1. PRIVACY POLICY

Last Modified: May 5th, 2024

This privacy policy (“Privacy Policy” or “Policy”) describes how Make Me Reach SAS (d/b/a Paragone) and its affiliated companies (collectively shall be referred to as “Paragone”, “we”, “us”, or “our”) collect, use and disclose certain information, and the choices you can make about our use of that information.

Paragone is a technology company that provides a range of services, including SaaS solution, for monitoring, managing, optimizing and improving social advertising campaigns (“Platform”) enabling our Platform’s users (“Customer”) to automate, monitor, optimize and exercise centralized control over their online advertising and social campaigns (“Services”).

When you use our Services, including log-in and use our Platform, or even we you merely browse our website: www.paragone.ai, you are trusting us with your information. This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can control it.

This Privacy Policy is incorporated by reference in our website Terms and Conditions. Visitors of our website and our Customers shall be further collectively referred to herein as “user” or “you”.

1.1 POLICY AMENDMENTS
We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy. We recommend you to review this Policy periodically to ensure that you understand our most updated privacy practices.

1.2 CONTACT INFORMATION AND DATA CONTROLLER INFORMATION
Make Me Reach SAS (d/b/a Paragonepart of the Perion Network Ltd. Group), incorporated under the laws of France, is the “data controller” (as such term is defined under the EU General Data Protection Regulation known as the “GDPR” or equivalent privacy legislation).

For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact our privacy team as follows:

1.3 DATA SETS WE COLLECT AND FOR WHAT PURPOSE
You can find here information regarding the data sets we collect, purposes for which we process your data as well as our lawful basis for processing, and how the data is technically processed. In general, we may collect two types of information from you, depending on your interaction with us:

Non-Personal Data
During your interaction with our website and Services, we may collect aggregated, non-personal non-identifiable information which may be made available or gathered via your access to and use of our website and Services (“Non-Personal Data“). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data which is being collected may include your aggregated usage information and technical information transmitted by your device, such as: browser version, operating system type and version, mobile network information, device settings, and software data.

Personal Data
We may also collect from you, during your access or interaction with our website or the Services, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual (“Personal Data” or “Personal Information”).

For avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.

We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).

The table below details the types of Personal Data we collect, the purpose, lawful basis and processing operations:

DATA SETPURPOSE AND OPERATIONSLAWFUL BASIS
Online Identifiers and Usage
When you access and interact with our website and Platform, we collect certain online identifiers such as Cookie ID, IP address or similar unique online identifiers generated, advertising ID, tags (“Online Identifiers”). We may further collect information related to your use and interaction with our website such as directing campaign and URLs, pages viewed, access time and date, duration, etc.  (“Usage Data”).  
We process such data through our or third-party cookies and tracking technologies for analytic, marketing and advertising purposes. In addition, we process such data for operation, security and fraud prevention purposes.
We process this data to understand how visitors use our website and to measure effectiveness of some ads we use helps us track conversions from ads, build targeted audience, and remarket to people who have taken some action on the website.
In addition, Usage Data related to our Platform helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. We also use such data for statistical analysis purposes, to test and improve our offers, decide how to improve the Service based on the results obtained from this processing.
Where we collect such data for analytic and advertising purposes, we process the data based on your consent which we will obtain through our cookie notice and consent management.  You may withdraw consent at any time by using the cookie preference settings.
Where we collect such data for operation and security, we process your data based on our legitimate interest.
Contact Communications:
If you voluntarily contact us for support or other inquiries, including where you sign up to book a demo or download certain materials (e-book, etc.) you will be required to provide us with certain information such as your name, email address, organization name, etc.
We process such data to provide you with the support or materials you requested or to respond to your inquiry.
The correspondence with you may be processed and stored by us in order to improve our customer service and in the event, we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable).
We process such data subject to our legitimate interest.
Newsletter or Blog Registration:
In the event you sign up to receive our newsletter or other marketing materials, you will be requested to provide your contact details, such as your email address.
We will use such data solely in order to provide you with the content that you have requested to receive.
These messages contain content defined as “advertisement” or “direct marketing” under the Israeli law.
We process such data subject to your consent. You may withdraw consent at any time through the “unsubscribe” link within the email or by contacting us directly.
In addition, we will further maintain a suppression file – meaning lists of emails that have requested to opt-out, under our legitimate interest and to ensure we comply with such preference and choice.
Recruitment:
When you apply for a position via our website, we will process your CV (and the information included therein), as well as additional information such as your contact information (name, email address and phone number), information regarding your education and skills, employment history, and your photo (to the extent provided by you).
 
