Advertising Specialty Institute, Inc. Privacy Policy and Notice at Collection

Effective Date: January 1, 2023

Advertising Specialty Institute, Inc. and its affiliates (referred to herein as “ASI,” “we,” or “our”) collect information about you when you use our website at www.asicentral.com and other websites, mobile application (the “ASI App”), or other online services that we operate (collectively, the “Services”).

BY USING THE SERVICES, YOU CONSENT TO THE PROCESSING OF INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY AND NOTICE AT COLLECTION. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, THEN PLEASE DO NOT USE THE SERVICES.

1. SCOPE OF THIS PRIVACY POLICY AND NOTICE AT COLLECTION

This Privacy Policy and Notice at Collection (collectively “Notice”) describes the information that ASI collects (directly or indirectly) and why we collect it, what we do with the information we collect and how you can manage your information through the Services. This Notice applies to you when you use our Services or communicate with us offline, such as by telephone. You may have additional rights depending on your US state of residence. For more information on your rights under state laws, including the California Consumer Privacy Act (“CCPA”), please review the “State Privacy Rights” section of this Notice. You can download a printable copy of this Notice here.

If a particular Service has its own privacy policy or links to a different privacy policy, then that privacy policy — not this Notice — applies. This Notice also does not apply to any website, mobile app, or service that does not display or link to this Notice.

Our agreements with certain customers may contain provisions about the collection, use, storage and disposal of personal information collected through the Services and offline. If a provision of a customer agreement conflicts or otherwise is inconsistent with a provision of this Notice, then such provision of the customer agreement will prevail but solely to the extent of the conflict or inconsistency.

If you have not done so already, please also review the Terms of Service.

NOTICE AT COLLECTION

2. CATEGORIES OF INFORMATION WE COLLECT

We may collect the personal information and sensitive personal information categories listed below. the categories of personal information the business has collected about consumers in the preceding 12 months.

• Identifiers. Such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
• Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). Such as name, signature, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
• Protected classification characteristics under California or federal law. – Age (40 years or older), religion or creed, sex (including gender, gender identity, gender expression, sexual orientation), veteran or military status.
• Commercial information. Information about your transactions with us, such as your account balances, investments and tax information and information we need to prepare a financial plan, such as your assets, liabilities, income and expenses.
• Internet or other similar network activity. Such as browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
• Geolocation data. Such as physical location or movements.
• Professional or employment-related information. Such as current or past job history or performance evaluations.
• Inferences drawn from other personal information. Such as a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
• Sensitive personal information, such as, social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; union membership; or genetic data.

3. PURPOSE OF COLLECTION AND USE

We collect personal information and sensitive personal information to support our business operations. Most commonly, we will use your personal information in the following circumstances.

• Where we need to perform the contract we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.

We do not sell or share personal information. In the event that we do sell or share any personal information, we will update this Notice to list the categories of consumers’ personal information sold or shared.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

We use information collected for the following purposes based on our legitimate interests:

• To communicate with you;
• To administer and protect our business and the Services including troubleshooting, data analysis, security, testing, system maintenance, support, reporting, technical functionality, hosting of data, and in the context of a business reorganization or group restructuring exercise;
• To prevent and investigate fraud and other misuses of the Services;
• To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you;
• To use data analytics to improve our website, products/Services, marketing, client relationships and experiences; or
• To make suggestions and recommendations to you about products or Services that may be of interest to you.
• To evaluate you for employment or an internship.

We also use your personal information when necessary for the performance of a contract in the following contexts:

• To process your payments, orders, and transactions including:
  • Manage payments, fees and charges
  • Collect and recover money owed to us;
• To set up and maintain your account with us;
• To manage our relationship with you which will include:
  • Notifying you about changes to our terms or privacy policy
  • Asking you to leave a review or take a survey
  • Responding to your questions and inquiries

We may also use your personal information when necessary to comply with legal obligations.

