We Value Your Trust
OpenTech is committed to the highest standards in protecting and safeguarding your right to privacy.
Corporate Headquarters:
Suite 100
Phoenix, AZ 85029
OpenTech Alliance, Inc. Corporate Privacy Policy
Last Updated: May 2024
OpenTech Alliance, Inc. and our brands, which include, but are not limited to, INNSOMNIAC (collectively, “OpenTech,” “we,” “us,” or “our”), are committed to providing our website users, tenants, customers, and business partners with clear and concise information regarding our privacy policy and practices. We respect the privacy of our customers and users and have developed this Policy to demonstrate our commitment to protecting your privacy.
1. Scope of this Policy
This Policy is intended to describe our policy and practices with respect to the collection, use, disclosure, and data processing of personal information relating to users of our websites, apps, products, and services, while emphasizing the importance of consent and opt-in mechanisms.
For the purposes of this Policy, the term “websites” shall refer collectively to www.opentechalliance.com as well as the other websites that we operate and that link to this Policy.
In this Policy, personal information means information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, and/or online identifier or to one or more factors specific to his/her physical, physiological, genetic, mental, economic, cultural, or social identity. Personal information does not include aggregate information or de-identified information, meaning that the information can no longer be attributed to an identifiable natural person without the use of additional information.
We are committed to obtaining users’ consent and offering opt-in choices whenever required or appropriate, such as when collecting personal information, using personal information for marketing purposes. We will provide clear and conspicuous notice of the purposes for which personal information is collected, and users will be given the opportunity to actively agree to or opt-in to these purposes.
Personal information is required for us to be able to provide the services to you. In addition, some of the services we provide require that we disclose your personal information to third parties, such as to companies that help us to provide our services or process data on our behalf. If you are not willing to provide your personal information and have it disclosed to third parties in accordance with this Policy, you will not be able to use our services. Subject to certain legal obligations that may require retention or processing of the data. In cases where legal obligations apply, total withdrawal of consent may not be available. Refer to the Contact Us section for the methods of withdrawing consent.
Our websites and apps may contain links to other websites that do not operate under this Policy. These third-party websites may independently solicit and collect personal information from you and, in some instances, provide us with information about your activities on those websites. Third party advertisers may also utilize cookies, web beacons, and similar technologies to collect information regarding your website interactions and activities. These third-party technologies may be utilized by those entities to provide targeted advertising and web links based upon your activities and preferences. If you choose to interact with specific advertisers who advertise on our sites, the information you provide to them is subject to the conditions of their specific privacy policies and in no way covered by the practices described in this policy.
While we strongly support the protection of privacy on the Internet, we do not have control over, and cannot be responsible for, the actions of other third parties. We encourage you to review each such third party’s privacy statement and other otherwise understand its privacy practices, before providing personal information directly to it.
This Policy does not create rights enforceable by third parties.
2. Personal Information We Collect
We may collect various types of information, both personal and anonymous, through our products, services, websites, and apps, to operate effectively and provide you with the best experiences with our services. This information is gathered from your usage of our products and services, as well as from your entry of information on our websites and apps. We obtain some of your information, such as your IP address, by recording how you interact with our services. We may also obtain information about you from our business partners or other third parties, subject to applicable data privacy laws and regulations.
We may automatically receive and collect certain personal information, as outlined elsewhere in this Policy, and including analytics regarding our websites and apps, information your internet browser automatically sends when you visit our websites and apps, and information collected by cookies. We will collect personal information that can identify you, such as your name and email address, only after obtaining your consent or when it is necessary for a legitimate purpose. We will also collect other information that does not identify you, ensuring that such information is processed in accordance with applicable data privacy laws in the region you as a user resides.
In accordance with data privacy laws, we are committed to being transparent about our data collection practices, providing users with control over their personal information, and implementing appropriate security measures to protect user data.
Information Provided by You
We ask for and may collect personal information about you such as your name, address, telephone number, and email address. For certain financial services, personal information may also include data such as payment data and account numbers. You have the option to choose not to provide personal information to us; however, the lack of such personal information will typically prevent us from providing the requested products or services to you.