Also, where allowed or required by law, we may process diversity and inclusion data regarding your candidacy, such as ethnicity, gender, or any disability. In addition, we may collect further information from public and online sources, referees, and former employers and combine such data with your other data.
We will use such data to process your job application and for recruitment management purposes, for further recruitment steps (e.g., interview), and to enable us to comply with corporate governance and legal and regulatory requirements.
We may use third parties’ services and platforms to manage the recruitment process, for more information please see www.perion.com/privacy-policy/ 
We process such data (including use, store and retain it) for the described purposes, based on our legitimate interest. 
In some cases, for example, where we will ask you to provide health related data or diversity and inclusion data, we will process your data based upon your consent.   You may always withdraw consent at any time by contacting us.
 
We will retain your data for records keeping and future defense from legal claims under our legitimate interest.
Following the completion of the recruitment process, we may further retain and store the data (including other interactions with us under such process) as part of our internal record keeping, including for legal defense from any future claim, as well as, where we find applicable and subject to applicable law requirements, to contact you in the future for other job position we believe will suit your qualifications. 
Account Log-In Data:
In the event you are our Customer (or an authorized user on its’ behalf), the information provided during the login to your account will include your email address and password.
You are also able to log in through your social media accounts (Facebook and Twitter), if you do so we will receive your publicly available information (profile, name and email address). 
You represent and warrant that you will not provide us with inaccurate, misleading or false information.  
We will use this data in order to enable you to access the Platform, as well as to validate your authorization.
We will use the email address you provided to send you needed information related to our Services and which are related to our business engagement (e.g., send you a welcome message, notify you regarding any updates, send applicable invoices, reports etc.) and additional occasional communications and updates related to the Services, as well as promotional and marketing emails (“Direct Marketing”).
We process such data for the purpose of performing our contract with you, to provide the Services and to designate your account.
Direct Marketing is based on our legitimate interest, you may opt-out at any time.

We use various technologies to collect and store the information listed above, including cookiespixel tags, local storage, databases and server logs. We use different technologies to process your information listed above, for the purposes listed above.

Therefore, the actual processing operation per each purpose of use and lawful basis detailed in the table above, may differ. Such processing operation usually includes set of operations, made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. Transfer of Personal Data to third party countries as further detailed in the International Data Transfer section is based on the same lawful basis as stipulated in the table above.

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services and to enforce our policies and agreements, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.


1.4 HOW WE COLLECT YOUR INFORMATION
Depending on the nature of your interaction with the website and Services, we may collect information either automatically or voluntarily provided by you. Automatic collection of information is usually made through the use of cookies, pixel tags, local storage, databases, and server logs.

1.5 COOKIES AND SIMILAR TRACKING TECHNOLOGIES
When you browse our website or interact with the Platform, we, or our third-party vendors, place “cookies”, “pixels” or “web beacons”, that collect certain information about your usage and interaction with the website and use this information for operational, analytic, fraud detection and marketing purposes, as detailed in the table above.

First party cookies are very helpful and can be used for various different purposes such as allowing you to navigate between pages efficiently and making the interaction between you and our website quicker. The use of cookies is a standard industry-wide practice.

You can find more information about cookies at www.allaboutcookies.org.

The cookies we use on are website are listed here: Cookie List
You can opt-out of data collection through cookies or otherwise change your preferences at any time by using the cookie preference and consent management tool available on our website.

In addition, most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website and Services, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings. Additionally, you may opt out of certain advertisers’ cookies and browser-enabled, interest-based advertising.

Please note that once you choose to opt out or disable cookies, some features of the Services may not operate properly and your online experience may be limited. In addition, even if you do opt-out, you may still receive some content and advertising, however, it will not be targeted content or advertising.

Please note that, where we use third-party advertising cookies, such third-party may independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, as well as additional data sets, including to combine such information with other information they have independently collected relating to your online activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to the performance of our advertising campaign you interacted with. These third parties collect and use this information under their own privacy policies, and are responsible for their practices.