For the purposes of this Notice, to “process” personal information means to perform any operation on personal information, whether or not by automated means, such as collecting, recording, organizing, storing, adapting, using, disclosing, combining, erasing or destroying.

Where we need to collect personal information by law, or under the terms of a contract between us and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or Services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case.

4. INFORMATION RETENTION

We will retain your personal information for the period necessary to fulfill the purposes outlined in this Notice, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

• (a) the length of time we have an ongoing relationship with you and provide Services to you (e.g., for as long as you have an account with us or keep using the Services);
• (b) whether there is a legal obligation to which we are subject (e.g., certain laws require us to keep records of your transactions for a certain period of time before we can delete them);
• (c) whether retention is advisable considering our legal position (e.g., for statutes of limitations, litigation or regulatory investigations).

5. HOW WE COLLECT INFORMATION

User Provided Information: We collect information that you provide directly to us, such as when you download and use the ASI App, create or modify your account, request customer support or otherwise communicate with us. This information includes (a) your name, postal address, email address and telephone number; (b) username, password and other registration information; (c) transaction-related information, such as when you download or use applications from us or register for the Services; (d) information you provide us when you contact us for help; and (e) other information you choose to provide and enter using the Services.

If you make payments through the Services we may also collect information required for payment processing, such as credit or payment card number, expiration date, cvv number, billing address, company name, and other information required for payment processing (“Payment Information”).

We use a third party payment processors, currently PromoPayment, Authorize.net, and Paypal, (“Payment Processors”) to assist in securely processing your Payment Information. If you pay with a credit card the Payment Information that you provide through the Services is encrypted and transmitted directly to one of the Payment Processors. We do not store your Payment Information and do not control and are not responsible for the Payment Processors or its collection or use of your information. You may find out more about how the Payment Processors store and use your Payment Information by accessing the Payment Processor’s privacy policy.

If you choose to use PayPal to make purchases through the Site, you will be directed to the PayPal website and provide your payment information directly to PayPal. PayPal’s privacy policy applies to the information you provide on the PayPal website.

Automatically Collected Information: The Services automatically collect information about how you use the Services, such as (i) your mobile device or computer type, including your system and application software; (ii) the type of mobile device or computer you use, the pages and screens you view and how long you viewed them; (iii) your mobile device’s unique device ID; (iv) the IP address of your computer or mobile device; (v) your operating system, traffic data, logs and other communication data; and (vi) metadata and other information associated with other files stored on your device (e.g., photographs, audio and video clips and personal contacts). Some of this automatically collected information is personal information.

Location Information: The ASI App collects information from Wi-Fi access points, GPS, wireless networks and/or cell towers that indicate the current or prior location of the mobile device on which the Services are accessed (“Location Information”). After you install the ASI App and consent to location tracking, it can collect Location Information from your mobile device. If you permit the ASI App to access Location Information through the permission system used by your mobile operating system, we may also collect Location Information from your mobile device when you are not actively using the Services. You may choose to stop our collection of Location Information through the settings that we provide in the App or by removing the App from your mobile device. Although your Electronic Logging Device (“ELD”) is connected to the ASI App you cannot use the ASI App to turn off the collection of Location Information from your ELD. Some of the Services may use Google Maps to determine your location. When Google Maps is part of the Services you choose to use, you are subject to Google’s privacy policy as set forth at http://www.google.com/policies/privacy.

Information Collected from Third-Party Sources: We may combine information we receive from other sources with information we collect through the Services. For example, (A) if you engage with a third-party site application whose API we use (or who uses our API), we may receive information about you or your connections from such site or application; or (B) if you are referred to us by one of our referral partners, we receive information about you from such referral partner.

6. COOKIES AND OTHER DATA COLLECTION TECHNOLOGY

The Services may use cookies, pixel tabs (also known as web beacons, flash cookies and clear GIFs) and similar technology (“Data Collection Technology”).

Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (i.e., the internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie may contain information about your computer, such as user settings, browsing history and activities conducted while using the Services. A web beacon (also called a pixel tag or clear GIF) is a piece of computer code that enables us to monitor user activity and website traffic. To learn more about cookies and web beacons, visit www.allaboutcookies.org.

Data Collection Technology helps us improve your experience of the Services by, for example, storing your password, measuring the success of marketing campaigns, compiling statistics related to use of the Services and helping us analyze technical and navigational information about the Services in order to detect and prevent fraud.

We may use other Data Collection Technology to collect information from the computer or device that you use to access the Services, such as your operating system type, browser type, domain and other system settings, including the language your system uses and the country and time zone in which your computer or device is located.

We also use Google Analytics, which is a Google service that collects aggregate information about use of the Services and reports website trends. Google Analytics does not directly identify individual users. You can learn about Google’s practices and opt out by visiting www.google.com/settings/ads or by downloading the Google Analytics opt-out browser add-on at https://tools.google.com/dlpage/gaoptout.

Your Control of Cookies: Some web browsers, including some mobile web browsers, provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your computer, tablet or mobile device. You also may be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. Although you are not required to accept cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.

For more information on what cookies ASI uses please visit our Cookie Policy.

Do Not Track Signals: Some web browsers, including Safari, Internet Explorer, Firefox and Chrome, incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives such DNT signal, the browser can block that website from collecting certain personal information. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including ASI, do not respond to DNT signals.

7. HOW WE SHARE INFORMATION

ASI shares your personal information as requested by you (e.g., to process payments), for any purpose disclosed by ASI when you provide such information, to fulfill the purpose for which you provide such information, and in order to provide the Services for which you signed up.

ASI may share your information (a) with ASI affiliates and business partners who help us provide, analyze and improve the Services; (b) with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of ASI assets; (c) to comply with any court order, law or legal process, including to respond to any governmental or regulatory request; (d) to carry out ASI obligations and enforce ASI rights arising under any agreement between ASI and you; and (e) if ASI believes disclosure is necessary to protect the rights, property or safety of ASI, our customers or others. Additionally, we may share your information with companies that are conducting marketing and advertising to benefit ASI. These third party companies may use your contact information for communications and marketing purposes that support our activities. You are under no obligation to respond and the companies are restricted from using your contact information for any other purpose.

In the preceding twelve (12) months, we have disclosed the following categories of personal information to service providers for a business purpose:

• Identifiers
• California Customer Records personal information categories
• Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
• Commercial information
• Internet or other similar network activity
• Geolocation data
• Professional or employment-related information
• Inferences drawn from other personal information

8. YOUR CHOICES ABOUT INFORMATION

You can stop all collection of information by the ASI App by uninstalling it. You may use the standard uninstall processes available as part of your mobile device. You can stop collection of information by of the Services by ceasing to use such Services.

If you would like to review, correct, update or delete personal information that you have previously provided to us or if you would like to suppress, restrict or receive an electronic copy of your personal information (if these rights are provided to you by applicable law), please contact us via email at [email protected].

In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database and any other limitations you would like to put on our use of your personal information. For your protection, we only fulfill requests when received from the email address associated with your account. We may need to verify your identity before fulfilling your request.

Please note that we often need to retain certain information for recordkeeping purposes and/or to complete any transaction that you began prior to requesting a change or deletion. We also may not allow you to review certain data for legal, security or other reasons.

If at any time you believe that we have not adhered to this Notice, please let us know. We will use good faith efforts to determine and correct the problem.

Notice to California Residents: California Civil Code Section 1798.83 permits individual California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at [email protected]. Please note, however, that ASI does not disclose personal information to third parties for their direct marketing purposes.

