VEZA RECEPTION LLC PRIVACY POLICY

Veza Reception LLC (hereinafter “Veza” or “We”) is committed to protecting our customer’s (“Customer or “You”) personal information. The Privacy Policy outlines our policies regarding the privacy of personal information (as defined below) that Veza collects via the Internet and/or delivery of Veza’s services as defined in Veza’s Service Terms and Conditions located at vezareception.com. (“Terms”). This Privacy Policy forms part of, and is subject to, the provisions of Veza’s Terms. By accessing or using our website, you consent to the terms of Veza’s Privacy Policy.

Veza does not knowingly collect information, including personal information, from children under 13. If you are under 13, do not access or use or provide any information on the Website. If you believe we might have any information from or about a child under 13, please contact us immediately at vezareception.com.

If you have any questions on the use of information collected on our Site or used for the delivery of our services, please feel free to contact us at vezareception.com. 

Personal information does not include (i) publicly available information; (ii) aggregate information, meaning data about a group or category of services or users from which individual identities and other personal information has been removed; or (iii) deidentified information that cannot be easily linked back to the individual. We collect your personal information (a) with your consent; (b) if we have a legitimate interest in doing so; or (c) as authorized or required by law.  Personal information as used herein includes personal data as defined by applicable law. We collect personal information from these sources:

Consumers. We interact with consumers (“Consumers”) who call, text, message, or communicate with us as a service provider to you and our other customers (“Customers”):

• We collect and use personal information from Consumers via phone, text, chat, text-to-chat, email, SMS, MMS, or other channels as needed to provide our Services to our Customers.
• If you are a Consumer contacting one of our Customers, we may collect your contact information or other identifiers, as well as personal information like the contents of your message to our Customer you are contacting. We collect this information to support our Customers in their efforts to assist you.

Your personal information is used for the following purposes:

• To present our Services and its contents in a conducive and effective manner for you and your device;
• To contact you to provide you with information or services that you request from us;
• To advertise opportunities, services, or special events that we think may be of interest to you;
• To provide customer support, troubleshoot issues, manage accounts, and respond to requests, questions, or comments;
• To carry out our obligations and enforce our rights arising from any contracts; and
• To notify you about any additions, upgrades, or changes in our services.
•  our services and its contents in a suitable and effective manner for you and your device;
• To contact you to provide you with information or services that you request from us;
• To advertise opportunities, services, or special events that we think may be of interest to you;
• To provide customer support, troubleshoot issues, manage accounts, and respond to requests, questions, or comments;
• To carry out our obligations and enforce our rights arising from any contracts; and
• To notify you about any additions, upgrades, or changes in our services.

The Customer is solely responsible for ensuring that he/she is authorized to share personal information with us for any purpose. We reserve the right to refuse your instructions to collect or process personal information about another individual without their consent or in a manner or for a purpose that we determine violates others’ privacy or publicity rights or otherwise violates our Terms, and such instructions may result in termination of Services at our option. We are not responsible for the privacy practices of any of our Customers or any third party.

Your Inquiries. If you contact us as a potential new Customer, Site visitor, or for any other reason, we will collect personal information from you to respond to your inquiry:

• If you request information about our services, through an online form, via chat, by text, email, or by phone, we will collect your name, email address, and other contact information as needed to provide you with the information you request. We collect this information with your consent, and we use it for the purposes stated at the time of collection, to provide you with our services, and to communicate with you or send you direct marketing communications.
• Where state law allows, if you participate in a phone call with a member of our team, we may record the call. We engage in call recording for quality monitoring, and training, to improve our services, and for other internal business purposes. If you are in a state that requires notification, you will be notified if your call is being recorded. By staying on the line after receiving the notification, you consent to the call recording. If you do not consent to call recording, you may end the call or ask not to be recorded.

