Approach to Privacy
Address Guard Inc. considers itself a processor of the information it collects, maintains and utilizes. Our responsibility is to ensure the security of the information in our care and to maintain the privacy of consumers through appropriate, responsible use.
Our information policies define how information may be used. These policies vary to meet the legal requirements and consumer expectations in the area in which the information product or service is being used. Our approach to privacy acknowledges there are changing needs and expectations and provides the flexibility so that Address Guard can implement new processes and policies to resolve information issues in this dynamic environment.
This policy sets out our responsibilities under The General Data Protection Regulation 2016 (‘GDPR’) and other applicable laws relating to the processing and security of personal information.
Accountability for Information Use
Address Guard is held accountable for its information use by consumer privacy expectations and by laws and industry codes established by government entities and industry organizations around the world. The security of your data is important to Address Guard Data.
Among the laws and industry self-regulatory codes which Address Guard complies in the United States are:
CAN-SPAM Act
Direct Marketing Association’s Ethical Business Practices
Consumer Privacy Rights
Disclaimer: These Consumer Privacy Rights notices are written with the purpose of satisfying consumer notice requirements imposed by applicable consumer privacy legislation and regulations. Certain terms and phrases used in these notices may have a specific legal definition provided by such legislation and regulations. References herein are provided for convenience. The precise meaning, construction and interpretation of such terms and phrases shall be determined by the text of the applicable legislation, regulations, or court rulings.
Address Guard may be in possession of data elements that may be classified as personal information or personal data of certain consumers and individuals. The applicability of consumer privacy legislation and regulations differs based on a number of factors, and may vary depending on the jurisdiction, the residence of the consumer, the particular nature of the data element, as well as, the specific carve-outs, preemptions, limits and exceptions provided by law.
Address Guard shall take commercially reasonable and legally required efforts to properly address consumer privacy inquiries it receives. Consumers should be aware that each inquiry shall be treated in accordance with the requirements of the applicable jurisdiction, the residence of the consumer, the particular nature and source of the data element, as well as, the specific carve-outs, preemptions, limits and exceptions provided by law. In addition, potential inquiries may be rejected due to suspicion of fraud and abuse, deficiencies in the consumer request that prevent proper verification or authentication, and technological limitations.
The following privacy notices summarize and address the consumer privacy and consumer data rights in several specific jurisdictions, including reference links and contact methods for exercise of certain rights.
California Privacy Rights Act Notice
I. CPRA Notice – Personal Information of California Residents
The California Privacy Rights Act (“CPRA”) takes effect on January 1, 2023. Under CPRA, a resident of California (“Consumer”) has certain rights related to their personal information. “Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include publicly available information or lawfully obtained, truthful information that is a matter of public concern. Publicly available information is information that is lawfully made available from federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media, or by the consumer; or information made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience. See further: CA CIV CODE 1798.140(v). Certain types of information or uses of information are specifically excluded from coverage under CPRA; for details please see CA CIV CODE 1798.145. Address Guard products and services rely on data collected from a range of third-party data providers, including both government and private sources, which may include a Consumer’s personal information. Such information is used in various data cleansing and enhancement products.
II. Consumer Rights Under CPRA
The consumer rights provisioned by CPRA are broadly known as the following:
Right to Delete
A California resident has the right to request that a business delete any personal information about the consumer which the business has collected from the consumer.
A business or service provider is not required to comply with a consumer’s request to delete the consumer’s personal information if it is reasonably necessary for the business or service provider to maintain the consumer’s personal information in order to:
Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity;
To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business;
Comply with a legal obligation;
Or a number of specific carve-outs, preemptions, limits and exceptions provided by law.
See further: CA CIV CODE 1798.105 1798.140
Right to Correct
A California resident has right to request a business that maintains inaccurate personal information about the consumer correct such inaccurate personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information.
A request for correction of personal information must be a “verifiable consumer request” as defined by CPRA. Further, in order for such a correction to be made, the request must contain sufficient information to allow for correction.
See further: CA CIV CODE 1798.106 1798.140
Right to Know
A California resident has the right to request that a business that collects, sells or shares a consumer’s personal information disclose to that consumer: (i) the categories and specific pieces of information the business has collected about that consumer, (ii) the categories of sources from which such information was collected, (iii )the categories of third parties with whom the business discloses, sells or shares personal information, (iv) and the business and commercial purpose for collecting, selling or sharing personal information. A consumer can exercise their right to know twice in a 12-month period. The request is also limited to the previous 12 months prior to the request.
