01 At a glance
- We sell digital products and memberships. We are a "business" under the CCPA/CPRA and a "controller" under the GDPR/UK GDPR.
- We collect contact, billing, transaction, device, and usage data in order to deliver the products you buy, run our site, prevent fraud, comply with law, and improve the service.
- We do not sell your personal information for money. If we ever enable advertising pixels (e.g., Meta or Google) that constitute "sharing" or "selling" under the CCPA/CPRA, you can opt out at any time on our Do Not Sell or Share My Personal Information page, and we will honor Global Privacy Control (GPC) signals as a valid opt-out.
- You have rights. You can request access, deletion, correction, portability, and other rights described below. EU/UK/CA/other state residents have additional specific rights.
- You can reach us at hello@businessautomator.com.
02 Who we are & scope
The data controller (GDPR/UK GDPR) and business (CCPA/CPRA) responsible for your personal information is:
This Policy covers personal information processed in connection with (a) the Business Automator website and any subdomains, (b) all current and future Products, (c) our marketing emails and broadcasts, and (d) our customer support and account interactions (collectively, the "Service"). It does not apply to third-party websites, apps, or services linked from the Service — those are governed by the third party's own privacy policy.
03 Personal information we collect
We collect the following categories of personal information. The CCPA category codes (A through K, plus "sensitive PI") are listed for California-resident transparency under Cal. Civ. Code § 1798.140.
| Category | Examples | Source | Retained for |
|---|---|---|---|
| A. Identifiers | name, email address, postal address, IP address, browser session ID, Stripe customer ID, Supabase customer ID, account credentials (hashed) | You; automated when you use the site; Stripe; Supabase | As long as you have an active account or entitlement, plus retention periods in §11 |
| B. Customer records (Cal. Civ. Code § 1798.80(e)) | billing address, payment card brand and last‑4 digits, billing email (full card numbers are processed by Stripe and never stored on our servers) | You at checkout; Stripe | 7 years (tax/audit) |
| D. Commercial information | Products purchased, order bumps, upsells, subscription tier, refunds, chargebacks, cancellation history, entitlements | You; Stripe | 7 years (tax/audit) |
| F. Internet / network activity | pages visited, referring URL, UTM parameters, clicks on CTAs, time on page, scroll depth, device and browser identifiers, error logs, approximate session duration | Automated when you use the site; cookies/SDKs | Up to 26 months for analytics |
| G. Geolocation (approximate, IP‑derived) | country, region, city — never precise GPS coordinates | Automated from IP address; Vercel; Stripe Radar | 13 months |
| I. Professional or employment-related | self-reported industry, business type, role, niche (only if you provide it in a form, survey, support ticket, or community post) | You | As long as you have an active account, then 24 months |
| K. Inferences | likelihood to convert, abandoned-checkout status, lifecycle stage, lead score, segment | Derived by us from the data above | Up to 24 months |
| Audio / visual (only if you provide) | your testimonial video or screenshot if you submit one; profile photo if you upload one | You | Until you ask us to remove it |
| Communications content | support emails, replies to our newsletters, community posts, AI prompts and outputs you submit | You | 3 years (for service quality, training, dispute resolution) |
Sensitive personal information. We do not intentionally collect "sensitive personal information" as defined under the CPRA (such as government IDs, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, contents of mail/email/SMS, genetic, biometric, health, or sex-life data). Payment account information you enter at checkout is transmitted directly to Stripe over an encrypted connection — we never see or store the full card number, CVC, or expiration. We do not "use or disclose" sensitive PI for any purpose other than those listed in Cal. Civ. Code § 1798.121(a) (servicing the request).
We do not knowingly collect or process the personal information of children under 18. See §19 (Children's privacy).
04 Sources we collect it from
- Directly from you — when you submit forms (email capture, checkout, account, support, community, surveys).
- Automatically — when you visit the Service, via cookies, log files, and similar technologies (see §9).
- From our service providers — Stripe (payment confirmations, fraud signals, customer IDs), Supabase (account records), Resend (delivery/bounce/complaint events), Vercel (request logs, IP, approximate geolocation).