SECURITY
Veza’s site takes every precaution to protect our Users’ information. When you submit sensitive information via our site, your information is protected both online and off-line. If we ask you to enter information, such as a credit card number, that information is encrypted using SSL. While we use SSL encryption to protect sensitive information online, we also do everything in our ability to protect your information off-line. All of your information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing staff or a customer service representative) are granted access to personal information. Veza keeps up-to-date on our security and privacy practices.

COOKIES
A cookie is a piece of data stored on your hard drive containing information about you. The usage of a cookie is not linked to any personal information while on our site. Once you close your browser, the cookie simply terminates. For instance, by setting a cookie on our site, you would not have to log in with a password more than once, thereby saving time while on our site. If you reject the cookie, you may still use our site. Cookies can also enable us to track and target your interests to enhance the experience on our site.

WEB SERVER LOG FILES
We use IP addresses to analyze trends, administer our site, track Users’ movements, and gather broad demographic information for aggregate use. IP addresses are not linked to personal information.

SHARING
We may disclose personal information for a business purpose to:

• Service Providers. Vendors that provide us with services (“Service Providers”) may receive personal information to perform their contractual obligations. Our Service Providers include but are not limited to telecom providers, marketing companies, IT service providers, billing processors, and email and data hosting providers. For example, we may share identifiers to register your phone number or SMS campaign with our telecom provider, subject to their terms and conditions. We prohibit our Service Providers from selling or disclosing the personal information we provide, and we require all Service Providers to maintain confidentiality standards that are commercially reasonable to ensure the security of your personal information. The type of information that we provide to a Service Provider will depend on the service that they provide to us. To learn more about our Service Providers, read our Data Processing Agreement.
• We may disclose personal information to Service Providers we use for advertising purposes (collectively, “Advertisers”) to serve targeted advertisements. We may directly share customer names with the Advertiser or allow the Advertiser to collect and analyze cookie data from your use of our Site (see our Cookie Notice) to assist us with behavioral advertising.
• Law Enforcement and Other Governmental Agencies. Additionally, if, in our sole discretion, we perceive that you are an imminent threat to your own physical safety or the physical safety of another person then we may disclose your personal information to law enforcement.
• Other Third Parties. As permitted by applicable law. We may disclose personal information collected to other third parties, for example: (i) if we go through a business transition (e.g., merger, acquisition, or sale of a portion of our assets); (ii) to comply with a legal requirement or a court order; (iii) when we believe it is appropriate in order to take action regarding illegal activities or prevent fraud or harm to any person; (iv) to exercise or defend our legal claims; or (v) for any other reason with your consent.
• Aggregated and Deidentified Information. We reserve the right to share aggregated, anonymized, or deidentified information for marketing, advertising, research or other purposes, without restriction.

State SPECIFIC Privacy Laws

State laws, including the California Consumer Privacy Act (“CCPA”), the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”), and the Utah Consumer Privacy Act (“UCPA”) provide specific rights to Consumers within those states with respect to the personal information a covered business or controller collects from a User.  This includes rights to (1) request access to the personal information we collect about the User and (2) request deletion or correction of such personal information. As we obtain personal information from Consumers on behalf of our Customers, we may be asked to assist our Customers with responding to access and deletion requests under these state laws.

CCPA Application to us (California)

Under the CCPA, a “service provider” is defined as an entity that:

(i)         processes information on behalf of a business and

(ii)        to which the business discloses a Consumer’s Personal information for a business purpose pursuant to a written contract that prohibits the entity receiving the information from retaining, using, or disclosing the Personal information for any purpose other than for the specific purpose of performing the services specified in the written or as otherwise permitted under the CCPA.

Pursuant to our agreements with our Customers, we act as a service provider for all Customers who retain our Services. We do not use any Personal information we collect through our Services for any purposes not included in our agreements.

For Deletion Requests:

With respect to data collected by service providers, the CCPA provides a specific exception to deletion requests where data is maintained by a “business or a service provider” in order “to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business and compatible with the context in which the consumer provided the information.” Cal. Civ. Code sect. 1798.105.

Because we collect personal information from Consumers on behalf of and at the direction of our Customers for the sole purpose of serving our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of personal information on behalf of our Customers we are exempt from deletion requests under the CCPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing our Services to our Customer with whom the Consumer has a relationship. We are therefore using the Consumer’ personal information ‘to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumers’ relationship with the business and compatible with the context in which the consumer provided the information.’ Accordingly, we are not obligated to delete Personal information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal information in response to such requests.

For Data Access Requests:

If our Customer receives a data access request from a California Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access a specific Consumer’s personal information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

For Correction Requests:

If our Customer receives a correction request from a California Consumer and determines that, we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Our Customer may then submit any correction to the data necessary and we will create a separate record noting the correction.  Note: our records are read-only and may not be modified, so the corrected data will exist in a new record, but will not remove the old record.

VCDPA Application to us (Virginia):

Under the VCDPA, a processor is defined as “a natural or legal entity that processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal information we collect through our Services for any purposes not included in our agreements with our Customers.

For Deletion and Correction Requests:

The VCDPA does not limit a processor’s ability to collect, use or retain data to: “Perform internal operations that are reasonably aligned with the expectations of the consumer or reasonably anticipated based on the consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a consumer or the performance of a contract to which the consumer is a party.”  Va. Code Ann. § 59.1-582

Because we collect personal information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of personal information on behalf of our Customers we are exempt from deletion requests under the VCDPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing Services to our Customer with whom the Consumer has a relationship. We are therefore using the personal information in a way ‘reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a Consumer.’ Accordingly, we are not deleting or modifying personal information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete or modify personal information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Virginia Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CPA Application to us (Colorado)

Under the CPA, a processor is defined as “a person that processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The CPA does not restrict a processor’s ability to: “perform internal operations that are reasonably aligned with the expectations of the Consumer based on the Consumer’s existing relationship with the controller.”  § 6-1-1304et seq, C.R.S.

Because we collect personal information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of personal information on behalf of our Customers we are exempt from deletion requests under the CPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing a service to our Customer with whom the Consumer has a relationship. We are therefore using the personal information in a way ‘that [is] reasonably aligned with the expectations of the Consumer based on the Consumer’s existing relationship with the controller.’ Accordingly, we are not deleting or modifying personal information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete or modify personal information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Colorado Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific personal information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CTDPA Application to us (Connecticut):

Under the CTDPA, a processor is defined as “an individual who, or legal entity that, processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any personal information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The CTDPA does not limit a processor’s ability to collect, use or retain data to: “Perform internal operations that are reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a Consumer or the performance of a contract to which the Consumer is a party.”  CTDPA § 10 (b)(4).

Because we collect personal information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of personal information on behalf of our Customers we are exempt from deletion requests under the CTDPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing a service to our Customer with whom the Consumer has a relationship we are therefore using the personal information in a way ‘reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller.’ Accordingly, we are not deleting or modifying personal information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete personal information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Connecticut Consumer and determines that, we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific personal information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

UCPA Application to us (Utah):

Under the UCPA, a processor is defined as “a person who processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any personal information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The UCPA does not limit a processor’s ability to process personal information to perform an internal operation that is: “(i) reasonably aligned with the Consumer’s expectations based on the Consumer’s existing relationships with the controller; or (ii) otherwise compatible with processing to aid the controller or processor in providing a product or service specifically requested by a Consumer or a parent or legal guardian of a child or the performance of a contract to which the Consumer or a parent or legal guardian of a child is a party.”  UCPA § 13-61-304(1)(m).

Because we collect personal information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of personal information on behalf of our Customers we are exempt from deletion requests under the UCPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing Services to our Customer with whom the Consumer has a relationship. We are therefore using the personal information in a way ‘reasonably aligned with the Consumer’s expectations based on the Consumer’s existing relationships with the controller; or otherwise compatible with processing to aid the controller or processor in providing a product or service specifically requested by a Consumer.’ Accordingly, we are not deleting or modifying personal information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete personal information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Utah Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific personal information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

California Privacy Policy

Veza is committed to safeguarding, preserving, and respecting your privacy rights.  If you are a California resident, you have certain rights with respect to the collection, use, transfer, and processing of your personal information, as defined by the California Consumer Privacy Act (“CCPA”), Cal. Civ. Code § 1798.100 et seq., as amended by the California Privacy Rights Act (“CRPA”) and implementing regulations. 

This California Privacy Policy (“Policy”) describes how we collect, use, share, disclose, retain, and secure the personal information we gather about you through our website, vezareception.com (the “Site”), and when you interact with us as a customer or otherwise (collectively, the “Services”) when you use our Site.  This Policy does not apply to information collected from employees, job applicants, directors, contractors, or others within the employment context.  Those individuals should review our Employee Privacy Policy for more information on their data collection and use.  

We reserve the right to limit these rights where permitted under applicable law, including where your identity cannot be reasonably verified or to the extent your rights adversely affect the rights and freedoms 

Right to Know About Personal information Collected, Disclosed, Shared, or Sold

You have the right to request that we disclose the personal information we collect, use, and disclose about you to third parties.  There are two types of Rights to Know requests that you can make:

1. Right to Know (Abbreviated Request):  If you make a Right to Know (Abbreviated Request), you will receive the following information about you:
   1. Categories of personal information collected, sold, or shared;
   2. Categories of sources from which personal information is collected;
   3. Categories of third parties to whom the information is sold, shared or disclosed;
   4. Business or commercial purpose for collecting, sharing, or selling personal information;
   5. Categories of personal information disclosed for a business purpose and categories of persons to whom it was disclosed for a business purpose.
2. Right to Know (Specific Pieces of Information Request):  If you make a Right to Know (Specific Pieces of Information Request), you will receive the following information about you:

Specific pieces of personal information collected about you.

This information will be provided to you free of charge, unless we determine that your request is manifestly unfounded or excessive.  You may request this information twice in a 12-month period.

There are certain exceptions to a consumer’s Right to Know.  We will state in our response if an exception applies.

Right of Deletion

You have the right to request that we and our service providers delete any personal information about your which we have collected from you upon receipt of a verifiable request.  This right is subject to certain exceptions.  We will state in our response if an exception applies.

Right to Opt-Out of the Sale or Sharing of Personal information

You have the right to opt-out of the sale or sharing of your personal information by a business subject to certain laws and regulations.  

We recognize the Global Privacy Control.  Your browser must be able to support the Global Privacy Control (“GPC”) for us to recognize your opt-out preference signal.

Please note that opt-out choices may be stored via cookies.  If you clear cookies, if your browser blocks cookies, or if you view the page from a different browser or device, your opt-out choice may no longer be logged or recognized. 

Right of Correction

If we maintain inaccurate personal information about you, then you have the right to request that we correct the inaccurate personal information upon receipt of a verifiable request.  Taking into account the nature of the personal information and purposes of processing the personal information, you have the right to request that we correct inaccurate personal information about you, if applicable. 

Right to Limit Use and Disclosure of Sensitive Personal information

If we process Sensitive Personal information, we will only do so for the purposes specifically authorized by California law and in a manner that is necessary and proportionate for those purposes.  As such, we do not perform any processing for which a Right to Limit request is available.

Submitting Requests

We will only use personal information provided in your request to verify your identity and will delete any information you provide after processing the request.  We reserve the right to take additional steps as necessary to verify the identity of California consumers where we have reason to believe a request is fraudulent.

Authorized Agents

You may choose a person or a business registered with the California Secretary of State that you authorize to act on your behalf to submit your requests (“Authorized Agent”).  If you choose to use an Authorized Agent, we require that you provide the Authorized Agent with written permission to allow them to submit your request and that you verify your identity directly with us.  Failure to do so may result in VEZA denying your request.

Notification of Changes
If we decide to change our Privacy Policy, we will post those changes on our Site so Users are always aware of what information we collect, how we use it, and under what circumstances we disclose it.