Privacy policy

Effective Date:

May 22, 2021

1. Introduction

This App Orchid General Privacy Policy (also referred to as this “Privacy Policy”) provides information on the collection, use, sharing and processing of personal information by App Orchid, Inc. and its affiliates (“App Orchid”, “we” or “us”) in connection with your use of App Orchid websites and social media pages that link to this PrivacyPolicy or at App Orchid events where you share personal information or personal data with us, your interactions with App Orchid via electronic communication tools such as email or telephone and in the context of other offline sales and marketing activities. ThisPrivacy Policy also explains the choices you have in relation to these processing activities.This Privacy Policy was last updated on May 22, 2021. However, the Privacy Policy can change over time, for example to comply with legal requirements or to meet changing business needs. In case there is an important change that we want to highlight to you, we will also inform you in another appropriate way (for example via a pop-up notice or statement of changes on our website).As used in this Privacy Policy, “personal information” or “personal data” means information that relates to an identified individual or to an identifiable individual. For example, this could include among other things your name, address, email address, business contact details, or information gathered through your interactions with us via our websites or at events. Personal information is also referred to as “information about you.” For more detail about the types of information about you that we may process, please refer to Section 4 below

‍

2. Scope

This Privacy Policy applies to the processing of personal information by App Orchid of:

visitors and users of the various App Orchid sites, including our websites on AppOrchid.com, computer or mobile software applications and our social media pages that link to this Privacy Policy (collectively referred to as the “sites”);
attendees of App Orchid-hosted events;
customers and prospective customers and their representatives;
subscribers to any App Orchid publications; and
suppliers and business partners and their representatives.

When interacting with our websites, you also have the ability to link or connect with nonApp Orchid websites, services, social networks, applications or other features. Enabling these features will lead to other parties than App Orchid processing information about you.App Orchid does not have any control over these features of other parties. We encourage you to review the privacy policies of these parties before using these features.

‍

3. Who Is Responsible For Your Personal Information?

App Orchid is responsible for processing your personal information described in thisPrivacy Policy.

‍

4. Which Types Of Personal Information Do We Process And From WhichSources?

App Orchid can process information about you collected both offline and online

Offline information about you originates from our interactions with you during in person meetings or at App Orchid events, conferences, workshops or gatherings; and
Online information about you originates from your activities on our sites, for example, in relation with your App Orchid accounts, or (pre-)sales inquiries, or from your interactions with App Orchid via electronic communication tools such as email or telephone. Information about you may also be provided by third party sources, such as data aggregators who may not have a relationship with you.

Online information about you may also originate from the use of cookies and similar technologies (for example, pixel tags and device identifiers) on our sites or sites of third parties. For more information on cookies and similar technologies, please see Section 10 below.

Information about you that App Orchid may be collect and process includes:

name and physical address, email addresses, and telephone numbers;
demographic attributes, when tied to personal information that identifies you;
photographs and testimonials;
transactional data, including products and services ordered, financial details and payment methods;
company data such as the name, size and location of the company you work for and your role within the company;
data from surveys and publicly available information, such as social media posts;
unique IDs such as your mobile device identifier or cookie ID on your browser;
IP address and information that may be derived from IP address, such as geographic location
information about a device you use, such as browser, device type, operating system, the presence or use of “apps”, screen resolution, and the preferred language; and
behavioral data of the internet connected computer or device you use when interacting with the sites, such as advertisements clicked or viewed, sites and content areas, date and time of activities or the web search used to locate and navigate to a site.

Please note that App Orchid does not control the content that you may post to any AppOrchid community forums or social networks; in some cases, such content may be publicly available on the Internet. You should carefully consider whether you wish to submit personal information to these forums or social networks and whether you wish to make your profile available to other users, and you should tailor any content you may submit accordingly.

