California Civil Code Sections 1798.115(c), 1798.130(a)(5)(c), 1798.130(c), and 1798.140 indicate that organizations should disclose whether the following categories of personal information are collected, transferred for “valuable consideration,” or transferred for an organization’s “business purpose” (as those terms are defined under California law). The table below indicates the categories of personal information we collect and transfer in a variety of contexts. Please note that because this list is comprehensive, it may refer to types of information that we collect and share about people other than yourself. For example, while we transfer credit card or debit card numbers for our business purpose in order to process payments for orders placed with us, we do not collect or transfer credit card or debit card numbers of individuals that submit questions through our website’s “contact us” page.
Categories of Personal Information That We Collect
Categories of Third Parties to Whom We Disclose Personal Information for Business Purpose
Identifiers – such as name, postal address, phone number, unique personal identifier, online identifier, internet protocol (IP) address, device ID, email address, account name, signature, social security number, driver’s license number, passport number, or other similar identifiers.
Service Providers
Product and service fulfillment companies
Internet service providers
Advertising Networks
Social Networks
Payment Processors and financial institutions
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Data analytics providers
Financial information – such as bank account number, credit or debit card number, or other financial information.
Service Providers
Payment Processors and financial institutions
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Commercial information – such as information about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Service Providers
Product and service fulfillment companies
Advertising Networks
Social Networks
Payment Processors and financial institutions
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Data analytics providers
Network activity data – internet or other electronic network activity information, such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement.
Service Providers
Product and service fulfillment companies
Internet service providers
Advertising Networks
Social Networks
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Data analytics providers
Geolocation data – such as precise physical location.
Service Providers
Internet service providers
Advertising Networks
Social Networks
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Data analytics providers
Electronic and sensory data – such as audio, electronic, visual, thermal, olfactory, or similar information (e.g., pictures, a recording of a customer service call, security video surveillance footage).
Service Providers
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Professional/employment information – such as occupation and professional references.
Service Providers
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Inferences – drawn from any of the information listed above to create a profile
Service Providers
Advertising Networks
Social Networks
Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Data analytics providers
Updated and effective on May 14th, 2021