California Consumer Privacy Act
Notice for California Residents
[Last Update: 5/18/2020]
We at theSkimm, Inc. (“theSkimm,” “we,” “us,” or “our”) have created this Notice for California Residents (the “CCPA Notice”) to supplement the Privacy Policy located at: https://www.theskimm.com/general/privacy-notice. This CCPA Notice applies solely to all natural persons who reside in the State of California (“consumers” or “you”), and who visit or use our Site, Apps, Platform or Services, purchase or obtain other products or services from us, or otherwise engage or interact with us in person or electronically. We adopted this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”). Any terms not defined in this CCPA Notice shall have the meaning ascribed to them elsewhere in the Privacy Policy or applicable Terms of Service or, if not defined herein or elsewhere in the Privacy Policy or applicable Terms of Service, the CCPA.
To the extent there is any conflict between this CCPA Notice and the provisions of the Privacy Policy, this CCPA Notice shall control only with respect to consumers and their Personal Information (as defined below). If you are located outside of the State of California this CCPA Notice does not apply to you and you should refer to our Privacy Policy.
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“Personal Information”). In particular, we have collected the following Categories of Personal Information from or about consumers within the twelve (12) months preceding the Last Update:
Table I -- Categories of Personal Information (w/examples) |
Identifiers A real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, Social Security number, or other similar identifiers. |
Categories of Personal Information Listed in Cal. Civ. Code § 1798.80(e)) A name, signature, Social Security number, address, telephone number, employment, bank account number or login credentials, credit card number, debit card number, or any other financial information. Some Personal Information included in this category may overlap with other categories. |
Protected classification characteristics under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
Commercial information Records products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies. |
Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. |
Geolocation data Physical location or movements. |
Inferences drawn from other Personal Information Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
Personal Information does not include:
We obtain the Categories of Personal Information in Table I from the following Categories of Sources:
Table II Categories of Personal Information | Categories of Sources |
Identifiers. | Directly from consumer; Indirectly from consumer; Co-registrations partners; Customer referrals |
Categories of Personal Information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | Directly from consumer |
Protected classification characteristics under California or federal law. | Directly from consumer |
Commercial information. | Directly from consumer; Indirectly from consumer |
Internet or other similar network activity. | Indirectly from consumer |
Geolocation data. | Indirectly from consumer |
Inferences drawn from other personal information. | Indirectly from consumer |
Business Purposes for Collection or Use of Personal Information
We may use or disclose the Personal Information we collect for one or more of the following commercial or business purposes (each, a “Business Purpose”):
Table III – Business Purposes | Categories of Personal Information |
To provide, develop, implement, market, support, personalize, and sell our Site, Apps, Platform, and Services, including contests, sweepstakes, rewards, and special offers |
|
To manage and promote the business activities of theSkimm, including the development and evaluation of business plans |
|
To establish customer, vendor, and partnership relationships and to communicate with customers, vendors and partners |
|
To create, maintain, customize, and secure your account with theSkimm |
|
To enable visitors/users to access our Site, Apps, Platform and Services access |
|
To provide information about existing and new products and services of theSkimm, including through our newsletter |
|
To fulfill subscriptions, process your requests, purchases, transactions, and payments and prevent transactional fraud |
|
To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses |
|
To research, analyze, develop and improve existing and new products, technologies, and services |
|
To purchase, acquire, and solicit products, services, and special offers from our partners, affiliates and vendors |
|
To offer you special products, services, discounts, tickets and other items or services from our partners and affiliates |
|
To personalize your Site, Apps, Platform and Services experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Site, Apps, Platform and Services, third-party sites, and via email or text message (with your consent, where required by law) |
|
To detect security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity and maintaining security audit logs |
|
To administer or enforce our rights under an agreement or otherwise protect theSkimm and its rights |
|
To review and assess market trends and activities impacting the business of theSkimm |
|
To audit current and concurrent transactions with the consumer, such as counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards. |
|
We may also collect or use any of the Categories of Personal Information set forth above for one or more of the following Business Purposes:
We may share your Personal Information with the following Categories of Recipients for Business Purposes:
Table IV - Categories of Personal Information | Categories of Recipients |
Identifiers. | Service Providers; Affiliates; Partners; Third-Party Online Marketers |
Categories of Personal Information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | Service Providers; Affiliates; Partners; Third-Party Online Marketers |
Protected classification characteristics under California or federal law. | Service Providers; Affiliates; Partners; Third-Party Online Marketers |
Commercial information. | Service Providers; Affiliates; Partners |
Internet or other similar network activity. | Service Providers; Affiliates; Partners; Third-Party Online Marketers |
Geolocation data. | Service Providers; Affiliates; Partners; Third-Party Online Marketers |
Inferences drawn from other personal information. | Service Providers; Affiliates; Partners; Third-Party Online Marketers |
In the twelve (12) months preceding the Last Update, we may have disclosed the following Categories of Personal Information for a Business Purpose:
The CCPA defines “sale” broadly to include selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a consumer’s Personal Information to another business or third party for monetary or other valuable consideration. In the twelve (12) months preceding the Last Update, we may have sold the following Categories of Personal Information:
The CCPA provides consumers with specific rights regarding their Personal Information. This section describes such rights and explains how to exercise them.