‍

5. Why And How Do We Use Your Personal Information?

We may use personal information for the following purposes:

to communicate and respond to your requests and inquiries to App Orchid;
to deliver functionality on our sites and for their technical and functional management;
to market our products and services or related products and services, and to tailor our marketing and sales activities to your or your company’s interests;
administer subscriptions to any App Orchid publications;
to engage in transactions with customers, suppliers and business partners and to process orders for App Orchid products and services;
to analyze, develop, improve and optimize the use, function and performance of our sites and products and services;
to manage the security of our sites, networks and systems;
to comply with applicable laws and regulations and to operate our business;

These purposes are described below in further detail.

To communicate and respond to your requests and inquiries to App Orchid

If you get in touch with us (such as by submitting contact forms on our sites, attendingApp Orchid events or other occasions, sending an email or by visiting social media platforms), we process information about you to communicate with you and to respond to your requests or other inquiries. We can also process personal information to interact with you on third party social networks.

To deliver functionality on our sites and for their technical and functional management

When you choose to register with us (such as to submit inquiries regarding our products and services or make use of any App Orchid online communities), we need to process the personal information provided by you so that we can create and manage a personal account for you. Upon creating your account, we will send you your personal login information. This personal information enables us to administer your account, for example by changing your password for you.

To market our products and services or related products and services and to tailor marketing and sales activities

App Orchid may use information about you to notify you about new product releases and service developments, events, alerts, updates, prices, terms, special offers and associated campaigns and promotions (including via newsletters). App Orchid may also use personal information to advertise App Orchid's products and services or related products and services, and also to have our distributors, resellers or partners notify you about our products or services or their related products or services (such as via joint sales or product promotions). We do our best to tailor your website visit, marketing experience and our communications to your expressed interests. This happens, for example, if you sign up for an App Orchid community.

If you attend an event, App Orchid may process information about you gathered in relation to the event and can share information about your attendance with your company. AppOrchid may also permit designated event partners or conference sponsors to send you communications related to your event attendance. Please note that our partners or conference sponsors may directly request information about you at their conference booths or presentations, and their use of your information that you provide to them will be subject to their privacy policies.

We may also process your personal information to post testimonials on our sites, but will first obtain your consent to use your name and testimonial.

To administer subscriptions of App Orchid Publications

If you subscribe to any of our publications (such as a newsletter), we process information about you to administer your subscription to such publications (including any renewal process).

To engage in transactions with customers, suppliers and business partners and to process purchases of our products and services

If you place an order for our products and services, or if you provide services to AppOrchid, our employees, customers or partners as a supplier or business partner, AppPage 5 of 22Orchid processes information about you to engage in and administer the relevant transactions (such as by sending invoices and making payments), administer your order ,and help you get started and adopt our products and services. If you download products or services from our sites, App Orchid uses information about you to confirm certain information about your order.

To analyze, develop, improve and optimize the use, function and performance of our sites and products and services

We may process personal information in order to analyze, develop, improve and optimize the use, function and performance of our sites and products and services, as well as marketing and sales campaigns. In case the sites permit you to participate in interactive discussions, create a profile, post comments, opportunities or other content, or communicate directly with another user or otherwise engage in networking activities, AppOrchid may process personal information when moderating these activities.

To manage the security of our sites, networks and systems

We may collect site use data for security and operations management to help keep our sites, networks, and systems secure, or to investigate and prevent potential fraud, including ad fraud and cyber-attacks, and to detect bots.

To comply with applicable laws and regulations and to operate our business:

In some cases, we have to process personal information to comply with applicable laws and regulations. For example, to respond to a request from a regulator or to defend a legal claim. We may also process personal information in the performance and operation of our business, such as to conduct internal audits and investigations, or for finance, accounting, archiving, and insurance purposes.