- From advertising and analytics partners — if and when we enable them (e.g., Meta or Google ad pixels). Today these are not enabled; we will update this Policy and our cookie notice when they are.
- From public sources — occasionally, publicly available information for fraud prevention or to verify business contacts.
05 How and why we use it
We process personal information for the following business and commercial purposes (CCPA/CPRA terminology) and processing purposes (GDPR/UK GDPR terminology):
- Provide the Service: create your account, deliver the Products you purchased, process payments, grant and revoke entitlements, send order confirmations and receipts, support subscription billing and cancellation.
- Customer support: respond to inquiries, troubleshoot, process refunds, investigate disputes.
- Communicate with you: send transactional emails (receipts, scheduled "your spot is held" abandoned-checkout reminders, password resets, service updates), and — with your consent or where permitted by law — send marketing emails, broadcasts, drip sequences, and surveys.
- Operate and improve the Service: measure performance, debug, run A/B tests, analyze funnel conversion, develop new features, improve copy and design.
- Security and fraud prevention: detect and prevent unauthorized access, fraud, chargebacks, abuse, scraping, account-takeover; protect users and our business; verify identity.
- Legal and regulatory compliance: tax reporting, accounting, audit, anti-money-laundering, sanctions screening, responding to lawful requests from courts, regulators, or law enforcement.
- Enforce our Terms and protect rights: investigate Terms violations, defend or assert legal claims, protect the rights, property, and safety of users and others.
- Business transactions: in connection with a merger, financing, acquisition, sale of assets, reorganization, bankruptcy, or similar transaction.
- Aggregated or de-identified data: we may create aggregated or de-identified data that cannot reasonably be used to identify you and use it for any purpose without restriction.
06 Legal bases (GDPR / UK GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under Article 6 of the GDPR / UK GDPR for processing your personal information:
| Processing activity | Legal basis |
|---|---|
| Performing the contract for a Product or Subscription you purchased; account management | Contract (Art. 6(1)(b)) |
| Sending transactional / service emails (receipts, password reset, "your spot is held" reminder) | Contract (Art. 6(1)(b)) and our legitimate interest in keeping you informed (Art. 6(1)(f)) |
| Marketing emails to existing customers about similar Products | Our legitimate interest in promoting our Products (Art. 6(1)(f)) and, where required (e.g., UK / Germany), your consent (Art. 6(1)(a)) |
| Marketing emails / newsletter to non-customers | Your consent (Art. 6(1)(a)) |
| Cookies and similar tech that aren't strictly necessary (analytics, ad pixels) | Your consent (Art. 6(1)(a)) via cookie banner where required |
| Tax, accounting, audit, fraud-prevention obligations | Legal obligation (Art. 6(1)(c)) and our legitimate interest in preventing fraud (Art. 6(1)(f)) |
| Improving and securing the Service; analytics | Our legitimate interest in maintaining and improving the Service (Art. 6(1)(f)) |
| Establishment, exercise, or defense of legal claims | Our legitimate interest in protecting our rights (Art. 6(1)(f)) and where applicable, legal obligation (Art. 6(1)(c)) |
| Business transactions (mergers, acquisitions) | Our legitimate interest in conducting our business (Art. 6(1)(f)) |
You can object to processing based on legitimate interests or withdraw your consent at any time (see §18 (How to exercise your rights)). Withdrawing consent does not affect the lawfulness of processing before the withdrawal.
07 Who we share it with
We do not rent or trade your personal information. We share personal information only as described below.