You have the right to request that we disclose certain information to you about our collection, disclosure, sale and use of your Personal Information. Once we receive and verify your request, we will disclose to you:
You have the right to request that we delete any of Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and verify your request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the Personal Information is necessary for us or our service providers to:
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
The verifiable consumer request must:
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information related to you.
Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account.
Verification Process
To submit a verifiable consumer request, the consumer may be required to provide up to three data points, which may include additional Personal Information, to enable us to verify the consumer’s identity with the degree of certainty required by the CCPA.
We will use Personal Information provided in a verifiable consumer request solely for the purpose of verifying the requestor’s identity or authority to make the request. We or a third party on our behalf may follow up with you to determine whether a request is a verifiable consumer request under applicable law.
If we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you, we will deny the consumer request in whole or in part and will not to disclose the information requested or, as applicable, will not delete the information requested. We will respond to any such consumer request with a denial, and will also explain why it has no reasonable method by which it can verify the identity of the requestor.
However, if a consumer request that seeks disclosure of specific pieces of Personal Information is denied because we cannot verify the identity of the person making the request under the applicable verification rules under the CCPA, then we shall treat the request as one that seeks the disclosure of the Categories of Personal Information and apply the verification rules in the CCPA applicable to requests for disclosure of Categories of Personal Information.
If a consumer request that seeks disclosure of Categories of Personal Information is denied because we cannot verify the identity of the person making the request under the applicable verification rules in the CCPA regulation, then we shall provide or direct the requestor to our general business practices regarding the collection, maintenance and sale of Personal Information as set forth in this Privacy Policy.
We will confirm receipt of a verifiable consumer request within ten (10) days of its receipt.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time we will notify you of the extension and provide an explanation of the reason for the extension in writing, and we will provide you with a response no later than ninety (90) days of receipt of the request.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. If you do not have an account with us, and you do not indicate a preference for delivery, we will use its discretion in choosing the method of delivery of the information.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We may charge a reasonable fee to process or respond to your verifiable consumer requests if they are excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for this decision and provide you with a cost estimate before completing your request.
If you are 16 years of age or older, you have the right, at any time, to direct us to not sell your Personal Information (the “right to opt-out”). We do not knowingly sell the Personal Information of children under the age of 16, unless we receive affirmative authorization (the “right to opt-in”) from either (i) the consumer who is between 13 and 16 years of age, or (ii) the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time.
To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following Internet Web page link:
“Do Not Sell My Personal Information”
Once you make an opt-out request, we will not ask you to reauthorize Personal Information sales for at least twelve (12) months. However, you may change your mind and opt back in to Personal Information sales at any time by emailing privacy@theskimm.com.
You do not need to create an account with us to exercise your opt-out rights. We will only use Personal Information provided in an opt-out request to review and comply with the request.
We will not discriminate against you for exercising any of your CCPA rights, including, but not limited to:
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels, provided that: (i) the financial incentive is reasonably related to the value of your Personal Information and (ii) we provide you written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. See Notice on Financial Incentive section below.
If you submit a request for access and portability or deletion through the use of an authorized agent, we may require that you (i) provide the authorized agent written permission to act on your behalf, and (ii) verify their identity directly with us. We may deny a request from an authorized agent that does not submit proof of authorization.
We provide consumers with certain financial incentives to participate in surveys and our referral programs. Details about specific financial incentives such as materials terms, the Categories of Personal Information implicated, how a consumer may opt-in to the incentive program, how a consumer may exercise the right to withdraw, and a good faith estimate of the value of the data shall be disclosed by us to the consumer at or before such consumer provides to us Personal Information in exchange for such financial incentives.
Pursuant to California’s “Shine the Light” law (Civil Code Section § 1798.83), California residents have the right to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties.
To make such a request, please send an email to privacy@theskimm.com.
This CCPA Notice is effective as of the date of the Last Update stated at the top of this CCPA Notice. We may change this CCPA Notice from time to time with or without notice to you. By visiting or accessing the Site, the Apps, Platform or Services, purchasing products or services from us, or otherwise engaging or interacting with us after we make any such changes to this CCPA Notice, you are deemed to have accepted such changes. Please be aware that, to the extent permitted by applicable law, and without prejudice to the foregoing, our use of your Personal Information is governed by the CCPA Notice in current effect. Please refer back to this CCPA Notice on a regular basis.
If you have any questions or comments about this notice, the ways in which we collect and use your information described below and in the CCPA Notice, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
E-mail: privacy@theskimm.com
Postal address: Attn: Legal - California Privacy Compliance, 50 West 23rd Street, Suite 5B, New York, New York, 10010.
--