1.6 DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH
We share your Personal Data with third parties, including with service providers that help us provide our Services. You can find here information about the categories of such third-party recipients

CATEGORY OF RECIPIENTDATA THAT WILL BE SHAREDPURPOSE OF SHARING
Service ProvidersAll types of Personal DataWe may disclose Personal Data to our trusted agents and service providers (including, but not limited to, our Cloud service provider, our analytics service provider, our CRM provider, etc.) so that they can perform requested services on our behalf. Thus, we share your data with third party entities, for the purpose of storing such information on our behalf, or for other processing needs. These entities are prohibited from using your Personal Data for any purposes other than providing us with requested services.
Enforcement Of Our Rights and Security DetectionsAll types of Personal DataWe may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required.
Any Acquirer of Our BusinessAll types of Personal DataWe may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.
Legal and Law EnforcementSubject to law enforcement authority requestWe may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.

Where we share information with services provider and agents, we ensure they only have access to such information that is strictly necessary in order for us to manage and operate our business operation. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).

1.7 USER RIGHTS
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.

For detailed information on your rights and how to exercise your rights, please see the Data Subject Request Form (“DSR”) available here.

Certain rights can be easily executed independently by you without the need to fill out the DSR Form:

You have the right to lodge a complaint with the EU Member State supervisory authority if you are not satisfied with the way in which we handled the complaint.

For additional rights under various jurisdictions, please refer to Section “JURISDICTION-SPECIFIC NOTICES” herein below.

1.8 OPT OUT OPTIONS

Interest-Based Advertising (“IBA”): We do not sell your Personal Data. We may “share” your Personal Data with third parties for personalized advertising purposes. If you wish to opt-out from the sharing of your personal data with third parties for the purpose of cross-contextual interest-based advertising there are many way to do so, as further detailed below. Please note that even if you opt-out you may still see personalized ads based on information other companies and ad networks have collected about you, if you have not opted out of sharing with them.
You may opt-out directly from third party retargeting cookies or other ad-technology trackers through self-regulatory services. For more information, please visit:

You can also opt out of interest-based advertising with some of the service providers we use, such as Google HERE , Google Analytic HERE.  

In addition, you can opt-out of data collection through cookies or otherwise change your preferences at any time by using the cookie preference and consent management tool available on our website.

Ad choices settings and options will vary depending on your browser and device settings, and this is not an exhaustive list. Please note that your opt-out choices will only apply to the specific browser or device from which you opt out. We encourage you to explore your device and browser settings to better understand your choices.

1.9 DATA RETENTION:

In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you will express your preference to opt-out, where applicable.

The retention periods are determined according to the following criteria:

Other circumstances in which we will retain your Personal Data for longer periods of time include: for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.

1.10 SECURITY MEASURES:

We work hard to protect Personal Data we process from unauthorized access or unauthorized alteration, disclosure or destruction. We have implemented physical, technical and administrative security measures that comply with applicable laws and industry such as: encryption using SSL, we minimize amount of data that we store on our servers, restrict access to Personal Data to Paragone’s employees, contractors and agents, etc. Note that, we cannot be held responsible for unauthorized or unintended access that is beyond our control, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.

Please contact us at: privacy@perion.com if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

1.11 INTERNATIONAL DATA TRANSFER

Our data servers in which we host and store the information are located in the EU and UK. The Company’s HQ are based in Israel in which we may access the information stored on such servers or other systems such as the Company’s ERP, CRM and other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area (“EEA“) is transferred outside of the EEA to a country that has not received an adequacy decision from the European Commission, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union. Thus, we will obtain contractual commitments and or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes.

1.12 ELIGIBILITY AND CHILDREN PRIVACY

Our website and Platform are not intended for use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law which with respect to the EEA is under the age of 16 and with respect to the US, under the age of 13) and we do not knowingly process children’s information. We will discard any information that we receive from a user that is considered a “child” immediately upon our discovery that such a user shared information with us. Please contact us at: privacy@perion.com if you have reason to believe that a child has shared any information with us.

2. JURISDICTION-SPECIFIC NOTICES:

2.1 ADDITIONAL NOTICE TO CALIFORNIA RESIDENTS

This section applies only to California residents. Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”) effective November 2020, and as amended by the CPRA, effective January 1, 2023.

Please see the CCPA Privacy Notice which discloses the categories of personal information collected, purpose of processing, source, categories of recipients with whom the personal information is shared for a business purpose, whether the personal information is sole or shared, the retention period, and how to exercise your rights as a California resident.