Service providers ("processors" / "service providers" / "contractors")
We disclose personal information to vendors who process it on our behalf under written agreements that restrict their use to providing services to us. Current vendors include:
| Vendor | Purpose | Data shared |
|---|---|---|
| Stripe, Inc. | Payment processing, fraud prevention (Radar), subscription billing | Identifiers, billing info, payment card metadata (last 4, brand), commercial information, device/network info, IP, country |
| Supabase, Inc. | Database / authentication / account records | Identifiers, commercial information, entitlements, event logs |
| Vercel Inc. | Hosting, edge delivery, request logs, deployments, optionally Web Analytics / Speed Insights | Identifiers (IP), internet/network activity, approximate geolocation, performance metrics |
| Resend, Inc. | Transactional and marketing email delivery, audience management, deliverability events (opens, clicks, bounces, complaints) | Identifiers (email, IP), engagement events, email content |
| PostHog Inc. (US Cloud) | Product analytics, funnel measurement, autocapture of clicks/page-views, session replay (with input values masked), heatmaps, rage/dead-click detection | Identifiers (anonymous device id, email after sign-up), internet/network activity, click and navigation events, masked DOM recordings, approximate geolocation derived from IP |
| Microsoft Corporation (Clarity) | Behavioral analytics — heatmaps, scroll depth, click-recurrence and rage/dead-click clustering on customer-facing pages | Identifiers (anonymous device id), internet/network activity, masked input values, viewport size, approximate geolocation derived from IP |
| AI model providers (e.g., OpenAI, Anthropic, Google, or others — as enabled in the Products) | Powering the AI agents and AI tooling offered through the Products | Prompts and content you submit to the AI tools (which may include identifiers or content you choose to include) |
| Sentry, Datadog, or similar (if enabled) | Error tracking and observability | Identifiers (IP, user ID), internet/network activity, error/diagnostic data |
Professional advisors and authorities
Lawyers, accountants, auditors, insurers, and bankers; courts, regulators, and law enforcement when we are required by law, subpoena, court order, or other valid legal process, or when we believe in good faith that disclosure is reasonably necessary to protect the rights, property, or safety of any person, prevent fraud, enforce our Terms, or comply with law.
Business transfers
In the event of a merger, acquisition, financing, reorganization, dissolution, bankruptcy, or sale of all or a portion of our assets, personal information may be transferred as part of the transaction. We will use commercially reasonable efforts to notify you (e.g., via email or a notice on the Service) before your personal information becomes subject to a different privacy policy.
With your consent or at your direction
We will share personal information for any other purpose disclosed to you at the time we collect the information, or otherwise with your consent or at your direction (for example, when you ask us to share a testimonial publicly).
08 "Sale" or "sharing" of personal information
We do not sell personal information for monetary consideration. The CCPA/CPRA, however, defines "sale" and "sharing" broadly to include any disclosure of personal information for cross-context behavioral advertising — even when no money changes hands. Examples of activities that could qualify include allowing third-party advertising pixels (such as the Meta Pixel, Google Ads, TikTok Pixel, LinkedIn Insight Tag) to set cookies and receive identifiers and behavior events from the Service.
As of the Effective date above, we have not enabled any third-party advertising pixels on the Service, and we do not currently engage in "sharing" or "selling" of personal information. We may enable such pixels in the future. If and when we do, we will:
- update this Policy and our cookie notice to disclose the categories of personal information shared and the categories of recipients;
- provide a "Do Not Sell or Share My Personal Information" link in our website footer;
- honor opt-outs submitted via that link;
- honor browser-based opt-out preference signals, including the Global Privacy Control (GPC), as a valid request to opt out of sale/sharing for the browser session and any linked account where reasonably feasible;
- treat known minors under 16 as opted-out by default unless valid consent is obtained.
We have not, in the preceding 12 months, sold or shared the personal information of any consumer for cross-context behavioral advertising. We do not knowingly sell or share personal information of consumers under 16.
09 Cookies, analytics & tracking
We and our service providers use cookies, local storage, session storage, server logs, pixels, web beacons, SDKs, and similar technologies (collectively, "cookies") to operate, secure, and improve the Service. The cookies we currently use fall into these categories:
- Strictly necessary — required to deliver the Service you requested (e.g., maintaining your checkout state in
sessionStorage.ba_funnel_order, your remembered theme inlocalStorage.ba_funnel_theme, Stripe's fraud-prevention cookies on the checkout pages, our anti-abuse and security cookies). - Functional — remember choices you make (e.g., theme) to give you a better experience.
- Analytics — measure traffic and engagement so we can improve the Service. We use first-party logs from Vercel together with PostHog (autocapture, heatmaps, and session replay with all input values masked) and Microsoft Clarity (heatmaps and behavioral analytics). For EU/EEA/UK/Swiss visitors, both PostHog and Clarity are loaded only after you opt in via the cookie banner; for visitors outside those regions, they load by default subject to the controls described in §8 (including Global Privacy Control). Session replays never capture the values you type into form fields, and the Stripe payment fields run in a cross-origin frame that is excluded from recording.