A request for the right to know must be a “verifiable consumer request” as defined by CPRA.
See further: CA CIV CODE 1798.110, 1798.115, 1798.130, 1798.140
Right to Opt-Out of Sale of Personal Information
A California resident has the right, at any time, to direct a business that sells or shares personal information about the consumer to third parties not to sell the consumer’s personal information.
See further: CA CA CIV CODE 1798.120, 1798.135, 1798.140
Right Limit Use and Disclosure of Sensitive Personal Information
A California resident has the right to direct a business that collects “sensitive personal information” about the consumer to limit its use of the consumer’s “sensitive personal information” to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services.
See further: CA CIV CODE 1798.121, 1798.140
III. Consumer Requests
Under the CPRA, a resident of California may submit a verifiable consumer request to exercise their consumer rights. If you are a resident of California (as defined in CA CCR 17014) and would like to submit a verifiable consumer request to Address Guard, email Address Guard Support at [email protected]
In order to prevent improper or potentially fraudulent requests under CPRA, consumers are required to submit “verifiable consumer requests.” A business is not obligated to provide information to the consumer pursuant CPRA provisions on the Right to Know, to delete personal information pursuant provisions on the Right to Delete, or to correct inaccurate personal information pursuant to provisions on the Right to Correct if the business cannot verify that the consumer making the request is the consumer about whom the business has collected information or is a person authorized by the consumer.
A “verifiable consumer request” means a request that is made by:
a consumer,
by a consumer on behalf of the consumer’s minor child, by a natural person or a person registered with the Secretary of State, authorized by the consumer to act on the consumer’s behalf, or by a person who has power of attorney or is acting as a conservator for the consumer,
and
that the business can verify, using commercially reasonable methods.
Therefore, any submission should provide sufficient detail to facilitate these requirements.
See further: CA CIV CODE 1798.140(ak)
IV. Other Notices
The CCPA also provides that a business shall not discriminate against a consumer because the consumer exercised any of the consumer’s rights under the CCPA. See further: CA CIV CODE 1798.125. Pursuant to CA CIV CODE 1798.130, Address Guard discloses that products and services sold to customers may contain personal information of California consumers (as defined in CA CIV CODE 1798.140). Such products and services are typically used for address validation, identity verification, or for marketing and CRM (customer relationship management) purposes. For a list of categories of personal information click here.
Virginia Consumer Data Protection Act Notice
I. VCDPA Notice – Consumer Personal Data of Virginia Residents.
The Virginia Consumer Data Protection Act (“VCDPA”) takes effect on January 1, 2023. Under VCDPA, a resident of the Commonwealth of Virginia acting only in individual or household context (“Consumer”) has certain rights related to their personal data, and may invoke those consumer rights by submitting a request to a controller of personal data specifically covered by, and not exempted by, VCDPA.
“Controller” means the natural or legal person that, alone or jointly with others, determines the purpose and means of processing personal data.
“Personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person. “Personal data” does not include de-identified data or publicly available information.
“Publicly available information” means information that is lawfully made available through federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public through widely distributed media, by the consumer, or by a person to whom the consumer has disclosed the information, unless the consumer has restricted the information to a specific audience.
Certain information and data, as well as entities that possess, process or sell such information or data, is governed by a variety superseding legal authorities, and are exempted from coverage under VCDPA authority. For all applicable scope and exemptions consumers can refer to Va. Code Ann. § 59.1-572.
II. Consumer Personal Data Rights Under VCDPA
A consumer may invoke the consumer rights under VCDPA by submitting an authenticated consumer request to a controller specifying the consumer rights the consumer wishes to invoke.
Such consumer rights are:
Right to Access
Consumers have the right to confirm whether or not a controller (i.e., business) is processing the consumer’s personal data and to access such personal data.
Right to Correct Inaccuracies
Consumers have the right to “correct inaccuracies in their personal data,” based on the nature of the personal data and the purposes of processing it.
Right to Delete
Consumers have the right to delete personal data provided by or obtained about the consumer.
Right to Data Portability
Consumers have the right to obtain a copy of the consumer’s personal data that the consumer previously provided to the controller in a portable and readily usable format, if technically possible.