9. SECURITY OF YOUR INFORMATION

We are concerned about safeguarding your information. We use physical, technical, and organizational safeguards intended to protect information that we process and maintain. Unfortunately, however, no system or online transmission of information is completely secure. We cannot guarantee the security of information transmitted to or through the Services. Any transmission is at your own risk and we expect that you will use appropriate security measures to protect your information.

You are responsible for maintaining the security of any password or other form of authentication involved in obtaining access to password-protected or secure areas of the Services. Access to the Services through your credentials will be treated as authorized by you. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security.

If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.

10. LINKS TO OTHER WEBSITES AND SERVICES

The Services may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from the Services. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of the information presented on or in such third-party website or service. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Notice does not apply to any personal information that you provide to these other websites and services.

11. CHANGES TO THIS PRIVACY POLICY AND NOTICE AT COLLECTION

The Effective Date of this Notice is set forth at the top of this webpage. As we add new features to the Services, we may amend this Notice. If we make a material change to this Notice that reduces your privacy rights, we will notify you in advance by sending an email and/or posting a notice in the Services. Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Notice. The amended Notice supersedes all previous versions.

12. CHILDREN’S PRIVACY

The Services are not directed to or intended for use by minors. Consistent with the requirements of the U.S. Children’s Online Privacy Protection Act, if we learn that we have received any information directly from a child under age 13 without his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services.

13. NOTICE TO INTERNATIONAL VISITORS

OUR SERVICES ARE DIRECTED TO BUSINESSES AND INDIVIDUALS LOCATED IN THE UNITED STATES AND CANADA. ASI is headquartered in the United States and the Services are controlled and operated from the United States. We process and store personal information in the United States, where privacy laws may not be as protective as in your place of residence. If you are using the Services from outside of the United States, by providing your personal information to us, you consent to the transfer of your personal information to the United States for processing consistent with this Notice.

14. STATE PRIVACY RIGHTS

State consumer privacy laws may provide their residents with additional rights regarding our use of personal information (collectively “State Privacy Laws”). The following Section applies to individuals who reside in specific jurisdictions that provide additional privacy rights, including California, Colorado, Connecticut, Virginia, Utah, and Nevada.

Your Rights and Choices

Right to Access Specific Information and Data Portability Right. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting that personal information.
• The categories of third parties with whom we share that personal information.
• The specific pieces of personal information we collected about you (also called a data portability request).
• If we disclosed your personal information for a business purpose, the business purpose for which personal information was disclosed, and the personal information categories that each category of recipient obtained.

Right to Correct Information. You have the right to request we update personal information about you that is incorrect in our systems.

Right to Delete. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Right to Opt-out of the sale or sharing of Personal Information for Cross-Contextual Behavioral Advertising. We do not sell personal information of share personal information for cross-contextual behavioral advertising purposes.

Right to Limit Sensitive Personal Information Use. You have the right to limit the use of sensitive personal information regarding you.

Non-Discrimination. We will not discriminate against you for exercising any of your rights.

Exercising Your Rights

To exercise the access, data portability and deletion rights described above, please submit a verifiable consumer request to us by either:

• Calling us at: 800-546-1350, press 1 at the greeting
  Mailing us at:
  Advertising Specialty Institute. Inc.
  4800 East Street Road
  Trevose, PA 19053
  Attn: Privacy Issues

For submissions via email, please complete and send us a completed copy of this Verifiable Consumer Request Form.

For all requests, please clearly state that the request is related to “Your Privacy Rights,” indicate which type of request you are making, and provide your name, street address, city, state, zip code and an e-mail address or phone number where we may contact you. We are not responsible for notices that are not labeled or sent properly or that do not include complete information.

To appeal a decision regarding a consumer rights request, please submit your appeal using one of the three methods above. Your appeal should include an explanation of the reason you disagree with our decision. Within 60 days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions.

Only you, or a person registered with the your jurisdiction’s Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make such a request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

15. CONTACT US

If you have any questions regarding privacy while using the Services or have questions about our practices, please contact us via email at [email protected].