- Advertising — not currently used. If/when enabled (e.g., Meta Pixel, Google Ads, TikTok Pixel), we will request consent in jurisdictions where required and provide opt-out as described in §8.
Most browsers let you control cookies through their settings. Disabling strictly-necessary cookies will break the Service (you may not be able to check out). For EU/EEA/UK visitors, where required by the ePrivacy Directive / PECR, we will request consent before placing non-essential cookies.
10 Email, marketing & SMS
If you submit your email through our forms (for example, the email capture on /ba before checkout), we add it to our newsletter audience (currently named "Business Automator — Subscribers" and managed in Resend). We may send you:
- transactional emails about purchases, accounts, subscriptions, and service updates;
- marketing emails about our own Products and offers;
- scheduled "your spot is held — finish checkout" reminders if you start a checkout and stop;
- educational drip sequences related to our Products.
You can unsubscribe at any time by clicking the unsubscribe link in any marketing email, by emailing hello@businessautomator.com, or via the List-Unsubscribe header in compliant email clients. Even after you unsubscribe from marketing, we may still send transactional emails related to your account, purchases, or refunds.
We send email in compliance with the CAN-SPAM Act, Canada's Anti-Spam Legislation (CASL), the EU ePrivacy Directive, and applicable analogous law. If you are in a jurisdiction that requires opt-in consent for marketing, we will obtain that consent before sending. If we ever send SMS, we will comply with the Telephone Consumer Protection Act (TCPA) and obtain prior express written consent where required; replying STOP will opt you out.
11 Data retention
We keep personal information only as long as necessary for the purposes described in this Policy, to comply with legal, tax, accounting, or reporting obligations, to resolve disputes, and to enforce our agreements. General retention windows:
| Type of data | Retention |
|---|---|
| Account records and entitlements | For the life of your account, plus up to 24 months after the account is closed (for renewal, restoration, fraud, dispute) |
| Order / transaction records, invoices, tax records | 7 years after the transaction (tax and audit) |
| Marketing / newsletter audience records | Until you unsubscribe; after unsubscribe, we retain a suppression list to ensure we don't email you again |
| Support and communications | 3 years from the date of last interaction |
| Server / request logs and analytics | Up to 26 months (logs typically less) |
| Cookie data | Per the lifetime set in the cookie itself or in session storage |
| Funnel event log | Up to 24 months (for analytics and conversion attribution) |
| Backups | Up to 90 days after deletion from production (rolling backup window) |
Where personal information is needed only to demonstrate compliance with a legal obligation, we may retain only the minimum necessary records for that purpose.
12 Security
We implement administrative, technical, and physical safeguards designed to protect personal information. Examples include: TLS encryption in transit; encryption at rest where available from our infrastructure providers; access control, role-separation, and the principle of least privilege for our staff; restricted secret-handling (no payment-card data ever touches our servers — it is processed directly by Stripe); Postgres row-level-security on databases; signed payment webhooks; idempotent server endpoints; pre-commit secret scanners that block accidental key disclosure; secure development practices.
However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for keeping your account credentials confidential, using a strong password (when accounts are available), and notifying us immediately at hello@businessautomator.com of any actual or suspected unauthorized access. In the event of a security incident that affects your personal information, we will notify you as required by applicable law.
13 International data transfers
We are headquartered in the United States. Our service providers may be located in the United States, the European Union, the United Kingdom, Canada, India, or other jurisdictions. If you access the Service from outside the United States, your personal information will be transferred to, stored in, and processed in the United States and in other countries that may not provide the same level of data protection as your home country.
For transfers of personal information out of the EEA, UK, or Switzerland, we rely on appropriate safeguards under Articles 44–49 of the GDPR / UK GDPR, including:
- the EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) and, where required, the UK International Data Transfer Addendum or UK International Data Transfer Agreement;
- the Swiss Addendum to the SCCs for transfers originating in Switzerland;
- certifications under the EU‑U.S. Data Privacy Framework, the UK Extension, and the Swiss‑U.S. Data Privacy Framework, where our vendors are self-certified to those frameworks;
- where required, derogations under Article 49 (e.g., performance of a contract you requested).