Information that We Collect From You On Our Websites and Apps
We also may use various technologies to collect information from your computer or device and about your activities on our websites or apps.
a. Information collected automatically. In accordance with data privacy laws and to ensure transparency, we seek your consent before collecting any information automatically when you access our websites and apps. This information may include details such as your IP address, device information, browser type, internet connection speed, previously visited web pages, and your interactions with various elements on our site. We do not engage in automated decision-making, including profiling, nor do we use auto-decision logic. By providing your consent, you allow us to utilize this information for the following purposes: (1) to manage and safeguard our websites, apps, products, services, and users against fraudulent, abusive, or unlawful uses; and (2) to facilitate research, development, and enhancement of our websites, apps, products, and services. Furthermore, this information may aggregated or anonymized for business and marketing purposes, either by us or by authorized third parties, in accordance with applicable data privacy regulations. Rest assured, your consent can be withdrawn at any time, and we will always respect your data privacy rights.
b. Cookies, Web Beacons, and Other Technologies. When you access our websites and/or apps, we may place small text files (“cookies”) on your computer for recordkeeping purposes. Cookies help us collect information about your activity on our websites, products, and services, which allows us to improve your online experience, remember your preferences and settings, deliver personalized advertising based on your interests, and provide other customization options.
In addition to cookies, we may employ web beacons, clear gifs, session replay tools, Facebook (Meta) Pixel, or other technologies integrated into our websites, products and services to gather information on user interactions and feature utilization.
These technologies assist in personalizing your OpenTech experience and linking your interactions with our products and services to other information within your account. For instance, these technologies can identify popular pages, viewing patterns, click-throughs, conversion rates, and other data that enables us to improve, monitor, and operate our websites, products, and services. For a comprehensive understanding of how these technologies work and how your activity records are utilized, please review the Google Analytics privacy disclosures at www.google.com/policies/privacy/partners/.
We kindly request your consent to use cookies and similar technologies. Most internet browsers offer controls that enable users to manage or disable the placement and usage of cookies on their devices. However, please be aware that disabling cookies may deactivate or limit certain features on OpenTech websites, products, and services.
c. Social Media. Our websites, apps, products, and services may include our websites, apps, products, and services may offer the option of integration with third-party social networking sites and associated social media plugins or applications. By linking or integrating our websites, apps, products, and services with your social media applications (e.g., Facebook, LinkedIn, Twitter, Google+, etc.), you grant us permission to access specific information from your social media profile (e.g., name, email address, photo, gender, birthday, location, list of friends, comments, etc.) for content delivery or as part of the integrated application’s operation. We may also obtain non-personally identifiable information (e.g., content viewed, advertising viewed, etc.) from your interactions with our integrated content.
By opting to integrate our websites, apps, product, and services with social media applications, you consent to the use of this information in accordance with our privacy policy. Please note that when you provide personal information to us through an integrated application, it may be visible to other members of these sites, and we cannot prevent further use of the information by independent third parties. To learn more about how social networking sites manage your personal information and the available privacy settings, please consult their respective privacy policies and terms of use.
Information Collected from Other Sources
If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.
3. Mobile Applications and Locations-Based Services
Certain OpenTech websites, apps, products, and services offer mobile applications for access via smartphones and tablet devices. The information handling practices outlined in this policy apply to these mobile applications as well.
Before using our services, we kindly request your consent to provide location-based features in our mobile applications. Our mobile applications may include the option to deliver useful information based on your current location. To provide such location-based services, we may collect, use, and share precise location data, including the real-time geographic location of your mobile device. We gather this location data anonymously in a form that does not personally identify you, and it is used exclusively by us to provide and enhance location-based products and services. By granting your consent and using our mobile applications, you agree to the collection and use of your location data for these purposes. If you prefer to deactivate this feature, you can disable the location services on your mobile device.
4. How We Use Personal Information
We use the personal information we collect for a variety of purposes. The legal basis for our processing of personal information will depend on the specific context in which we collect it. We will retain personal information for as long as it is needed.
General Uses
We may use information that we collect about you to:
- Managing your account and providing customer support;
- Conducting research and analysis regarding your use of, or interest in, our products, services, or content, as well as products, services, or content offered by others;
- Communicating with you via email, postal mail, telephone, and/or mobile devices about products or services that may be of interest to you, either from us or other third parties;
- Developing and displaying personalized content and advertising tailored to your interests on our site and other sites;
- Verifying your eligibility and awarding prizes in connection with promotions, contests, and sweepstakes;
- Enforcing our terms and conditions;
- Managing our business and performing functions as described to you at the time of collection;
- Ensuring legal compliance;
- Processing payment for any purchases or sales made on our websites and apps, protecting against or identifying potential fraudulent transactions, and handling other business-related needs; and/or
- Utilizing the information, you provided to occasionally notify you about special sales or services and other valuable updates, personalizing your shopping transactions (if you prefer not to be contacted in this manner, please follow the Opt-Out instructions provided in this Policy).