2.2 ADDITIONAL NOTICE TO COLORADO RESIDENTS

Under the Colorado Privacy Act (“CPA”) if you are a resident of Colorado, acting only as an individual or household context (and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context), your rights with respect to your personal data are described below.

Personal Data” as defined in the CPA means: “information that is linked or reasonably linkable to an identified or identifiable individual” and does not include any of the following: publicly available information, de-identified or aggregated consumer, and information excluded from the CPA scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.

Sensitive Data includes (i) racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation; (ii) Genetic or biometric data that can be processed to uniquely identify an individual; or (iii) child data. We do not process or collect any sensitive data.

Section ‎‎1.3 “DATA SETS WE COLLECT AND FOR WHAT PURPOSE” of the Privacy Policy, we describe our collection and processing of personal data, the categories of personal data that are collected or processed, and the purposes. Additionally, in Section 1.6 “DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH” details the categories of third-parties the controller shares for business purposes.

2.2.1 YOUR RIGHTS UNDER CPA:

Herein below, we will detail how consumers can exercise their rights, and appeal such decision, or if Paragone sells the personal data, or sells the personal data for advertising and how to opt-out.

CATEGORY OF RECIPIENTDATA THAT WILL BE SHAREDPURPOSE OF SHARING
Service ProvidersAll types of Personal DataWe may disclose Personal Data to our trusted agents and service providers (including, but not limited to, our Cloud service provider, our analytics service provider, our CRM provider, etc.) so that they can perform requested services on our behalf. Thus, we share your data with third party entities, for the purpose of storing such information on our behalf, or for other processing needs. These entities are prohibited from using your Personal Data for any purposes other than providing us with requested services.
Enforcement Of Our Rights and Security DetectionsAll types of Personal DataWe may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required.
Any Acquirer of Our BusinessAll types of Personal DataWe may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.
Legal and Law EnforcementSubject to law enforcement authority requestWe may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.

Right to Access/ Right to Know

You have the right to confirm whether and know the Personal Data we collected on you 

You can exercise your right by reviewing this Privacy Policy, in case you would like to receive the Personal Data please fill in this form to receive a copy of your data

Right to Correction 

You have the right to correct inaccuracies in your Personal Data, taking into account the nature of the Personal Data and the purposes of the processing of your Personal Data.

You can exercise this right directly through your account or by filling in this form

Right to Deletion

You have the right to delete the Personal Data, this right is not absolute and in certain circumstances we may deny such request. We may deny your deletion request, in full or in part, if retaining the information is necessary for us or our service provider(s) for any of the following reasons: (1) Complete the transaction for which we collected the Personal Data, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you; (2) Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (3)  Debug products to identify and repair errors that impair existing intended functionality; (4) Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; (5)  Comply with the law or legal obligation; (6) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent; (7) Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; (8) Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or de-identify personal information not subject to one of these exceptions from our records and will direct our processors to take similar action.

If you would like to delete your Personal Data please fill in this form

You do not need to create an account with us to submit a request to know or delete.

Right to Portability 

You have the right to obtain the personal data in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance.

If you would like to receive the Personal Data please fill in this form to receive a copy of your data we will select a format to provide your Personal Data that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

Right to opt out from selling Personal Data 

You have the right to opt out of the sale of your Personal Data for the purposes of targeted advertising, sale to a third party for monetary gain, or for profiling in furtherance of decisions that produce legal or similarly significant effects concerning you or any other consumer. 

You may authorize another person acting on your behalf to opt out, including by broad technical tools, such as DAA, NAI, etc. 

Paragone does not sell your personal information, so we do not offer an opt out. We may “share” personal information with third parties for personalized advertising purposes. You may indicate your choice to opt-out of the sharing of your personal data with third parties for personalized advertising on third party sites as detailed in Section 1.8 OPT OUT OPTIONS.  

Right to opt out from Targeted Advertising 

Right to opt out from Profiling 

We do not profile you, thus we do not need to provide an opt-out. 

Right to Appeal 

If we decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. The notification will include a justification for declining to take action and instructions on how you may appeal.

If we deny the appeal, you may contact the Colorado Attorney General using this link: https://coag.gov/office-sections/consumer-protection/  or (720) 508-6000.

Not more than 60 days after receipt of an appeal we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reason for the decisions. 

Duty not to violet the existing laws against discrimination or non-discrimination 

Such discrimination may include denying a good or service, providing a different level or quality of service, or charging different prices.

We do not discriminate our users. 