For details about a specific transfer or to request a copy of the relevant safeguards, contact us at hello@businessautomator.com.
14 California rights (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (the "CCPA"), gives you the following rights, subject to verification and certain exceptions:
- Right to know. You can request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business or commercial purposes for collecting or sharing, and the categories of third parties to whom we disclosed it.
- Right to delete. You can request that we delete personal information we have collected from you, subject to exceptions (e.g., to complete a transaction, detect fraud, comply with law).
- Right to correct. You can request that we correct inaccurate personal information we maintain about you.
- Right to opt out of sale / sharing. You can opt out of the "sale" or "sharing" of your personal information. We do not currently sell or share personal information; see §8.
- Right to limit use of sensitive PI. You can request that we limit our use of sensitive personal information to those purposes permitted under Cal. Civ. Code § 1798.121(a). We do not currently use sensitive PI for any other purpose.
- Right to non-discrimination. We will not discriminate against you (for example, by denying service, charging different prices, or providing a different level of quality) for exercising any of your CCPA rights.
- Right to opt out of automated decision-making and profiling, once and as those rights are finalized in the CPRA regulations.
How to exercise. Submit a request to hello@businessautomator.com or via our Do Not Sell or Share My Personal Information page. You may use an authorized agent to submit a request on your behalf; we will require proof of authorization. We will respond within 45 days (extendable by another 45 days where reasonably necessary), confirm receipt within 10 business days, and verify your identity before fulfilling certain requests (typically by matching the email associated with your account or transaction).
California "shine the light" law (Cal. Civ. Code § 1798.83): California residents may request information once per year about our disclosures, if any, of personal information to third parties for those third parties' direct-marketing purposes. We do not make such disclosures.
15 Other US state privacy rights
If you reside in Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, your state's comprehensive consumer-privacy law gives you rights similar to those described in §14, including (depending on the state):
- the right to access or know what personal information we process about you;
- the right to correct inaccurate personal information;
- the right to delete personal information;
- the right to obtain a copy of your personal information in a portable, machine-readable format (data portability);
- the right to opt out of the sale of personal information, of targeted advertising, and of certain forms of profiling that produce legal or similarly significant effects;
- where the state law provides one, the right to appeal a denial of your request — submit appeals to hello@businessautomator.com;
- the right to be free from discrimination for exercising these rights.
To exercise these rights, contact us as described in §18. Where the law permits us to require verification, we will do so. If your state does not yet have a comprehensive privacy law in force, we still welcome requests and will respond on a courtesy basis where reasonable.
Nevada (NRS § 603A.340). Nevada residents have the right to direct us not to make any sale of certain "covered information." We do not sell covered information as defined under Nevada law, but you may still submit such a request to hello@businessautomator.com.
16 EU / UK / Switzerland rights (GDPR & UK GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the GDPR / UK GDPR / Swiss FADP, subject to certain conditions and exceptions:
- Right of access — confirm whether we are processing your personal data and, if so, receive a copy (Art. 15).
- Right to rectification — correct inaccurate or incomplete personal data (Art. 16).
- Right to erasure ("right to be forgotten") — request deletion in certain circumstances (Art. 17).
- Right to restriction of processing in certain circumstances (Art. 18).
- Right to data portability — receive your personal data in a structured, commonly used, machine-readable format, and to transmit it to another controller (Art. 20).
- Right to object — object to processing based on our legitimate interests, and to object to processing for direct marketing at any time (Art. 21).
- Right to withdraw consent at any time, where processing is based on consent (Art. 7(3)).
- Right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects (Art. 22).
- Right to lodge a complaint with your local supervisory authority (Art. 77). A list of EU SAs is available at edpb.europa.eu. The UK Information Commissioner's Office is at ico.org.uk. The Swiss FDPIC is at edoeb.admin.ch. We would, however, appreciate the opportunity to address your concerns first — please contact us before lodging a complaint.
EU / UK representative. If we are required to appoint an Article 27 representative for the EU and/or UK, we will identify them in this section once appointed. In the interim, you may contact us at hello@businessautomator.com regarding any GDPR / UK GDPR matter.