Right to Know and Opt-Out
Consumers have the right to confirm whether a controller is processing the consumer’s personal data. If consumers find that their personal data is being processed, they have the right to opt-out of the use of it for purposes of targeted advertising, the sale of personal data, and profiling in advancing decisions that produce legal or similarly significant effects concerning the consumer. See further: Va. Code Ann. § 59.1-573.
III. Consumer Requests
If you are resident of the Commonwealth of Virginia acting as an individual or on behalf of your household, and would like to submit an authenticated consumer request to Address Guard, email Address Guard Support at [email protected]
Submit a Verifiable Consumer Request
In order to prevent improper or potentially fraudulent requests under VCDPA, consumers are required to submit an “authenticated consumer request.” If a controller is unable to authenticate the request using commercially reasonable efforts, the controller shall not be required to comply with the request and may request that the consumer provide additional information reasonably necessary to authenticate the consumer and the consumer’s request. In addition, if the controller declines to take action regarding the consumer’s request, the consumer may appeal such decision within a reasonable period of time.
See further: Va. Code Ann. § 59.1-573.
IV. Other Notices
Pursuant to Va. Code Ann. § 59.1-574, Address Guard discloses that products and services sold to customers may contain personal data of Virginia consumers (as defined in CA CIV CODE 1798.140). Such products and services are typically used for address validation, identity verification, or for marketing and CRM (customer relationship management) purposes.
EU-U.S. Privacy Shield Framework
I. Adherence to Privacy Shield Principles
Address Guard is held accountable for its information use by consumer privacy expectations and by laws and industry codes established by government entities and industry organizations around the world. The security of your data is important to Address Guard Data.
II. Right to Access, Amend or Delete Personal Information (Your rights under GDPR)
Individual data subjects in the European Union have the right to know what personal data about them is stored in Address Guard databases and to ensure that such personal data is accurate and relevant for the purposes for which Address Guard collected it. Individual Customers may review their own personal data stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law and Address Guard policies. In making modifications to their personal data, individual data subjects must provide only truthful, complete, and accurate information. To request complete erasure of personal data, individual data subjects are required to submit a written request. Address Guard will endeavor to respond in a timely manner to all reasonable written requests to view, correct, amend, or delete all personal data of data subjects.
III. Inquiries and Dispute Resolution
In compliance with Privacy Shield Principles, Address Guard commits to resolve inquiries or complaints about the collection or use of personal data of identifiable data subjects. An individual data subject in the European Union with inquiries or complaints regarding personal data or this Privacy policy should contact Address Guard [email protected] is committed to addressing all Privacy Shield inquiries or complaints in a timely manner, and to refer unresolved complaints to JAMS Alternate Dispute Resolution, an alternate dispute resolution provider located in the United States. JAMS Alternative Dispute Resolution has been chosen by Address Guard as a third party dispute resolution provider. More information can be found at: https://www.jamsadr.com/eu-us-privacy-shield. If an inquiry or complaint has not been acknowledged or resolved by Address Guard in a reasonably timely manner, EU data subjects should contact the above third party provider for more information or to file a complaint. Such services are provided at no cost to the data subject. In addition, in certain and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
IV. United States Regulatory Agencies
The EU-U.S. Privacy Shield Framework is set forth by the US Department of Commerce. The United States Federal Trade Commission (FTC) has jurisdiction over Address Guard Corporation’s compliance with the Privacy Shield.
V. Third Parties and Onward Transfers
Address Guard may provide personal data to third parties that act as agents or subcontractors to perform tasks on behalf of and under specific instructions. Such third parties must agree to use personal data only for the purposes for which they have been engaged by Address Guard and must contractually agree, through European Commission model clauses and/or similar agreements, to comply with the Privacy Shield principles or another mechanism permitted by the applicable EU data protection law(s) for transfers and processing of personal data. Address Guard also may disclose personal data for other purposes or to other third parties when an individual data subject has consented to or requested such disclosure.
In addition, Address Guard may be required to disclose an individual data subject’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. As part of EU-US Privacy Shield Framework and its commitments under European Commission model clauses agreements, Address Guard retains its liability and responsibility for appropriate onward transfers of personal data to third parties.
VI.
Address Guard Corporation complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Address Guard Corporation has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
Opting Out of Email
Address Guard markets its own products and services by email. Every email sent from Address Guard will include appropriate unsubscribe instructions.
Cookie Policy
At Address Guard Corporation, we want to share with you how we collect and use your information when you visit our website or when you create an Address Guard account. This Cookie Policy explains how we use cookies and your consent regarding our cookies.
What are Cookies?
Cookies are small data files stored on your browser or device. They may be served by the entity that operates the website you are visiting (“first-party cookies”) or by other companies (“third-party cookies”). For example, we partner with third-party analytics providers, like Google, which set cookies when you visit our website. This helps us understand how you are using our Services so that we can improve them.
Pixels are small images on a web page or in an email. Pixels collect information about your browser or device and can set cookies to allow us to learn more about your interactions with email or web content.
Local storage allows data to be stored locally on your browser or device and includes HTML5 local storage and browser cache.
How We Use Cookies
We use cookies for several reasons – cookies help us see which pages are the most popular on our site, count visitors to a page, improve our users’ experience, see how effective our ads are being measured, and keeps our site secure. The cookies we use fall into one of the following categories:
Technical
These cookies are essential for our services to function properly. Like the other cookies we use, technical cookies may be either first-party cookies or third-party cookies.
Performance
We use these cookies to collect information about how you interact with our services and to help us improve them.
For example, we may use these cookies to determine if you have interacted with a certain page.
Analytics
We use these cookies to help us understand how to improve our services.
For example, we can use these cookies to learn more about which features are the most popular with our users and where we may need to make improvements.
Your Consent
By using this site, you agree to the terms of this Cookie Policy. Whenever you submit information via this site, you consent to the collection, use and disclosure of that information in accordance with this Cookie Policy.
You have a number of options to control or limit how we and our partners use cookies and similar technologies.
Although most browsers and devices accept cookies by default, their settings usually allow you to clear or decline cookies. If you disable cookies, however, some of the features of our services may not function properly.
Privacy Statement Consent
By using this site, you agree to the terms of this Privacy Statement. Whenever you submit information via this site, you consent to the collection, use and disclosure of that information in accordance with this Privacy Statement.
Coverage
This policy covers how the Address Guard Corporation (“Address Guard”) treats personal information that Address Guard collects and receives, including information related to customer past use of Address Guard products and services. Personal information is information about customers, potential customers, Address Guard website users, and others who may provide information that is personally identifiable, such as, name, address, email address, or phone number, and that is not otherwise publicly available. This policy does not apply to the practices of entities that Address Guard does not own or control or to people that Address Guard does not employ or manage.
Personally Identifiable Information Collection and General Use
Address Guard may gather information related to the use of its products and services, registration of a user account on the Address Guard website, or in the course of standard business practices. Personal identifiable information (“PII”) is collected from such parties only after obtaining consent, which is obtained when such parties are prompted for information when requesting product information, downloading a trial version of a product, registering a new user account, registering a product, purchasing a product or service, or contacting customer support. Address Guard may collect usage statistics to enable Address Guard to improve user experience and allocate internal resources. Purchasing Address Guard products or services requires a customer to provide certain personal information and enter into a License Agreement. Nothing herein is intended to modify the terms in such a License Agreement.
Information Sharing and Disclosure
Address Guard does not rent, sell, or share personal information that is provided to it under Section 2, except when Address Guard has obtained explicit permission, or under the following circumstances:
Responses to subpoenas; court orders; or legal process; or to establish or exercise Address Guard’s legal rights or defend against legal claims.
Personal information is transferred in the event the product or service is acquired in its entirety by another entity. Address Guard shall issue a notification before information is transferred and becomes subject to a different privacy policy.
Information Collected During Data Processing
Information transmitted by users to the Address Guard servers as part of data processing functions of its products or services is retained only to the limited extent necessary to complete the associated processing functions of the products or services.
User Account Information Use
Address Guard reserves the right to send certain communications relating to its products or services, such as service announcements, administrative messages, feedback requests that are considered part of routine technical support procedures.
Security
Address Guard takes appropriate steps to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, whether in transmission or storage. All personnel are trained on the appropriate use of PII and they are retrained yearly with advances in personal security and best practices.
Changes to this Privacy Policy
Address Guard may update this privacy policy as necessary and shall post notifications regarding such updates on its corporate website.