- Enhancing the security and safety of our websites, apps, products, and services for all users;
- Identifying and resolving technical issues, bugs, and improving the overall performance of our platforms;
- Conducting customer satisfaction surveys and soliciting feedback to help us better understand your needs and expectations;
- Facilitating communication and collaboration among users, where applicable, to foster a sense of community;
- Providing personalized product and service recommendations based on your preferences, browsing history, and past purchases;
- Informing you about important updates, changes, or announcements related to our products, services, and policies;
- Analyzing demographic and user behavior trends to improve our marketing strategies and cater to diverse user needs;
- Complying with legal requests and obligations, such as responding to subpoenas or court orders, or cooperating with law enforcement agencies when necessary.
- Monitoring and analyzing user-generated content, such as reviews, comments, or forum discussions, to maintain a positive and respectful community environment;
- Providing users with tailored learning resources, tips, or suggestions to help them make the most of our products and services;
- Notifying users about upcoming events, webinars, or workshops related to our products, services, or industry topics;
- Facilitating seamless integration with third-party applications or services that users choose to connect with our platforms;
- Identifying areas for product and service expansion or improvement based on user feedback, industry trends, and market analysis;
- Offering targeted loyalty programs, discounts, or promotions to reward and retain valued customers;
- Conducting internal audits and reviews to assess compliance with data privacy regulations, industry standards, and company policies.
Legal Basis for Processing General Data Protection Regulation (GDPR)
If the General Data Protection Regulation (GDPR) is applicable, our legal basis for processing your personal information will depend on the specific personal information concerned and the specific context in which we collect it.
When we have collected your personal data to provide you with products and services that you have requested, our legal basis for the processing of that personal data is that it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. If you refuse to provide us with your personal data, you may be unable to obtain the products and services from us that you requested.
We also collect and process personal information about you as necessary to operate our business, meet our contractual and legal obligations, and/or fulfill our other legitimate interests (when not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Apart from the previously mentioned legal bases for processing your personal information under the GDPR, we may also rely on the following legal grounds:
- Consent: In certain cases, we may ask for your explicit consent to collect and process your personal information for specific purposes, such as sending you marketing communications, conducting surveys, or processing sensitive data. You have the right to withdraw your consent at any time, and we will cease processing your data for those purposes upon withdrawal of consent.
- Legitimate Interest: We may process your personal information when it is necessary for our legitimate interests or those of a third party, provided that these interests are not overridden by your fundamental rights and freedoms. Examples of legitimate interests include improving our products and services, ensuring the security of our systems, and analyzing user behavior to enhance user experience.
- Compliance with Legal Obligations: In certain circumstances, we may be required to process your personal information to comply with applicable laws and regulations. For example, we may need to disclose your information to law enforcement agencies, government authorities, or as part of legal proceedings.
- Protection of Vital Interests: We may process your personal data when it is necessary to protect your vital interests or those of another individual. This could occur in situations where it is necessary to safeguard someone’s life, health, or well-being.
- Public Interest: In some instances, we may process your personal information when it is necessary for performing a task carried out in the public interest, such as cooperating with regulatory authorities or contributing to scientific research.
When relying on one of these legal bases for processing, we will always ensure that your personal information is handled in compliance with the GDPR’s principles, and your data protection rights. If you have any questions or concerns regarding the legal basis for our processing of your personal information, please contact us using the contact details provided on the Contact Us section.
Legal Basis for Processing California Consumer Privacy Act and California Privacy Rights Act (CCPA and CPRA)
If you are a resident of California, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information. Our legal basis for processing your personal information under these acts will depend on the context in which we collect it.
- Performance of a Contract: When we collect your personal data to provide you with products and services you have requested, our legal basis for processing that personal data is the necessity to perform a contract to which you are a party or to take steps at your request before entering into a contract. If you refuse to provide us with your personal data, you may be unable to obtain the products and services from us that you requested.
- Business Purpose: We may process your personal information for our legitimate business purposes. These specific business purposes may include, but are not limited to, operating our business, providing customer support, improving our products and services, conducting research and analysis, ensuring the security of our systems, and complying with applicable laws and regulations. Revisit How we use your Personal Information section of this Privacy Policy for a detailed list.
- Consent: In certain cases, we may ask for your explicit consent to collect and process your personal information for specific purposes, such as sending you marketing communications or processing sensitive data. If you provide your consent, you have the right to withdraw it at any time, and we will cease processing your data for those purposes upon withdrawal of consent.
- Legal Obligations: In certain circumstances, we may be required to process your personal information to comply with applicable laws and regulations, such as the CCPA and CPRA. This may include disclosing your information to law enforcement agencies, government authorities, or as part of legal proceedings.
- Sale of Personal Information: Under the CCPA and CPRA, “sale” is defined broadly and may include the sharing of personal information with third parties for valuable consideration. We do not sell your personal information in the traditional sense. The type of information shared could consist of products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies; Internet or other similar network activity, including information on your interaction with our website, application, or advertisement; and Geolocation data, which includes your precise physical location.