‍

6. What Is Our Basis For Processing Information About You?

For personal information collected about you in the European Union, our basis for processing is the following:

In order to communicate adequately with you and to respond to your requests, we need to process information about you and therefore have a legitimate interest in processing this information.
In order to engage in transactions with customers, suppliers, and business partners, and to process purchases and downloads of our products and services, we need to process information about you as necessary to enter into or perform a contract with you.
We process personal information for marketing and sales activities based on your consent, where so indicated on our sites at the time your personal information was collected, or further to our legitimate interest to market and promote our products and services.
We rely on our legitimate interest to analyze, develop, improve, and optimize our sites, products, and services, and to maintain the security of our sites, networks, and systems.
In order to comply with applicable laws and regulations, such as to comply with a subpoena or other legal process, or to process an opt-out request.

‍

7. For What Period Do We Retain Personal Information?

App Orchid maintains personal information for the following retention periods:

In accordance with the App Orchid Data Retention Policy, App Orchid shall not retain personal data longer than necessary to accomplish the legitimate business purpose for which the personal data was collected and processed by App Orchid, or as required by the terms of a customer contract or applicable law. Such obsolete personal data, and the media on which it is contained, will be destroyed in a secure manner or, where appropriate, returned to a customer.

‍

8. When And How Can We Share Your Personal Information?

Sharing within App Orchid

App Orchid employees are authorized to access personal information only to the extent necessary to serve the applicable purpose(s) and to perform their job functions.

Sharing with third parties

We may share personal information with the following third parties:

Third-party service providers (for example, credit card processing services, order fulfilment, analytics, event/campaign management, website management, information technology and related infrastructure provision, customer service, e-mail delivery, auditing, and other similar service providers) may be engaged in order for those service providers to perform business functions on behalf of App Orchid.
App Orchid distributors or resellers for further follow-up related to your interests, specific partners that offer complementary products and services, or with third parties to facilitate interest-based advertising.
Relevant third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
As required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to government requests—including public and government authorities outside your country of residence—for national security and/or law enforcement purposes.

When third parties are given access to personal information, we will take appropriate contractual, technical, and organizational measures designed to ensure that personal information is processed only to the extent that such processing is necessary, consistent with this Privacy Policy, and in accordance with applicable law.

‍

9. How Is Your Personal Information Secured?

App Orchid has implemented appropriate technical, physical and organizational measures designed to protect personal information against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorized disclosure or access, as well as all other forms of unlawful processing.

‍

10. What Cookies And Similar Technologies Do We Use On Our Sites?

Cookies and similar technologies (e.g., pixels tags and device identifiers) are used by AppOrchid and our advertising technology partners to recognize you and/or your device(s) on, off and across different services and devices for the purposes specified in Section 5 above.

When do we use cookies and similar technologies?
Cookies are small text files that contain a string of characters and uniquely identify a browser on a device connected to the Internet. Any browser visiting our sites will receive cookies from us. We also place cookies in your browser when you visit nonApp Orchid sites that host our plugins or tags. We use cookies and other technologies on all our sites to ensure the best possible and secure experience on our sites and to provide you with tailored information on products and services. App Orchid also uses cookies or similar technologies on its sites to collect online information such as your mobile device ID, IP address, and other information about your device, as well as behavioral data of your device usage on our sites (e.g. pages viewed, links clicked, documents downloaded)
How can I manage my cookie preferences?
You can control the use of cookies at the individual browser level. If you elect not to activate the cookie or to later disable cookies, you may still visit our Websites, but your ability to use some features or areas of the Websites may be limited. For further information on how to manage Flash cookies please click here. You can generally activate or later deactivate the use of cookies through a functionality built into your web browser. To learn more about how to control cookie settings through your browser:
Click here to learn more about the “Private Browsing” setting and managing cookie settings in Firefox;
Click here to learn more about “Incognito” and managing cookie settings in Chrome;
Click here to learn more about “In Private” and managing cookie settings in InternetExplorer; or
Click here to learn more about “Private Browsing” and managing cookie settings in Safari.‍

If you want to learn more about cookies, or how to control, disable or delete them, please visit http://www.aboutcookies.org for detailed guidance. In addition, certain third party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here.

Many jurisdictions require or recommend that website operators inform users/visitors as to the nature of cookies they utilize and, in certain circumstances, obtain the consent of their users to the placement of certain cookies.

The Websites include third party social media features, such as the Facebook Like button, and third party widgets, such as the ‘Share This’ button or interactive mini-programs that run on websites. These features may collect your IP address, which page you are visiting on the websites, and set a cookie to enable the feature to function properly. Your interaction with these features is governed by the privacy policy of the third party company providing it.

‍

11. What Are Your Choices?

We provide multiple choices in respect of the information we process about you:

Opt-out of our use of your personal information
You may withdraw consent you have previously provided for the processing of information about you, including for email marketing by App Orchid.
Delete personal information
You can ask us to erase or delete all or some of the information about you.
Change or correct personal information
You can edit some of the information about you by. You can also ask us to change, update or fix information about you in certain cases, particularly if it is inaccurate.
Object to, or limit or restrict use of personal information
You can ask us to stop using all or some of the information about you (for example, if we have no legal right to keep using it) or to limit our use of it (for example, if the information about you is inaccurate).
Right to access and/or have your information provided to you
You can also ask us for a copy of information about you and can ask for a copy of information about you provided in machine readable form if you reside in the EU or other country that provides you this right as a matter of law.

You can exercise these choices in accordance with applicable laws as specified on the Privacy Choices Section of this Privacy Policy, or by contacting us at privacy@apporchid.com.

‍

12. Do You Collect Sensitive Information And Information From Children?

Sensitive Personal Information

We ask that you do not send us, and do not share any sensitive personal information (for example, government-issued IDs, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, genetic, or biometric data, criminal background or trade union membership).

Children’s Privacy

As a company focused on serving the needs of businesses, App Orchid's sites are not directed to minors and App Orchid does not promote or market its services to minors, except in very limited circumstances as part of specific educational outreach programs with parental permission. If you believe that we have mistakenly or unintentionally collected personal information of a minor through our sites without appropriate consent, please notify us through our inquiry form so that we may immediately delete the information from our servers and make any other necessary corrections. Additionally, please use this same form to request removal of content or information that was posted to our sites when the registered user was under the age of 16. Please note that such requests may not ensure complete or comprehensive removal of the content or information, as, for example, some of the content may have been reposted by another user.

‍

13. Privacy Choices

Preference, Opt-Out and EU/EEA Subject Access Mechanisms

In addition to any specific choices that may be described in this Privacy Policy, App provides you with the following choice mechanisms to customize and control your preferences with regard to your personal information. If you have a question or concern with regard to any of these choice mechanisms, please contact us at privacy@apporchid.com.

Cookie Preferences on App Orchid Websites

You may opt out of cookie usage, by configuring your browser settings to restrict cookies and by using tools provided by the following industry groups:

Digital Advertising Alliance (DAA): http://www.aboutads.info/choices/
Network Advertising Initiative (NAI): http://www.networkadvertising.org/choices/
European Interactive Digital Adverting Alliance (EDAA): http://www.youronlinechoices.eu/ and http://www.edaa.eu/

EU/EEA Resident Data Subject Access Request and Rights Process

Pursuant to the E.U. General Data Protection Regulation (GDPR) and other applicable laws and regulations, individuals in the EU/EEA and other jurisdictions may have data subject rights enabling them to request to access, delete, correct, remove or limit the use, or receive a copy of their personal information in App Orchid’s possession or for whichApp Orchid is otherwise responsible.

In the event you have the above rights and would like to exercise such rights, you may make the request by contacting us at privacy@apporchid.com.

‍

CALIFORNIA’S “SHINE THE LIGHT” LAW

California’s “Shine the Light” law permits users of our properties that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at the contact information under Contacting Us.

‍

California Privacy Notice

Effective as of: January 1, 2021

This notice was last reviewed as of the effective date of the general privacy policy stated above.

If you are a California resident and we collect your personal information, this Privacy Notice for California Residents (“California Notice”) applies to you(“consumers” or ”you”), except as stated below. This California Notice is in addition to the information in our privacy policy above.

