Privacy | Zolley

Privacy Policy

1. Overview. Zolley, LLC (“Company”) respects the privacy of any site visitor, client or platform user (“Client“). Company is committed to protecting Client’s privacy through compliance with this Privacy Policy (“Privacy Policy”). This Privacy Policy describes how we collect and use Client’s Personal Information when Client visits our website at http://zolley.com or otherwise use the Platform as described further in the Terms of Service, and that a Client may provide in electronic messages to Company.

Please read this Privacy Policy to understand our policies and practices regarding Client’s Personal Information and how we will handle it. If Clients do not agree with our policies and practices, do not use the Platform. By accessing or using the Platform, Client agrees and consents to this Privacy Policy.

Company may change this Privacy Policy at any time, at its discretion. Client’s continued use of the Platform after we make changes is deemed to be acceptance of and consent to those changes, so please check the Privacy Policy periodically for updates.

This Privacy Policy is subject to and governed by the Company Terms of Service. The Services are part of the Platform and are described further in the Terms of Service.

2. The Types of Information That Company Collects About Client and How Company Collects Information About Client

Company may collect two types of information from Client when Client visits the Platform: Personal Information and Non-Personal Information (collectively “Information”).

“Personal Information” refers to data by which Client may be personally identified, such as name, email address, employer, job title and department, and telephone number.
“Non-Personal Information” means data that is about Client, but does not identify Client specifically. If Client does nothing during Client’s visit to our Platform but browse, read pages, or view content, we will gather and store Information about Client’s visit that does not identify Client personally.

We collect Information:

Directly from Client when Client provides it to us. When Client subscribes to a newsletter, creates an account, makes a purchase or requests information from Company, we will ask for things like Client’s name, contact, billing, shipping and communication information, and account ID or credentials in order to fulfill Client’s request. If Client sets up an appointment with us through the Platform, attends a trade show or event, or otherwise contacts us, Client may also voluntarily provide similar information. If Client submit any Personal Information about other people to us or to our service providers, Client is responsible for making sure that Client has the authority to do so and to allow us to use their Personal Information in accordance with this Privacy Policy (for example, by Client asking for their consent).
From third parties. We obtain information through partners, vendors, suppliers and other third parties. The parties from whom we obtain information are typically corporate enterprises (although some may also be educational or public enterprises) and they may be located in any of the locations in which we do business. These enterprises largely fall into the following categories: Advertising and marketing companies, data set and information vendors, public database providers, social media platforms, partners, providers of products or services, hosts or vendors at events or trade shows, research partners, or enterprises that use Company Services. We take steps to confirm that information we receive from these third parties has been collected with Client’s consent or that these parties are otherwise legally permitted to disclose Client’s Personal Information to us. We might also obtain information through a partner, or co-create datasets with a partner, as part of our business operations. This kind of data is used for work like improving the Platform and other Company Services, enhancing existing products and developing new capabilities and features. In some cases we combine Personal Information about individuals that we receive from multiple sources, including directly collected from Client or through Client’s use of the Platform.
Automatically as Client navigates through the Platform or during the time in which Client utilizes our Services. We collect information about how Client interacts with the Platform through the use of cookies, pixel tags, and similar technologies. Please view our separate Cookies Policy for more information on our use of cookies and similar technologies, how Client can manage cookies and how we respond to Do Not Track signals.

3. How Company Uses Personal Information It Collects About Client and the Purposes for the Collection and Use

We use Personal Information that we collect about Client or that Client provide to us for the following purposes:

For Functionality and Development of the Platform and Company Services. We use information to provide, offer, and personalize the Platform and other Company Services provided to Client. Some information, like Client’s IP address, is used to communicate with Client’s device to provide network connectivity, measure usage levels of the Platform, diagnose server problems and provide security features. Other business purposes that depend on use of Client’s information include data analysis related to testing, modifying, improving or developing new products, services and technologies, and to identify trends. Some Platform features may leverage artificial intelligence (“AI”) tools to enhance performance capabilities. We do NOT retain Personal Information to develop, improve, or train generalized AI or machine learning models, including user data provided via third party APIs, including but not limited to Google Workspace APIs. Company Platform’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. We use cookies to make our websites and the Platform operate, work more efficiently, and provide analytic information. Technologies similar to cookies, such as pixel tags are also used in connection with the Platform. For more information on our use of cookies, please read our Cookies Policy.
For Customer Support, Platform Updating and Reporting. The Platform may use information to provide Company with updates and reports, and to check that the Platform is working properly. Update functions may automatically check Client’s system to see whether files need to be refreshed, updated, or modernized, in order to provide Client with the up-to-date security, versions, features, options and controls associated with Client’s systems or devices. We rely on information to analyze performance and improve and maintain the Platform. We also rely on the Personal Information Client provided to us to provide Client with customer support for the Platform and other Company Services, and to verify eligibility for promotional offers.
For Business Operations. We use information to operate our business; for example, to perform accounting, auditing, billing, reconciliation, and collection activities. Other business purposes that depend on use of Client’s Personal Information include crime or fraud monitoring and prevention, protecting our legal rights, and performing contractual obligations. We also use Personal Information to contact Client to advertise, market and sell Company Services in accordance with Client’s communications preferences.
To Communicate. We use contact information to send messages; to provide Company Services; to respond to customer service requests; to provide alerts such as security updates or changes in our policies or about subscriptions that are ending; and to send marketing or informational materials like newsletters or white papers, in accordance with Client’s communication preferences. We occasionally conduct surveys, or do focused research or studies which may require Client to voluntarily share Personal Information in order to participate. These activities typically have additional notices that provide more information about the use of Client’s Personal Information and to which Client may be asked to consent.
For Advertising and Marketing. We may use Personal Information collected from Client, combined with information about what advertisements Client viewed and other information we collect, to enable us to provide personalized content and to study the effectiveness of advertising and marketing campaigns. Client may choose whether to allow or deny uses or sharing of Client’s device’s location by changing Client’s device settings, but if Client chooses to deny such uses or sharing, we may not be able to provide Client with certain personalized Company Services and content on the Platform.
For Statistical Purposes to Improve the Platform. We may compile Platform statistics into traffic reports, which help Company understand, anticipate, and respond to user needs. If we learn, for example, of heightened interest in certain aspects of the Company Platform, we are likely to highlight that information on the Platform home page. This Information helps us create a better overall experience for Platform users.

LEGAL BASIS FOR OUR USE (APPLICABLE ONLY TO EEA AND UNITED KINGDOM VISITORS): If Client are in the European Economic Area or the United Kingdom, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will collect Personal Information from Client only where we have Client’s consent to do so, where we need the Personal Information to perform a contract with Client, where we have a legal obligation to do so, or where the processing is in our legitimate interests (such as processing for administrative purposes, direct marketing, product development or improvement, preventing fraud or criminal acts and in support of information security) and not overridden by Client’s data protection interests or fundamental rights and freedoms.

If we ask Client to provide Personal Information to comply with a legal requirement or to perform a contract with Client, we will make this clear at the time of collection. We will also tell Client whether the requirement for that information is mandatory and explain any consequences to Client if it does not provide the information.

Similarly, if we collect and use Client’s Personal Information based on our legitimate interests (or those of any third party), we will take reasonable steps to provide clear notice and describe our legitimate interests.

Company is the Data Controller of all Personal Information collected through the Platform in the EEA and the United Kingdom, except with respect to the Services (where Company is the Data Processor) or where a supplemental Privacy Policy says otherwise. The contact details for the Company are set out in the “HOW TO CONTACT US” section.

If the Client has questions about or needs further information concerning the legal basis on which we collect and use Client’s Personal Information for any specific processing activity, please contact us using the contact details provided under the “HOW TO CONTACT US” Section below.

RETENTION OF CLIENT’S PERSONAL INFORMATION: We will only retain Client’s Personal Information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements and for other purposes described in this Privacy Policy. We may retain Client’s Personal Information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with Client.

To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of Client’s Personal Information, the purposes for which we process Client’s Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. In some circumstances Client can ask us to delete Client’s data: see “Client’s LEGAL RIGHTS” below for further information. And in some circumstances we will anonymize Client’s Personal Information (so that it can no longer be associated with Client) for research or statistical purposes, in which case we may use this information indefinitely without further notice to Client.

4. How Company Protects Client’s Information

The Platform is designed to provide reasonable and appropriate administrative, technical and organizational security measures to protect Client’s Personal Information against risks such as temporary or permanent loss, destruction, and unauthorized or unlawful access, alteration, use or disclosure. We require our suppliers and vendors to apply similar protections when they access or use Personal Information that we share with them. Users of the Platform must also do their part in protecting the data, systems, networks, and service they are utilizing. No technology, data transmission or system can be guaranteed to be 100% secure. If Client have reason to believe that Client’s interaction with us is no longer secure (for example, if Client feel that Client’s password to any Company account has been compromised), please immediately notify us by contacting us using the instructions in the “HOW TO CONTACT US” section below.

5. When Company Shares Client’s Information

We work through our affiliates to provide the Platform and other Company Services. We also work with authorized suppliers and business partners. When we share Client’s Personal Information with these companies, we put in place appropriate measures to limit the use of Client’s information only for legal and authorized purposes that are consistent with this Privacy Policy, as well as appropriate confidentiality and security measures.

We also share information with third parties for advertising and marketing; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of the Platform; and to protect our legal rights. We may disclose Personal Information that we collect or Client provide as described in this Privacy Policy:

With Affiliates and Subsidiaries. For purposes limited to and consistent with this Privacy Policy.
With Suppliers. Our authorized vendors and suppliers may require Personal Information to provide services we have contracted for, such as product delivery, website hosting, data analysis, IT services, auditing, or customer service. We use a wide variety of software and tools at Company, and we process Personal Information using these tools as a regular course of business. Our contracts with suppliers and vendors include provisions to protect Client’s Personal Information and limit its use.
With Partners. We occasionally have relationships with third parties that are not suppliers or vendors but are working with us to offer certain opportunities such as marketing and similar promotions, to enable joint products or research studies, or to facilitate services on the Platform. In these cases, additional terms or Privacy Policies may be provided. For third parties or uses not described in this Privacy Policy, we share Client’s information only with a lawful basis to do so.

For Advertising and Marketing. We share Client’s information with our third-party company partners to prepare and deliver advertising and marketing content, to provide content services and to enable them to provide Client with more personalized ads and to study the effectiveness of our campaigns.

In particular, we use third-party companies to communicate regarding goods and services that may be of interest to Client, in accordance with Client’s preferences. Client may receive this content by a variety of means such as email, phone or when a Client accesses and uses the Platform or other Company Services, and other websites. Content may be based on information obtained, for example, through prior purchases or transactions, through Client’s device’s physical location, through information about what advertisements and content Client have viewed, or through cookies and similar technologies relating to Client’s access to and use of the Platform and other websites. Please read our Cookies Policy for more information. Client can choose whether to allow or deny uses and/or sharing of Client’s device’s location by changing Client’s device settings, but if Client chooses to deny such uses or sharing, our partners may not be able to provide Client with the applicable Platform Services and content.

For Connections to Social Networks and Third Party Services. Where Client are using our Services and have chosen to connect Client’s social networks profiles to the Company Services, or if Client authorize a third party service to access Client’s account, Client are agreeing to provide information about Client to the social networks and the third party services under their respective terms and privacy policies. For example, if Client chooses to connect Client’s YouTube account to the Company Services, this connection uses YouTube’s API services, and the Google Privacy Policy (located here) will apply to Client. If Client has authorized us to access Client’s information via the YouTube API services, in addition to our normal procedure for deleting stored data, Client may revoke our access to Client’s data via the Google security settings page, located here.

Sales, Mergers & Acquisitions. We may disclose Personal Information as part of a contemplated or actual corporate transaction such as a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).

With Client’s Consent. Company may disclose Client’s Personal Information to any other person or entity where Client consents to the disclosure. For information about how to decline our advertising and marketing, please see the section entitled “Client’s Choices & Rights” below.

We do NOT share Client’s phone number or opt-in consent with third parties unless we’ve received Client’s express written consent to do so.

We also share non-personally identifiable information, such as anonymized or aggregated information, with suppliers for purposes such as analysis, identifying trends in the areas of our products and to help research and develop new Company Services.

Company does not sell any of Client’s Personal Information for monetary compensation.

6. Information From Children

We do not knowingly collect, use, or disclose Information from children under 13. If we learn that we have collected the Personal Information of a child under 13—or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States per the Children’s Online Privacy Protection Act—we will take steps to delete the information as soon as possible. If Client is under 13, do not provide any Information about Client to Company, including name, address, telephone number or email address. If a Client becomes aware that information from a child under 13 years of age has been provided, please use one of the methods provided under the “HOW TO CONTACT US” section below.

7. Links to Other Websites and Services

We are not responsible for the practices employed by websites or services linked to or from the Platform, including the information or content contained therein. This Privacy Policy does not address, and we are not responsible for, the policies and practices of third parties or other organizations that are not operating on Company’s behalf, including policies and practices related to privacy and security, data collection, processing, use, storage, and disclosure. This includes: (a) any third party operating any site or service to which the Platform links – the inclusion of a link on the Platform does not imply endorsement of the linked site or service by us or by our affiliates; or (b) any app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer (such as Facebook, Apple, Google, Microsoft, LinkedIn, etc.) – including any Personal Information Client disclose to other organizations through or in connection with the Platform or other Company Services.

8. Do Not Track

Some browsers incorporate a “Do Not Track” (“DNT”) feature that, when turned on, signals to websites and online services that Client does not want to be tracked. At this time, the Platform does not respond to DNT signals.

9. Client’s LEGAL RIGHTS

Company respects Client’s rights in how Client’s Personal Information is used and shared. Depending on where Client lives, Client may have rights to request access or corrections to Client’s personal data and make choices about the kinds of marketing materials Client receives (or choose not to receive marketing from Company at all). See below for more information, depending on Client’s location.

10. European Privacy Rights

If Client are in Europe, Client may have additional rights under the GDPR, the UK GDPR, or nFADP. Additional choices and rights may be available to Client depending on which Company Services Client uses.

Access, Correction to or Deletion of Client’s Information. If Client would like to correct or update Client’s Personal Information, or to request access to or deletion of Client’s Personal Information, Client may contact us by visiting the Platform or by using the contact details provided under the “HOW TO CONTACT US” section below. If Client request a change to or deletion of Client’s Personal Information, please note that we may still need to retain certain information for recordkeeping purposes, and/or to complete any transactions that Client began prior to requesting such change or deletion (e.g., when Client make a purchase or enter a promotion, Client may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion). Some of Client’s information may also remain within our systems and other records where necessary for compliance with applicable law.

At Client’s request and where the law requires us to do so, we will confirm what Personal Information we hold about Client. Client may also have a legal right to obtain a copy of Client’s Personal Information. Client can make such a request by making a written request in one of the ways described in the “HOW TO CONTACT US” section below. We may charge a processing fee for this service where permitted by law and we will require evidence of Client’s identity before fulfilling Client’s request.

Data Privacy Rights Specific to Individuals in the European Economic Area, the United Kingdom, and Switzerland. Client can object to processing of Client’s Personal Information, ask us to restrict processing of Client’s Personal Information, or request portability of Client’s Personal Information. Client can exercise these rights by making a written request in one of the ways described in the “HOW TO CONTACT US” section below.

Similarly, if we have collected Client’s Personal Information with Client’s consent, Client can withdraw Client’s consent at any time. Withdrawing Client’s consent will not affect (1) the lawfulness of any processing we conducted prior to Client’s withdrawal, or (2) processing Client’s Personal Information under other legal bases.

If Client believes we are using Client’s Personal Information in a way that is inconsistent with this Privacy Policy or for more information about Client’s rights, contact Client’s local data protection authority. Additionally, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF, Client may contact JAMS Mediation, Arbitration, and ADR Services (https://www.jamsadr.com/eu-us-data-privacy-framework) to address complaints and provide appropriate recourse free of charge to Client. Under certain conditions, Client may invoke binding arbitration. For additional information on pre-arbitration requirements, please see Annex I of the DPF Principles.

Advertising and Marketing Choices. We give Client many choices regarding our use and disclosure of Client’s Personal Information for advertising and marketing purposes. Client may access or update Client’s contact details and modify Client’s communication preferences by using one of the methods provided under the “HOW TO CONTACT US” section below. Please also note that if Client chooses not to receive marketing communications from us, we may still send Client communications related to Client’s products or the Platform, such as information about a security update, service issue or product delivery. Some advertising content is delivered through the Platform’s use of cookies and similar technologies. Our Cookies Policy includes more information on Company’s use of such technologies for advertising and other purposes.

11. International Compliance

Company is a global company with its headquarters in the United States. As such, we may transfer Client’s Personal Information between the United States and our affiliates and business partners in other countries. We may also transfer Client’s Personal Information to our third party service providers, who may be located in a different country to Client.

Company transfers information internationally in order to operate efficiently, to improve performance, and to create redundancies to protect information in the event of an outage or other problem. In so doing, we will process Client’s Personal Information in a way that meets the commitments of this Privacy Policy and complies with the law wherever we transfer it.

Whenever the Company transfers Personal Information beyond the country of origin, we will do so in accordance with applicable laws. For Personal Information originating in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland that is transferred to a Company entity outside the EEA, UK, or Switzerland, Company participates in the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and, as applicable, the UK extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). Company commits to the DPF Principles and, as needed, will take additional steps to provide appropriate safeguards for the Personal Information we transfer. The Federal Trade Commission has jurisdiction over Company’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF). Company may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Company is liable in cases of onward transfers to third parties.

12. Data Privacy Framework

Zolley, LLC and LeadConnector LLC comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Company has certified to the U.S. Department of Commerce that Company and LeadConnector adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Company has certified to the U.S. Department of Commerce that Company and Leadconnector adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Company further agrees to notify Client without undue delay, if its self-certification under any of the Data Privacy Framework is withdrawn, terminated, revoked or otherwise invalidated and provide appropriate steps to stop and remediate and unauthorized processing of such personal data.

13. California Privacy Rights

This section is addressed to California residents only and provides more information about Client’s rights under the California Consumer Privacy Act or “CCPA” (California Civil Code Section 1798.100 et seq.), as amended. Subject to certain exceptions, the CCPA grants to California residents the rights to: be notified about the collection, use, disclosure, sale or sharing of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the “sale” or “sharing” of Personal Information (where such information is sold or shared); limit the use or disclosure of Sensitive Personal Information (as defined under CCPA); and to not be discriminated against for exercising such rights.

Company does not sell Client’s Personal Information. If Client wishes to exercise Client’s right to opt-out of Company using Client’s Personal Information for cross-contextual targeted advertising purposes (called “sharing” under the CCPA), Client may do so by using the details in the “HOW TO CONTACT US” section or the appropriate withdrawal mechanism provided to Client on the Platform.

Client can request access to, correction of or deletion of Client’s Personal Information by using the details in the “HOW TO CONTACT US” section. If Client requests a deletion of Client’s Personal Information, please note that Company may still need to retain certain information for recordkeeping purposes, to complete any transactions that Client began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CCPA. If Client submits a request to exercise rights under CCPA, Company will ask Client to provide certain information to verify Client’s identity. This information will depend on the Client’s prior interactions with Company and the sensitivity of Personal Information at issue. If Company denies Client’s request, we will explain why.

Client can designate an authorized agent to make a request under the CCPA on Client’s behalf in certain circumstances. If Client uses an authorized agent for this purpose, Company may ask Client to verify Client’s identity or that Client provided the authorized agent signed permission to submit a request under the CCPA. If Client provides an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and Company will respond to any request from such authorized agent in accordance with the CCPA.

The Privacy Policy describes the categories of Personal Information that Company collects and how Company uses such Personal Information. If Company collects Sensitive Personal Information, we limit our use of the Sensitive Personal Information to uses: (1) Client have authorized, (2) that are required to fulfill Client’s requests for goods or services, or (3) that are otherwise allowed by the CCPA or required by other laws or regulations.

The categories of Personal Information collected, disclosed, and sold from California residents over the preceding 12 months and Company’s applicable retention periods include:

Personal Information Category	Retention Period	Business Purpose	Collected	Disclosed	Sold
Identifiers (such name, address, IP address, email, etc.)	See Section 3 of Privacy Policy: “Retention of Client’s Personal Information”	For functionality, customer support, business operations, communication, advertising and marketing, and statistical purposes.	Yes	Yes	No
Personal information defined in Civil Code Section 1798.80(e) (such as signature, SSN, financial information, and insurance information, etc.)			No	No	No
Protected personal information (such as gender, religion, sexual orientation, or disability)			No	No	No
Commercial information (such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, etc.)	See Section 3 of Privacy Policy: “Retention of Client’s Personal Information”	For development, customer support, business operations, communication, advertising and marketing, and statistical purposes.	Yes	No	No
Biometric information			No	No	No
Internet or other similar network activity (such as information on a consumer’s interaction with a website, application, or advertisement, etc.)	See Section 3 of Privacy Policy: “Retention of Client’s Personal Information”	For functionality, business operations, and statistical purposes.	Yes	Yes	No
Geolocation data			No	No	No
Audio, electronic, visual, thermal, or olfactory information			No	No	No
Professional or employment-related information			No	No	No
Education information			No	No	No
Inferences (such as analytics and preferences)			Yes	Yes	No

14. Colorado Privacy Rights

This section is addressed to Colorado residents only and provides more information about Client’s rights under the Colorado Privacy Act or “CPA.” Subject to certain exceptions, the CPA grants to Colorado residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; and request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling.

Client can request access to, correction of or deletion of Client’s Personal Information by using the details in the “HOW TO CONTACT US” section. If Client requests a deletion of Client’s Personal Information, please note that Company may still need to retain certain information for recordkeeping purposes, to complete any transactions that Client began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CPA. If Client submits a request to exercise rights under CPA, Company will ask Client to provide certain information to verify Client’s identity. This information will depend on Client’s prior interactions with Company and the sensitivity of Personal Information at issue. If Company denies Client’s request, we will explain why. If we have not responded to Client’s request or asked for additional time to respond to Client’s request within 45 days after Client sends us a request, Client has the right to appeal our failure to take action. To appeal our failure to take action, contact us using the details in the “HOW TO CONTACT US” section.

Client can designate an authorized agent to make a request under the CPA on Client’s behalf in certain circumstances. If Client uses an authorized agent for this purpose, Company may ask Client to verify Client’s identity or that Client provided the authorized agent signed permission to submit a request under the CPA.

15. Connecticut Privacy Rights

This section is addressed to Connecticut residents only and provides more information about Client’s rights under the Connecticut Data Privacy Act or “CTDPA.” Client can exercise Client’s rights by using the details in the “HOW TO CONTACT US” section. If we inform Client that we decline to take action regarding Client’s request, Client has the right to appeal our failure to take action by contacting us using the details in the “HOW TO CONTACT US” section.

16. Utah Privacy Rights

This section is addressed to Utah residents only and provides more information about Client’s rights under the Utah Consumer Privacy Act or “UCPA.” Client can exercise Client’s rights by using the details in the “HOW TO CONTACT US” section.

17. Virginia Privacy Rights

This section is addressed to Virginia residents only and provides more information about Client’s rights under Virginia’s Consumer Data Protection Act or “VCDPA.” Subject to certain exceptions, the VCDPA grants to Virginia residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling; and to not be discriminated against for exercising such rights.

Client can request access to, correction of or deletion of Client’s Personal Information by using the details in the “HOW TO CONTACT US” section. If Client requests a deletion of Client’s Personal Information, please note that Company may still need to retain certain information for recordkeeping purposes, to complete any transactions that Client began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by VCDPA. If Client submits a request to exercise rights under VCDPA, Company will ask Client to provide certain information to verify Client’s identity. This information will depend on Client’s prior interactions with the Company and the sensitivity of Personal Information at issue. If the Company denies the Client’s request, we will explain why. If we inform Client that we decline to take action regarding Client’s request, Client has the right to appeal our failure to take action. To appeal our failure to take action, contact us using the details in the “HOW TO CONTACT US” section.

18. How To Contact Us About This Privacy Policy

To ask questions about this Privacy Policy and our privacy practices, contact us at legal@zolley.com or by mail at:

Zolley, LLC

ATTN: Legal Department

150 E Palmetto Park Rd #800

Boca Raton, FL 33432

Privacy Policy

Social Media

Services

Industries

Company