We always process your personal information in compliance with the CCPA, CPRA, and other applicable data protection laws. If you have any questions or concerns about the legal basis for our processing of your personal information under the CCPA and CPRA, please contact us using the contact details provided on the Contact Us section.
Legal Basis for Processing Colorado Privacy Act (CPA)
If you are a resident of Colorado, the Colorado Privacy Act (CPA) provides you with specific rights regarding your personal information. Our legal basis for processing your personal information under the CPA will depend on the context in which we collect it.
- Performance of a Contract: When we collect your personal data to provide you with products and services you have requested, our legal basis for processing that personal data is the necessity to perform a contract to which you are a party or to take steps at your request before entering into a contract. If you refuse to provide us with your personal data, you may be unable to obtain the products and services from us that you requested.
- Business Purpose: We may process your personal information for our legitimate business purposes. These purposes may include, but are not limited to, operating our business, providing customer support, improving our products and services, conducting research and analysis, ensuring the security of our systems, and complying with applicable laws and regulations.
- Consent: In certain cases, we may ask for your explicit consent to collect and process your personal information for specific purposes, such as sending you marketing communications or processing sensitive data. If you provide your consent, you have the right to withdraw it at any time, and we will cease processing your data for those purposes upon withdrawal of consent.
- Legal Obligations: In certain circumstances, we may be required to process your personal information to comply with applicable laws and regulations, such as the CPA. This may include disclosing your information to law enforcement agencies, government authorities, or as part of legal proceedings.
- Sale, Sharing, or Disclosure of Personal Information: Under the CPA, we may share your personal information with third parties for business purposes, such as analytics, targeted advertising, or providing you with customized offers from us or our partners. We will always ensure that such sharing is done in compliance with the CPA and that your personal information is protected.
We always process your personal information in compliance with the CPA and other applicable data protection laws. If you have any questions or concerns about the legal basis for our processing of your personal information under the CPA, please contact us using the contact details provided on the Contact Us section.
Legal Basis for Processing Connecticut Data Privacy Act (CTDPA)
If you are a resident of Connecticut, the Connecticut Data Privacy Act (CTDPA) provides you with specific rights regarding your personal information. Our legal basis for processing your personal information under the CTDPA will depend on the context in which we collect it.
- Performance of a Contract: When we collect your personal data to provide you with products and services you have requested, our legal basis for processing that personal data is the necessity to perform a contract to which you are a party or to take steps at your request before entering into a contract. If you refuse to provide us with your personal data, you may be unable to obtain the products and services from us that you requested.
- Business Purpose: We may process your personal information for our legitimate business purposes. These purposes may include, but are not limited to, operating our business, providing customer support, improving our products and services, conducting research and analysis, ensuring the security of our systems, and complying with applicable laws and regulations.
- Consent: In certain cases, we may ask for your explicit consent to collect and process your personal information for specific purposes, such as sending you marketing communications or processing sensitive data. If you provide your consent, you have the right to withdraw it at any time, and we will cease processing your data for those purposes upon withdrawal of consent.
- Legal Obligations: In certain circumstances, we may be required to process your personal information to comply with applicable laws and regulations, such as the CTDPA. This may include disclosing your information to law enforcement agencies, government authorities, or as part of legal proceedings.
- Sale, Sharing, or Disclosure of Personal Information: Under the CTDPA, we may share your personal information with third parties for business purposes, such as analytics, targeted advertising, or providing you with customized offers from us or our partners. We will always ensure that such sharing is done in compliance with the CTDPA and that your personal information is protected.
We always process your personal information in compliance with the CTDPA and other applicable data protection laws. If you have any questions or concerns about the legal basis for our processing of your personal information under the CTDPA, please contact us using the contact details provided on the Contact Us section.
Legal Basis for Processing Utah Consumer Privacy Act (UCPA)
When processing personal information in compliance with the Utah Consumer Privacy Act (UCPA), we adhere to the following legal bases:
- Performance of a Contract: We may process your personal information when it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. This includes providing you with products and services that you have requested.
- Legitimate Interests: We may process your personal information when it is necessary for our legitimate interests or those of a third party, provided that these interests are not overridden by your data protection interests or fundamental rights and freedoms. Examples of legitimate interests include improving our products and services, ensuring the security of our systems, and analyzing user behavior to enhance user experience.
- Consent: In certain cases, we may ask for your explicit consent to collect and process your personal information for specific purposes, such as sending you marketing communications, conducting surveys, or processing sensitive data. You have the right to withdraw your consent at any time, and we will cease processing your data for those purposes upon withdrawal of consent.