17 Canada, Brazil & other jurisdictions
Canada (PIPEDA + Québec Law 25). If you are in Canada, you may request access to, correction of, or information about our handling of your personal information by contacting us as described below. We respond in accordance with PIPEDA and Québec's Law 25 (where applicable).
Brazil (LGPD). If you are in Brazil, you have the rights described in Articles 18–22 of the Lei Geral de Proteção de Dados, including access, correction, anonymization or blocking, portability, deletion, information about sharing, and revocation of consent.
Other. If your jurisdiction grants additional rights that are not described here, contact us and we will endeavor to honor them where applicable.
18 How to exercise your rights
To exercise any right described in §§ 14–17:
- Email hello@businessautomator.com with the subject line "Privacy Request" and tell us which right you are exercising, the personal information at issue, and the state/country in which you reside.
- For opt-out-of-sale/sharing requests, you may also use our Do Not Sell or Share My Personal Information page or send a Global Privacy Control (GPC) signal from your browser.
- To withdraw consent to marketing, click "Unsubscribe" in any marketing email.
Verification. Before fulfilling certain requests, we may need to verify your identity, typically by asking you to confirm information already in our records (for example, the email used to make a purchase). We may decline a request or charge a reasonable fee if it is manifestly unfounded, excessive, or repetitive, to the extent permitted by applicable law.
Authorized agents. California, EEA/UK, and other-state law allow you to designate an authorized agent. We will require evidence of the agent's authority (e.g., a signed permission, power of attorney) and may require you to verify your own identity.
Response time. We will respond within the time required by your applicable law (45 days under the CCPA, extendable by 45 days; one month under the GDPR, extendable by two months for complex requests). If we deny your request, we will explain why; where the law provides an appeal right (e.g., Colorado, Connecticut, Virginia, Texas), we will explain how to appeal.
19 Children's privacy
The Service is intended for users 18 years of age and older. We do not knowingly collect, sell, or share personal information of children under 13 (in the United States) or under 16 (in the EEA / UK), or of any minor under 18 anywhere. If you believe we have collected personal information of a minor, contact us at hello@businessautomator.com and we will promptly delete it.
20 Do Not Track & Global Privacy Control
Most web browsers offer a "Do Not Track" (DNT) feature. Because there is no industry standard for how to respond to DNT signals, we do not currently respond to DNT signals.
We do, however, honor the Global Privacy Control (GPC) as a valid request to opt out of "sale" and "sharing" of personal information under the CCPA/CPRA and equivalent state laws, to the extent we engage in any such activity. The GPC signal is treated as an opt-out for the browser sending it and, where we can reasonably link the signal to an account, for that account.
21 Automated decisions, profiling & AI
We do not make decisions about you that produce legal or similarly significant effects (such as approving or denying a substantive Service feature) based solely on automated processing. We may use automated rules and machine-learning models for fraud prevention (e.g., Stripe Radar), spam filtering, marketing segmentation, and product personalization. Where required by law, we will provide additional information about the logic involved and the significance and consequences of the processing, and you have a right to object as described in §16.
AI prompts and outputs. When you use AI features in the Products, the prompts you submit (and any data you choose to include in those prompts) may be transmitted to an AI model provider. Do not include sensitive personal information in your prompts unless you have a lawful basis to do so. AI outputs may be inaccurate or biased and should not be relied upon without independent verification (see also Section 11 of our Terms of Use).
22 Third‑party sites
The Service may contain links to third-party websites, services, or features (for example, social networks, payment portals, or AI model documentation). We do not control and are not responsible for the privacy practices of those third parties. We encourage you to read each third party's privacy policy before providing them with any information.
23 Changes to this Policy
We may revise this Policy from time to time. The "Effective" and "Last updated" dates at the top reflect the most recent revision. If we make material changes, we will use reasonable efforts to notify you (for example, by posting a notice on the Service or sending an email). Your continued use of the Service after the effective date constitutes your acknowledgment of the revised Policy. Prior versions are available on request.
24 Contact us
For any question, concern, request, or complaint about this Policy or our privacy practices: