositions, or behavior.

In addition to the above, we collect Personal Data from job applicants, current or former employees, owners, directors, officers, and contractors (and emergency contacts for the foregoing), from CRM tools, and from business to business communications or transactions. The categories of Data may include those listed above as well as those listed in Cal. Civ. Code § 1798.80(e) and professional or employment-related information.

Furthermore, depending on how you interact with Connexity, it may involve the collection of the above categories of information by our parent company, Taboola. please see the state-specific notice of Regional Privacy Rights section in Taboola’s Privacy Policy at https://www.taboola.com/policies/privacy-policy#regional-privacy-rights for more information about how Taboola collects, uses, and discloses your personal information and how you may exercise rights that may be applicable to you.

 

III. Our Disclosure and/or Sale or Share of Personal Data

We will disclose the information collected from and about you as discussed above for various business purposes, with service providers, and with third parties including our customers. The chart below describes how and with whom we  disclose personal information, and whether (based on the CCPA’s definition of “sell” and “share”) we believe we have “sold” or “shared” a particular category of information in the prior 12 months.

Our Disclosure and/or “Sale” or “Share” of Personal Data
 

Category and Examples Categories of Third Parties
We Disclose To		 Whether We “Sold” or “Shared” This
Category of Personal
Information in the Last 12
Months
Identifiers, e.g., unique personal
identifier, Internet Protocol address.		 advertising networks,
marketing companies		 advertising networks,
marketing companies
Commercial information, e.g., records
of purchase order value.		 Marketing companies Marketing companies
IInternet or other similar network
activity, e.g., information about
categories of consumer interests
derived from online usage, and
information on a consumer’s
interaction with a website,
application, or advertisement.		 advertisers and advertising
networks		 advertisers and advertising
networks
Geolocation data, e.g., Internet
Protocol address.		 advertising networks,
advertisers		 advertising networks,
advertisers
Inferences drawn from any information above, e.g., profile
reflecting a consumer’s preferences,
characteristics, predispositions, or
behavior.		 advertising networks, advertisers advertising networks, advertisers

We also may disclose any of the Personal Data we collect as follows:

●        For Legal Purposes: We may disclose Personal Data with third parties in order to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our terms of service, our Privacy Policy, this Privacy Notice, or other contracts with you, including investigation of potential violations thereof; (c) exercising or defending legal claims, including responding to claims that any content violates the rights of third parties; and/or (d) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, spam/malware prevention, and similar purposes.

●         In Event of a Corporate Transaction: We may also share Personal Data in the event of a major corporate transaction, including for example a merger, investment, financing, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, or for purposes of due diligence connected with any such transaction.

●        Aggregate/De-Identified Information: We may aggregate and/or de-identify any Personal Data collected so that such information can no longer reasonably be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes.

We do not sell or share  Personal Data of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is at least 13 but not yet 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal information sales or sharing may opt-out of future sales or sharing at any time.

Please see “Right to Opt-out of the sale or sharing of your Personal Data” within Section V below for information about your rights to opt-out of sales or sharing under the U.S. State Privacy Laws.

 

IV. Our Purposes for Collecting and Disclosing Personal Data

Generally speaking, we collect and disclose the personal information that we collect for the following purposes:

●        Processing payments between publishers and advertisers.

●        Developing new products and improving our services.

●        Providing analytics regarding the effectiveness of online ad campaigns, including by reporting on the number of ads viewed and actually clicked (or swiped) on, and if the consumer purchased any items from the advertiser.

●        Auditing.

●        Detecting security incidents and protecting against malicious or fraudulent activity (and, if necessary, prosecuting those responsible).

●        Quality control and debugging.

●        Short-term and transient use.

●        Internal research.

●        Supporting employment, infrastructure, and human resource management (e.g., processing employment applications, providing benefits to employees and dependents, managing compensation, operating facilities and infrastructure).

●        Conducting business to business relationships.

●        Fulfilling or meeting the reason you provided the information.

●        Complying with our legal obligations.

For information about what Personal Data our parent company, Taboola, collects when you interact with Connexity, and discloses, please see the state-specific notice of Regional Privacy Rights section in Taboola’s Privacy Policy at https://www.taboola.com/policies/privacy-policy#regional-privacy-rights, including how you may exercise rights that may be applicable to you.

 

 

V. Your Rights and Choices

The U.S. State Privacy Laws provide Consumers with specific rights regarding their Personal Data. This section describes your U.S. State Privacy Laws rights and explains how to exercise those rights. You have the right not to receive discriminatory treatment by us for the exercise of such rights.

Right to Opt-out of the sale or sharing of your Personal Data: Consumers may opt out of the “sale” or “sharing” of their Personal Data. If you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize Personal Data sales or sharing. You may “opt out” of our “sale” or “sharing” of your Personal Data by clicking here or by e-mailing us at dataprotection@connexity.com.

Access to Specific Information and Data Portability Rights: You have the right to request that we disclose certain information to you about our collection, use, disclosure, and sale of your Personal Data over the past 12 months. Once we receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability, Deletion, and Correction Rights” below), we will disclose to you the specific pieces of Personal Data that we have collected from you. However, we may withhold some Personal Data where the risk to you or our business is too great to disclose the information, or where we cannot verify your identity in relation to such Personal Data. Thus, for security purposes (and as required under U.S State Privacy Laws), we will verify your identity – in part by requesting certain information from you — when you request to exercise certain of your U.S. State Privacy Laws privacy rights.

Deletion Request Rights: You have the right to request that we delete any of your Personal Data that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability, and Deletion Rights” below), and provided we have Personal Data about you, we will delete (and direct our service providers to delete) your personal information from our records unless an exception applies.

Right to Correct Inaccurate Personal Data: You have the right to request that we correct inaccurate Personal Data that we maintain about you, taking into account the nature of the Personal Data and the purpose of the processing of the Personal Data. Once we receive your verifiable consumer request (see “Exercising Access, Data Portability, Deletion, and Correction Rights” below), we will use commercially reasonable efforts to correct the inaccurate Personal Data, if any, as directed by you.

Exercising Access, Data Portability, Deletion, and Correction Rights:

●        How to submit requests:
To exercise the access, data portability, deletion, and correction rights described above, please submit a verifiable consumer request to us by visiting connexity.com or via e-mail at dataprotection@connexity.com.

●        Who may submit requests:
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may designate an authorized agent to make a request on your behalf by verifying your own identity with us and providing a copy of written authorization for the agent to act on your behalf or other validation method used by us to confirm that an agent has been authorized to act on behalf of a consumer.

●        How often you can submit requests:
You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

●        How we verify and respond to requests:
Your request must be verifiable. That means that you, or your authorized agent, must provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Data or an authorized representative of that person. We may verify your request:

o   If you have a password protected account with us, we may verify your request using our existing authentication practices for that account.

o   For requests to know or have personal information deleted, by requiring you to provide us at least two data points, depending on the type of Personal Data in question.

Your verifiable consumer request must also describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you.
We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

●        Response Timing and Format:
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

VI. Non-Discrimination

We will not discriminate against you for exercising any of your U.S. State Privacy Laws rights. You have a right not to receive discriminatory treatment by us for exercising your privacy rights.

 

VII. Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the contact information set forth below in Section VIII.

 

VIII. Who to contact for more information

For questions or concerns about our privacy practices, you can contact us at the method set forth below.

Phone: 310-571-1235
Website: https://connexity.com/contact
Email: dataprotection@connexity.com
Postal Address:
Connexity, Inc.
Attn: Legal Dept.
2120 Colorado Ave, Suite 400
Santa Monica, CA 90404