2.2.2 HOW TO SUBMIT A REQUEST UNDER CPA?

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your Personal Data. If the DSR is submitted by someone other than the consumer about whom information is being requested, proof of authorization (such as power of attorney or probate documents) will be required.

We will respond to your request within 45 days after receipt of a verifiable Consumer Request and for no more than twice in a twelve-month period. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at privacy@perion.com and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

2.3 ADDITIONAL NOTICE TO VIRGINIA RESIDENTS

Under the Virginia Consumer Data Protection Act, as amended (“VCDPA”) if you are a resident of Virginia acting in an individual or household context (and not in an employment or commercial context), you have the following rights with respect to your Personal Data.

Personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person. “Personal data” does not include de-identified data or publicly available information. Personal Data does not include de-identified data or publicly available data, and information excluded from the scope such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver’s Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.

The VCDPA requires Paragone discloses the Categories of data processing and the purpose of each category, as detailed in Section ‎‎1.3 “DATA SETS WE COLLECT AND FOR WHAT PURPOSE” of the Privacy Policy, the categories of data shared and the third parties with whom it is shared, as detailed in Section ‎‎1.6 “DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH”. Disclosure of sale of data or targeted advertising are detailed in Section ‎‎1.8 OPT OUT OPTIONS above, and in the DSR Form. Further, the table above under Section 2.2 “ADDITIONAL NOTICE TO COLORADO RESIDENTS” details the rights you have under VCDPA and how you may exercise your rights.

2.3.1 HOW TO SUBMIT A REQUEST UNDER VCDPA?

We shall respond to your request within 45 days of receipt. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at privacy@perion.comand specifying you wish to appeal.  Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint as follows: Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request we will not be able to grant your request.

2.4 ADDITIONAL NOTICE TO CONNECTICUT RESIDENTS

Under the Connecticut Data Privacy Act, Public Act. No. 22-14 (the “CDPA”) if you are a resident of Connecticut, acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity), your rights with respect to your personal data are described below.

Personal data” means any information that is linked or reasonably linkable to an identified or identifiable individual. It does not include de-identified data or publicly available information. If further does not include information excluded from the scope such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver’s Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.

The categories of personal data processed, purpose of processing, are detailed in Section 1.3 “DATA SETS WE COLLECT AND FOR WHAT PURPOSE”, categories of personal data shared with third parties, categories of third parties with whom data is shared, are detailed in Section 1.6 “DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH”. Disclosure of sale of data or targeted advertising are detailed in Section ‎1.8 OPT OUT OPTIONS above, and in the DSR Form.

Instructions on how to exercise your rights are detailed in the table above under Section 2.2 “ADDITIONAL NOTICE TO COLORADO RESIDENTS” details the rights you have under CDPA and how you may exercise your rights.

2.4.1 HOW TO SUBMIT A REQUEST UNDER CDPA?

We shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests and we inform you of such extension within the initial 45 days response period, together with the reason for the extension.

If we decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. The notification will include a justification for declining to take action and instructions on how you may appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

2.5 ADDITIONAL NOTICE TO UTAH RESIDENTS (effective January 2024)

Under the Utah Consumer Privacy Act (the “UCPA”) if you are a resident of Utah, acting in an individual or household context (and not in a commercial or employment context) your rights with respect to your personal data are described below. “Personal Data” refers that is linked or reasonably linkable to an identifiable individual, and does not include de-identified data and publicly available data. 

The categories of personal data processed, purpose of processing, are detailed in Section 1.3 “DATA SETS WE COLLECT AND FOR WHAT PURPOSE”, categories of personal data shared with third parties, categories of third parties with whom data is shared, are detailed in Section ‎‎1.6 “DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH”. Disclosure of sale of data or targeted advertising are detailed in Section ‎‎1.8 OPT OUT OPTIONS above, and in the DSR Form.

Further, the table above under Section 2.2 “ADDITIONAL NOTICE TO COLORADO RESIDENTS” details the rights you have under CDPA and how you may exercise your rights.

2.6 NOTICE TO NEVADA RESIDENTS

Nevada law allows Nevada residents to opt out of the sale of certain types of personal information. Subject to several exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. We currently do not sell personal information as defined in the Nevada law. However, if you are a Nevada resident, you still may submit a verified request to opt out of sales and will record your instructions and incorporate them in the future if our policy changes. You may send opt-out requests to privacy@perion.com.


https://paragone.ai/feed/