Where noted in this California Notice, the CCPA temporarily exempts certain personal information reflecting a written or verbal business-to-business communication or transaction (“B2B personal information”) from certain CCPA requirements. In addition, employees, job applicants, contractors, owners, directors and officers of App Orchid who are California residents do not have the same rights as set forth in this California

Notice. See “Collection of Information” below for additional information about excluded personal information.

All terms defined in the California Consumer Privacy Act of 2018 (CCPA) have the same meaning when used in this California Notice.

Collection of Information

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, device or household (“personal information”).

We have collected the following categories of personal information from our consumers within the last twelve (12) months:

‍

CCPA Category	CCPA Examples	Collected by App Orchid?
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	YES, for example name, email address, postal address, App Orchid and business customer identifiers, and social media identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES, for example name, address and phone number.
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES, for example age and gender.
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	NO
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	YES
G. Geolocation data.	Physical location or movements.	YES
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	NO
I. Professional or employment-related information.	Current or past job history or performance evaluations.	NO
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information.	EProfile reflecting a person’s preferences, characteristics,psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	YES

‍

Categories of Sources:

We obtain the above categories of personal information from the following categories of sources:

Directly from you,
Automatically collected information,
Our business customers,
Our service providers, and
Information when you log in with a third party’s single sign-in.

What is not personal information or not covered?

De-identified or aggregated consumer information is not personal information underCCPA.
Publicly available information from government records is not personal information under CCPA.
Health or medical information covered by the Health Insurance Portability andAccountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data are also not personal information under CCPA.
Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994 are also not personal information under CCPA.

Certain “excluded personal information” is temporarily excluded from the definition of personal information. The term ”excluded personal information” means personal information that we collect about a natural person who resides in California in the course of the person acting as any of the following (to the extent we collect and use the information solely within the context of that role):

a job applicant of App Orchid,
an employee of App Orchid,
a controlling owner of App Orchid,
a director of the board or an officer of App Orchid,
a medical staff member of App Orchid (if any), and
a contractor of App Orchid.

Also, emergency contact information and information needed to administer benefits for the individuals covered above is not covered by this California Notice.

Use of Information

We may use the personal information for one or more of the following purposes:

Fulfilling your requests
Providing and improving the Service, including tracking rewards.
Sending you communications.
For our business purposes
As we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations and the security of our Services;(f) to protect our rights, privacy, safety or property, and/or that of you or others; (g)to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.
As described to you when collecting your personal information or as otherwise permitted in the CCPA.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Information Sharing

Sales of Personal Information

In the preceding twelve (12) months, we have not sold your personal information. “Sold” is defined under the CCPA.

Disclosures of Personal Information for a Business Purpose

We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We share your personal information with the following categories of third parties:

Our affiliates.
Our business customers.
Our service providers.
A buyer of our business.
The public, voluntarily by you.

We may also share your information as we believe to be necessary or appropriate: (a)under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities(including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations and the security of ourServices; (f) to protect our rights, privacy, safety or property, and/or that of you or others;(g) to allow us to pursue available remedies or limit the damages that we may sustain; and(h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.

Your Rights and Choices

Under the CCPA, California residents have specific rights about their personal information. See below for information about these rights. The CCPA does not give these rights to consumers with B2B personal information.

Access to Specific Information and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Rights), we will disclose to you:

The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you (which will allow you to exercise your data portability right).

Deletion Request

You have the right to request that we delete any of your personal information that we collected from you and still retain, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. PenalCode § 1546 et. seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair there search’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Rights

To exercise your rights above, please submit a verifiable consumer request to us by either:

Emailing us at privacy@apporchid.com and providing your full name and email address and the request that you are making (e.g., right to access, portability or deletion).

The CCPA does not give these rights to consumers with B2B personal information.