- Compliance with Legal Obligations: In certain circumstances, we may be required to process your personal information to comply with applicable laws and regulations. For example, we may need to disclose your information to law enforcement agencies, government authorities, or as part of legal proceedings.
- Protection of Vital Interests: We may process your personal data when it is necessary to protect your vital interests or those of another individual. This could occur in situations where it is necessary to safeguard someone’s life, health, or well-being.
When relying on one of these legal bases for processing, we will always ensure that your personal information is handled in compliance with the UCPA’s principles, and your data protection rights. If you have any questions or concerns regarding the legal basis for our processing of your personal information, please contact us using the contact details provided on the Contact Us section.
Legal Basis for Processing Virginia Consumer Data Protection Act (VCDPA)
When processing personal data in compliance with the Virginia Consumer Data Protection Act (VCDPA), we adhere to the following legal bases:
- Performance of a Contract: We may process your personal information when it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. This includes providing you with products and services that you have requested.
- Legitimate Interests: We may process your personal information when it is necessary for our legitimate interests or those of a third party, provided that these interests are not overridden by your data protection interests or fundamental rights and freedoms. Examples of legitimate interests include improving our products and services, ensuring the security of our systems, and analyzing user behavior to enhance user experience.
- Consent: In certain cases, we may ask for your explicit consent to collect and process your personal information for specific purposes, such as sending you marketing communications, conducting surveys, or processing sensitive data. You have the right to withdraw your consent at any time, and we will cease processing your data for those purposes upon withdrawal of consent.
- Compliance with Legal Obligations: In certain circumstances, we may be required to process your personal information to comply with applicable laws and regulations. For example, we may need to disclose your information to law enforcement agencies, government authorities, or as part of legal proceedings.
- Protection of Vital Interests: We may process your personal data when it is necessary to protect your vital interests or those of another individual. This could occur in situations where it is necessary to safeguard someone’s life, health, or well-being.
- Public Interest: In some instances, we may process your personal information when it is necessary for performing a task carried out in the public interest, such as cooperating with regulatory authorities or contributing to scientific research.
When relying on one of these legal bases for processing, we will always ensure that your personal information is handled in compliance with the VCDPA’s principles, and your data protection rights. If you have any questions or concerns regarding the legal basis for our processing of your personal information, please contact us using the contact details provided on the Contact Us section.
How Long We Retain Your Personal Information
We will retain your personal information for as long as is needed to fulfill the purposes set forth in this Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). Our industry-standard retention schedules are as follows:
a) Customer Data: We generally retain customer data for the duration of our business relationship with you, plus an additional 7 years for legal and accounting purposes, unless a longer retention period is mandated by law.
b) Marketing Data: Personal information used for marketing purposes will be retained until you opt-out or request deletion, or for a period of 2 years from the last date of interaction, whichever comes first.
c) Financial and Transactional Data: We retain financial and transactional data for a period of 7 years, in accordance with legal and accounting requirements.
d) Employment Data: Personal information related to job applicants, employees, and contractors is retained for the duration of the employment or contractual relationship, plus an additional 7 years for legal and accounting purposes, unless a longer retention period is mandated by law.
e) Website Analytics and Cookies Data: Data collected through cookies and other similar technologies is typically retained for a period of 13 months, unless a longer retention period is required or permitted by law.
f) Legal, Compliance, and Dispute Resolution Data: Personal information related to legal, compliance, and dispute resolution matters is retained for a period of 7 years, or as long as necessary to resolve the matter, whichever is longer.
Please note that these retention periods are subject to change based on legal requirements, industry standards, or our specific business needs. We may also retain aggregated or anonymized data indefinitely, as this information does not identify you personally.
Upon expiration of the applicable retention period, we will securely delete or anonymize your personal information, or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible).
5. Sharing of Personal Information
We share your personal information as necessary to provide the services you request, including sharing information with third party service providers; when required by law; to protect rights and safety, and with your consent. Over a period of 12 months, we may disclose the following categories of personal information for business purposes: Identifiers such as your name, postal address, online identifiers, IP addresses, and email address; including your signature, telephone number, insurance policy number, bank account number, credit card number, debit card number, and other financial information; Commercial Information, such as your records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies; Internet or other similar network activity, including information on your interaction with our website, application, or advertisement; and Geolocation data, which includes your precise physical location.
We may share personal information with:
- Authorized service providers: We may share your personal information with our authorized service providers who perform services on our behalf. The personal information shared will not include phone numbers, SMS data, or any other mobile information. These services may include fulfilling orders, processing credit card payments, delivering packages, providing customer service, marketing assistance, performing business and sales analysis, supporting website and app functionality, and supporting contests, promotions, sweepstakes, surveys, and other features offered through our websites and apps. These service providers may have access to personal information needed to perform their functions but are contractually bound not to share or use such information for any other purposes.
- Business partners: We do not share personal or mobile information with business partners for the purposes of marketing or promotions. You may choose to participate in offers or programs from our business partners through our platforms, but we will only share your email address and other relevant information with the business partner with your explicit consent and only for the purpose of facilitating your participation in the offer or program, without further marketing or promotional use.
- Third parties advertisers on our websites and apps: We may allow third-parties, advertising companies, and ad networks, to display advertisements on our websites and apps. These companies also may use tracking technologies, such as cookies, to collect information about users who view or interact with their advertisements. They may collect information about where you, or others who are using your computer, saw and/or clicked on the advertisements they deliver, and possibly associate this information with your subsequent visits to the advertised websites. They also may combine this information with other personal information they collect from you or from other third parties.
- Other situations: We also may disclose your information:
- In response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us. The Federal Trade Commission has jurisdiction over OpenTech Alliance, Inc. compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
- When we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our website terms and conditions or other agreements or policies.
- In connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.
- When you provide us with your consent to share your information with third parties.
Third-Party Privacy Policies
Any third parties to whom we may disclose personal information may have their own privacy policies which describe how they use and disclose personal information. Those policies will govern use, handling and disclosure of your personal information once we have shared it with those third parties as described in this Policy. If we disclose your personal data to third parties acting as controllers, we comply with the Notice and Choice Principles and enter into contracts requiring them to only process the data for limited and specified purposes consistent with your consent, and provide the same level of protection as required by the Principles.
If we disclose your personal data to third parties acting as agents, we only transfer data for limited and specified purposes, ensure the agents provide at least the same level of protection as required by the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), take reasonable steps to ensure agents process the data consistently with our obligations under the Principles, require agents to notify us if they can no longer meet their obligation to provide the same level of protection, and upon notice take reasonable steps to stop and remediate unauthorized processing.
As the data exporter, OpenTech Alliance remains liable under the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) in cases where our third party service providers process personal data we transfer to them in a manner inconsistent with the Principles, unless we can prove we are not responsible for the event giving rise to the damage. If you want to learn more about their privacy practices, we encourage you to visit the websites of those third parties. These entities or their servers may be located either inside or outside the United States.
Aggregated and Non-personal Information: We may share aggregated and non-personal information we collect under any of the circumstances set forth in this Policy and also with respect to compiling industry trends such as publishing “white papers” and producing other industry publications. We may also share it with third parties to develop and deliver targeted advertising on our websites and apps and on websites and apps of third parties. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our websites and apps and the most popular features or services accessed. This information does not contain any personal information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.
6. Transfer of Information General Data Protection Regulation (GDPR)
International Data Transfers:
We may transfer your personal
information to, store, and process it within the United States and other
countries, as our servers or third-party service providers may be located
there. When transferring your personal information across borders, we ensure that
appropriate safeguards are in place to protect your data and to comply with the
requirements of the General Data Protection Regulation (GDPR).
Legal Transfer Mechanisms:
To provide adequate protection for personal information transfers from the European Economic Area (EEA) and other regions subject to GDPR, we rely on legal transfer mechanisms such as Standard Contractual Clauses (SCCs) and EU-U.S Data Privacy Framework Principles (EU-U.S. DPF). These mechanisms ensure that your personal information is protected in accordance with GDPR requirements when transferred to countries outside the EEA or other regions governed by the GDPR. OpenTech Alliance, Inc has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. OpenTech Alliance, Inc has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
7. Information Security
We implement and maintain physical, administrative, and technical safeguards designed to secure user information and prevent unauthorized access to or disclosure of that information. We strive to protect the user information that we collect and store, however, no security program is 100% secure and we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use, or disclose personal information. We maintain security incident response policies and procedures to handle incidents involving unauthorized access to private information we collect or store.
8. Children's Personal Information
We do not knowingly collect personal information from children under the age of 16. Our products, services, apps, and websites are not designed to attract the attention of persons under the age of 16. If you are under the age of 16, please do not submit any personal information through our websites, apps, products, or services.
9. Your Privacy Rights
In the event that your personal information is found to be outdated, incomplete, or inaccurate, you may access and update your information by logging into your OpenTech product or service account. If you require verification that your requested changes have been completed, and such verification is not readily displayed in your product or service account, you may request confirmation at the email address listed below (See “Contact Us”).
EU-U.S. Data Privacy Framework (EU-U.S. DPF), The UK Extension To The EU-U.S. DPF, And The Swiss-U.S. DPF
OpenTech Alliance, Inc complies with the EU-U.S.
Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and
the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S.
Department of Commerce. OpenTech Alliance, Inc has certified to the U.S.
Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework
Principles (EU-U.S. DPF Principles) with regard to the processing of personal
data received from the European Union in reliance on the EU-U.S. DPF and from
the United Kingdom (and Gibraltar) in reliance on the UK Extension to the
EU-U.S. DPF. OpenTech Alliance, Inc has certified to the U.S. Department
of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles
(Swiss-U.S. DPF Principles) with regard to the processing of personal data
received from Switzerland in reliance on the Swiss-U.S. DPF. If there is
any conflict between the terms in this privacy policy and the EU-U.S. DPF
Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.
To learn more about the Data Privacy Framework (DPF) program, and to view
our certification, please visit https://www.dataprivacyframework.gov/.
If you are in the European Union, United Kingdom or Switzerland:
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, OpenTech Alliance, Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
You can contact us to exercise any of the rights granted to you under applicable data protection laws, including the General Data Protection Regulation (GDPR). These rights may include the following:
Access your data: You have the right to request access to the personal data we hold about you. This includes information on the categories of data, the purpose of processing, and any recipients of your data. We may provide a copy of the personal data undergoing processing.
Rectify your data: If you believe that any personal data, we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it. We will take reasonable steps to ensure the accuracy of the information and correct any errors.
Erase your data: You have the right to request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purpose it was collected, or you have withdrawn your consent for processing (when consent is the legal basis for processing).
Restrict the processing of your data: In some cases, you may request that we limit the processing of your personal data. This may occur when you contest the accuracy of the data, the processing is unlawful, but you oppose the deletion of the data, or we no longer need the data but you require it for the establishment, exercise, or defense of legal claims.
Obtain a file of your personal data: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format. This enables you to transfer the data to another data controller easily.
Object to the processing of your data: You have the right to object to the processing of your personal data when processing is based on our legitimate interests or for direct marketing purposes. We will stop processing your data unless we have compelling legitimate grounds for processing that override your interests, rights, and freedoms, or if processing is necessary for the establishment, exercise, or defense of legal claims.
Withdraw your consent for processing: If we have asked for your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Please note that these rights may be limited in certain situations. For instance, we may deny your request for access when necessary to protect the rights and freedoms of other individuals, or refuse to delete your personal data if processing such data is required for compliance with legal or regulatory obligations.
You also have the right to lodge a complaint with your local Supervisory Authority if you believe there has been a violation of your data protection rights.
Under certain conditions, you have the possibility to invoke binding arbitration in order to address complaints related to our compliance with the EU-U.S. Data Privacy Framework Principles, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF that remain unresolved after pursuing the other options available under these frameworks. For more details on when and how to invoke binding arbitration, please see Annex I of the relevant DPF framework:
EU-U.S. DPF: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction
UK Extension to EU-U.S. DPF: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction
Swiss-U.S. DPF: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction
If you are a resident of California:
The California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act (CPRA) grant you the following rights concerning your personal information:
- Disclosure of information about our collection of your personal information;
- Disclosure of information regarding the sale or sharing of your personal information;
- A list of categories of personal information collected about you in the preceding 12 months, including: a. categories of personal information collected about you; b. categories of sources from which the personal information is collected; c. the business or commercial purpose for collecting or selling personal information; d. categories of third parties with whom we share personal information; and e. specific pieces of information that we have collected about you;
- Deletion of any personal information about you that we have collected from you;
- Right to correct inaccurate personal information that we have collected about you;
- Right to opt-out of the sale or sharing of your personal information, if applicable;
- Right to know about any financial incentives offered for the collection, sale, or deletion of your personal information, and to not be discriminated against for exercising your rights.
These rights are subject to
certain limitations. You have the right not to face discrimination for
exercising any of your rights under the CCPA and CPRA. As stated above, we do
not sell your personal information.
Please note that we may need
to take reasonable steps to verify your identity.
Authorized agents can make a
request under the CCPA on a consumer’s behalf through several methods: by
webform, toll-free number, or send an email. All the necessary contact details
are provided in the Contact Section of our Privacy Policy.
You can also contact us if
you have any questions, remarks, or complaints in relation to this Notice.
If you are a resident of Colorado:
If you are a resident of Colorado, you have specific privacy rights under the Colorado Privacy Act (CPA). These rights include:
- Right to Access: You have the right to request information about the personal data we have collected about you in the preceding 12 months, including the categories of personal data collected, the sources from which the data is collected, the purposes for collecting or selling the data, and the categories of third parties with whom we share the data.
- Right to Data Portability: You have the right to obtain a copy of your personal data that we have collected, in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance, where technically feasible.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
- Right to Deletion: You have the right to request that we delete your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (if applicable) and there is no other legal basis for processing the data.
- Right to Opt-Out: If we sell your personal data, you have the right to opt-out of the sale of your personal data at any time.
- Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your privacy rights under the CPA.
- Right to Appeal: If you are not satisfied with our response to your request or believe our processing of your personal data does not comply with the CPA, you have the right to appeal our response to your request.
To exercise any of these rights, please submit a request to the contact details provided in our privacy policy. Please note that we may need to take reasonable steps to verify your identity before processing your request.
Additionally, you can contact us if you have any questions, remarks, or complaints in relation to this Notice or our privacy practices.
If you are a resident of Connecticut:
If you are a resident of Connecticut, you have specific privacy rights under the Connecticut Data Privacy Act (CTDPA). These rights include:
- Right to Access: You have the right to request information about the personal data we have collected about you in the preceding 12 months, including the categories of personal data collected, the sources from which the data is collected, the purposes for collecting or selling the data, and the categories of third parties with whom we share the data.
- Right to Data Portability: You have the right to obtain a copy of your personal data that we have collected, in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance, where technically feasible.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
- Right to Deletion: You have the right to request that we delete your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (if applicable) and there is no other legal basis for processing the data.
- Right to Opt-Out: If we sell your personal data, you have the right to opt-out of the sale of your personal data at any time.
- Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your privacy rights under the CTDPA.
To exercise any of these rights, please submit a request to the contact details provided in our privacy policy. Please note that we may need to take reasonable steps to verify your identity before processing your request.
Additionally, you can contact us if you have any questions, remarks, or complaints in relation to this Notice or our privacy practices.
If you are a resident of Utah:
If you are a resident of Utah, you have specific privacy rights under the Utah Consumer Privacy Act (UCPA). These rights include:
- Right to Access: You have the right to request information about the personal data we have collected about you in the preceding 12 months, including the categories of personal data collected, the sources from which the data is collected, the purposes for collecting the data, and the categories of third parties with whom we share the data.
- Right to Data Portability: You have the right to obtain a copy of your personal data that we have collected, in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance, where technically feasible.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
- Right to Deletion: You have the right to request that we delete your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (if applicable) and there is no other legal basis for processing the data.
- Right to Opt-Out: If we sell your personal data, you have the right to opt-out of the sale of your personal data at any time.
- Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your privacy rights under the UCPA.
To exercise any of these rights, please submit a request to the contact details provided in our privacy policy. Please note that we may need to take reasonable steps to verify your identity before processing your request.
Additionally, you can contact us if you have any questions, remarks, or complaints in relation to this Notice or our privacy practices.
If you are a resident of Virginia:
If you are a resident of Virginia, you have specific privacy rights under the Virginia Consumer Data Protection Act (VCDPA). These rights include:
- Right to Access: You have the right to request information about the personal data we have collected about you in the preceding 12 months, including the categories of personal data collected, the purposes for which the data is used, and the categories of third parties with whom we share the data.
- Right to Data Portability: You have the right to obtain a copy of your personal data that we have collected, in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance, where technically feasible.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
- Right to Deletion: You have the right to request that we delete your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (if applicable) and there is no other legal basis for processing the data.
- Right to Opt-Out: If we sell your personal data or process it for targeted advertising purposes, you have the right to opt-out of such sale or processing at any time.
- Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your privacy rights under the VCDPA.
- Right to Appeal: If you are not satisfied with our response to your request or believe our processing of your personal data does not comply with the VCDPA, you have the right to lodge a complaint with the Virginia Attorney General’s Office.
To exercise any of these rights, please submit a request to the contact details provided in our privacy policy. Please note that we may need to take reasonable steps to verify your identity before processing your request.
Additionally, you can contact us if you have any questions, remarks, or complaints in relation to this Notice or our privacy practices.
10. Privacy Policy Changes
As we develop new products and services, update or expand technologies, and develop new information uses, we reserve the right to update this Policy as necessary to reflect such changes. We recommend that you review this policy periodically for any changes that may have been made. Your continued use of our products, services, apps, and websites subsequent to any changes made after your initial consent means that you agree to be bound by those changes. The most current version of this Privacy Policy supersedes all previous versions.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or our privacy practices, please do not hesitate to contact us. You can reach us via email, or through postal mail with your written inquiry. Our contact details are as follows:
Email: dpo@opentechalliance.com or legal@opentechalliance.com
Postal Mail:
OpenTech Alliance, Inc.
Attn: Data Protection Officer
2101 West Peoria Avenue,
Suite 100, Phoenix, AZ 85029
If you would like to submit a Data Subject Request, we have a dedicated online form to facilitate the process. Please visit the following link to fulfill your request:
https://www.opentechalliance.com/dsar
or
We are committed to addressing any questions, concerns, or requests you may have regarding your privacy rights and our handling of your personal information.