Only you, or someone legally authorized to act for you, may make a verifiable consumer request about your personal information.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request.
Making a verifiable consumer request does not require you to create an account with us. We may require you to make your request through your account if you have an account with us.

Format of Response and Timing

We will try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically.

Any disclosures we provide will only cover the 12-month period preceding the request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

We may offer certain financial incentives permitted by the CCPA that could result indifferent prices, rates, or quality levels. The incentive will reasonably relate to your personal information’s value to us and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

‍

Privacy Notice for California Company Workforce

Effective as of January 1, 2021

This Privacy Notice for California Company Workforce (“California Workforce Notice”) applies solely to employees, job applicants, controlling owners, directors, officers, independent contractors, and medical staff of App Orchid (if any) who reside in California (“you” or ”Company Workforce”).

We have adopted this California Workforce Notice to comply with the California Consumer Privacy Act of 2018 (CCPA) with respect to certain Company Workforce. Any terms defined in the CCPA have the same meaning when used in this California Workforce Notice.

Information We Collect from Company Workforce

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an individual in the Company Workforce in the course of the natural person acting in his/her capacity as an individual in the Company Workforce (“personal information”).

We have collected the following categories of personal information from our Company Workforce within the last twelve (12) months:

‍

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	NO
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	YES
G. Geolocation data.	Physical location or movements.	YES
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	YES, audio recordings of certain support related calls
I. Professional or employment-related information.	Current or past job history or performance evaluations.	YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	YES

‍

Deidentified or aggregated consumer information is not personal information under CCPA.
Publicly available information from government records is not personal information under CCPA.
Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data are also not personal information under CCPA.
Personal information covered by certain sector-specific privacy laws, including theFair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994 are also not personal information under CCPA.

Use of Personal Information

We may use the personal information of the Company Workforce for one or more of the following purposes:

Employees, directors and officers: We may use your information for the following purposes: identifying you, verifying work authorization, administering taxes and health, medical and other benefit plans, keeping track of your records, contacting you, facilitating payment to bank accounts, contributing to 401(k) plans, garnishing wages required by law, evaluating performance, tracking efficiency and productivity, protecting against disclosure of confidential information and trade secrets, and ensuring compliance with applicable laws and company policies.
Job applicants: We may use your information for the following purposes: identifying you, keeping track of records, contacting you, evaluating your candidacy, performing background and reference checks, and onboarding you.
Independent contractors: We may use your information for the following purposes: identifying you, administering taxes, keeping track of your records, contacting you, facilitating payment to bank accounts, evaluating performance, tracking efficiency and productivity, protecting against disclosure of confidential information and trade secrets, and ensuring compliance with applicable laws and company policies.
Legal and Other Uses: We may also use your information if we believe it is required or appropriate: (a) to prevent or stop activity that we may think is, or is at risk of being, illegal, unethical or legally actionable activity; (b) to protect our rights, privacy, safety or property, and that of you and others; (c) to protect our operations and the security of our Services; (d) under applicable law; (e) to comply with legal process and our legal obligations; (f) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (g) to enforce our terms and conditions; and (h) to allow us to pursue available remedies or limit potential damages.
We may use your information as described to you when collecting your personal information or as otherwise set forth in the CCPA.

‍

14. Contact Us Regarding Privacy-Related Matters.

If you believe your personal information has been used in a way that is not consistent with this Privacy Policy or your choices, or if you have further questions, comments or suggestions related to this Privacy Policy, please contact the us at privacy@apporchid.com.

Written inquiries to the us related to privacy matters may be addressed to:

App Orchid, Inc.

6111 Bollinger Canyon Road, Suite 570

San Ramon, CA 94583

U.S.A.

Attention: Legal Department - Privacy

‍

15. Dispute Resolution Or Filing A Complaint

If you have any complaints regarding our compliance with this Privacy Policy, please contact us first. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with this Privacy Policy and in accordance with applicable law.

‍

16. App Orchid Corporate Headquarters

App Orchid's corporate headquarters are located at: