RED BISON PRIVACY POLICY

Red Bison Privacy CCPA policy

Last modified: May 5, 2020

Introduction

Red Bison (“Red Bison,” “Our,” “Us,” or “We”) respects your privacy and is committed to protecting it through Our compliance with this Privacy Policy (“Privacy Policy”). Any capitalized terms not defined herein shall have the meaning set forth in Red Bison’s Terms of Use (“Terms of Use”).

This Privacy Policy describes the types of information We may collect from you or that you may provide when you use the Red Bison Internet connectivity service and any associated services (the “Services”) and Our practices for collecting, using, maintaining, protecting, and disclosing that information.

Please read this Privacy Policy carefully to understand Our policies and practices regarding your information and how We will treat it. If you do not agree with our policies and practices, your choice is not to use Our Services. By accessing or using Our Services, you agree to this Privacy Policy.

By accepting this Privacy Policy, whether by establishing an Account, signing-in to your Account, accessing the Services, or otherwise using the Services, you agree to this transfer, storing or processing.

This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of Our Services after We make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

TLDR: Red Bison respects your privacy and is committed to protecting it through Our compliance with this Privacy Policy.

Information We Collect About You and How We Collect It

When you create an Account, access the Red Bison customer portal for billing, use Red Bison’s customer support, and/or enter surveys, you may be asked to provide your contact information and other personal information, such as name, email address, phone numbers, number of users, billing address, mailing address, service address, account number, location, or information about that can be used to identify you or another individual.

We collect several types of information from and about users of Our Services, including information:

We collect this information:

Information You Provide to Us

The information We collect on or through the Services may include:

Account Verification and Security

Information We Collect Through Automatic Data Collection Technologies

As you use the Services, We may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

Information From Third Parties

We will use third party services such as Authorize.Net for billing purposes. Our payment gateway will collect your payment card or bank account information, and deposit history. We may obtain information about you from a credit bureau to evaluate your credit score.

We will obtain and use information about you from third parties such as demographic data, location data, purchase data or interest information.

It does not apply to information collected by:

Please remember that this Privacy Policy only covers your activities while using the Services; to the extent you visit third-party websites or use third-party services, the privacy policies of those websites and services will govern. In certain circumstances, foreign courts, law enforcement agencies or regulatory agencies may be entitled to access your personal information without notice to you.

TLDR: Through your use or access of Our Services, We collect personally identifiable information from you, automatically through Our system, or third parties. This Privacy Policy does not concern information that is not collected through your use or access of Our Services.

How We Use Your Information

We use information that We collect about you or that you provide to Us, including any personal information:

To the extent that certain information that We collect in providing the Services constitutes customer proprietary network information ("CPNI"), Red Bison complies with applicable law governing CPNI.

TLDR: We use your information for legitimate purposes.

Disclosure of Your Information

We may disclose aggregated information about Our users, without restriction. We may disclose personal information that We collect or you provide as described in this Privacy Policy:

TLDR: We may disclose your information for legitimate purposes.

Consent to Processing and Transfer of Information

By using the Services, you agree to the terms of this Privacy Policy and you expressly consent to the processing of your Personal Information according to this Privacy Policy.

If you are a user who resides outside the United States, please be aware that information We collect will be transferred to and processed in the United States. By using the Services, or providing Us with any information, you consent to the collection, processing, maintenance and transfer of such information in and to the United States and other applicable countries in which the privacy laws may not be as comprehensive as or equivalent to, those in the country where you reside and/or are a citizen.

TLDR: Your information may be transferred and processed in various jurisdictions in which you do not reside, and the privacy laws may differ in those jurisdictions.

Opt-In and Revocation of Consent

We collect your information when you voluntarily provide it, either expressly or by implication (for example, by using or accessing Our Services) and will send communication to you only if there is express or implied consent. Generally, we will seek consent for the use or disclosure of your personal information at the time of collection. In some circumstances, consent may be sought after the information has been collected but before use. If you ever change your mind or want to revoke consent for us to use your personal information or opt-out of receiving communication from Red Bison, you can contact us at [email protected]. Please note that by opting out, there may be legal or contractual restrictions with respect to revoking consent, including that We may not be able to provide you with services in the future. If this is the case, we will inform you of the implications of withdrawing consent when the request is made.

TLDR: We ask for your consent to use your personal information but you can revoke consent by communicating with us.

Children Under the Age of 16

The Services are not intended for children under sixteen (16) years of age. We do not knowingly collect personal information from children under sixteen (16). If you are under sixteen (16), or your organization may have users under the age of sixteen (16), do not use, or allow such children to access to the Services and do not provide, or allow them to provide any information to Red Bison or provide any information about yourself, or them, to Red Bison, including your name, address, telephone number, email address, user name you may use or other personal information. If Red Bison learns that it has collected or received personal information from a child under 16 without verification of parental consent, We will delete that information. If you believe We might have any information from or about a child under 16, please contact Us at [email protected].

TLDR: We do not knowingly collect information from children.

Data Security

Red Bison has implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.

The safety and security of your information also depends on you. Where We have given you (or where you have chosen) a password for access to certain parts of Our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas such as websites. The information you share in public areas may be viewed by any user of the Website.

Unfortunately, the transmission of information via the Internet is not completely secure. Although We do Our best to protect your personal information, We cannot guarantee the security of your personal information transmitted to Our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures implemented in Our Services.

TLDR: We take data security very seriously and take steps to protect your personal information. We ask you to do the same.

Compliance with the California Consumer Protection Act (CCPA)

Red Bison complies with the California Consumer Privacy Act of 2018 (CCPA) which applies solely to all visitors, users, and others who reside in the State of California. Please see Red Bison Privacy CCPA policy notice for California residents for more information.

Compliance with the EU General Data Protection Regulation (GDPR)

In addition to the notice provided above, the following notice applies to EU data subjects. In the event there is a conflict between the two as it applies to EU data subjects, this section shall take precedence. For purposes of this section, the term “Personal Data” shall have the meaning given by Regulation (EU) 2016/679. Please see Your Rights Under the GDPR for more information.

The Types of Personal Data That We Collect

TLDR: We may collect your Personal Data from various sources when you access or use Our Services.

Purposes for the Processing of Personal Data; Legal Basis

We process your Personal Data on the following legal bases, and for the following purposes:

TLDR: We collect your Personal Data for legitimate purposes under the GDPR.

Use of Your Personal Data

We do not use your Personal Data for any automated decision making covered by Articles 22(1) and (4) of Regulation (EU) 2016/679.

TLDR:TLDR: We do not use your Personal Data in a way that would violate GDPR.

Storing Your Personal Data

Red Bison may retain your Personal Data both during and after the time you are Our user, but We will not keep it longer than needed. All our current or archived data are securely stored on AWS or Azure servers. The amount of time We keep it depends on the type of Personal Data and the purpose for processing. For example, We may need it for regulatory compliance, to maintain Our internal financial or transactional records, to communicate with you about our relationship, or in cooperation with law enforcement agency requests.

TLDR: We may keep your Personal Data as long as we have to.

Recipients of Personal Data

TLDR: We may provide your Personal Data to third parties to provide Our Services to you.

Your Access and Choices

On and after May 25, 2018, for questions about the collection of Personal Data by Red Bison, or to exercise the right to access, correct, update, move or delete such data or object, for legitimate purposes, to the processing of Personal Data for which Red Bison is the data controller, as provided under applicable law, please contact Red Bison using the information provided in the Contact Information section, below.

There may be cases of restrictions on the amount of data that can be disclosed to data subjects under applicable law (for example, if that would necessarily involve disclosing data about another person). Red Bison is permitted to withhold some types of Personal Data in certain circumstances, subject to applicable local law requirements. If there is a dispute, please contact the Red Bison Data Protection Officer at [email protected] In addition, data subjects have the right to lodge a complaint with a supervisory authority. If you have an unresolved privacy or data use concern that We have not addressed satisfactorily, you may contact a third-party dispute resolution provider.

TLDR: You have the right to your Personal Data. If you have any questions, please contact Us.

Transfer of Personal Data to a Third Country; Appropriate Safeguards

Personal Data collected by Red Bison may be stored or processed in the United States or in any other country where Red Bison or its affiliates, subsidiaries, or third-party service providers maintain facilities. EU data subjects who provide Personal Data to Red Bison acknowledge the processing and transfer of that data to the United States and around the world. Red Bison will execute agreements with third parties for the transfer of personal data outside of the EU. These agreements may use European Commission-approved Standard Contract Clauses and/or employ additional or alternative appropriate safeguards.

TLDR: Your information may be transferred and processed in various jurisdictions in which you do not reside, and the privacy laws may differ in those jurisdictions.

Right to Withdraw Consent

You may withdraw your consent at any time; however, Red Bison may not be able to provide or continue to provide Services or marketing communications to you. You may decide to opt out of receiving marketing materials from Red Bison but still use the Services.

TLDR: You may decide to change your mind but that may limit you from accessing or using Our Services.

Changes to Our Privacy Policy

It is Our policy to post any changes We make to Our Privacy Policy on this page. If We make material changes to how We treat Our users’ personal information, We will notify you by email to the email address specified in your Account and/or through an update page. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring We have an up-to-date active and deliverable email address for you, and for periodically visiting our website and this Privacy Policy to check for any changes.

TLDR: It’s up to you to read Our Privacy Policy each time you visit our website.

Compliance with the Privacy Shield Framework

Red Bison complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Red Bison has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view their certification, please visit https://www.privacyshield.gov/.

Independent Recourse Mechanism for Privacy Shield Complaints

In compliance with the Privacy Shield Principles, Red Bison commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Red Bison at:

Privacy Officer

Red Bison Technology Group, LLC.

10200 NE 10th Street

Bellevue WA 98004

[email protected]

Red Bison has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/ for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Cooperate with EU Data Protection Authorities

Red Bison commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship.

FTC Regulations

Red Bison will endeavor to adhere to the Federal Trade Commission (FTC) policies.

Invoking binding arbitration

An individual may invoke, under certain conditions, binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms.

An individual who decides to invoke this arbitration option must take the following steps prior to initiating an arbitration claim: (1) raise the claimed violation directly with the organization and afford the organization an opportunity to resolve the issue within the timeframe set forth in Section III of the Privacy Shield Principles; (2) make use of the independent recourse mechanism under the Principles, which is at no cost to the individual; and (3) raise the issue through their Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the International Trade Administration of the Department of Commerce, at no cost to the individual. This arbitration option may not be invoked if the individual’s same claimed violation of the Principles (1) has previously been subject to binding arbitration; (2) was the subject of a final judgment entered in a court action to which the individual was a party; or (3) was previously settled by the parties.

For more details, please refer to Privacy Shield’s Pre-Arbitration Requirements, Annex I.

Addressing Onward Transfers to Third Parties

In cases of onward transfers to third parties, Red Bison will process the personal information it receives and subsequently transfers to a third party acting as an agent on its behalf.

Red Bison will process its customers’ personal information it receives under the Privacy Shield Notice Principle below and subsequently transfers to a third party acting as an agent on its behalf. Red Bison shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Red Bison proves that it is not responsible for the event giving rise to the damage.”

Notice Principle

  1. Red Bison participates the Privacy Shield Framework.
  2. Types of personal data collected: Please see above sections on “Information We Collect About You and How We Collect It” and “Compliance with the EU General Data Protection Regulation (GDPR)”.
  3. Red Bison’s adheres to the Principles of personal data received from the EU in reliance on the Privacy Shield.
  4. Purposes for which data is collected and used: Please see above section on “How We Use Your Information”.
  5. To contact Red Bison with any inquiries or complaints, including any relevant establishment in the EU that can respond to such inquiries or complaints, please email Us at [email protected] or at 1200 NE 10th Street, Bellevue WA 98004.
  6. Type or identity of third parties for information disclosure: Our licensors or business partners to provide the Services to you.
  7. Individuals may access their personal data through the Red Bison customer portal.
  8. The choices and means Red Bison offers individuals for limiting the use and disclosure of their personal data. Individuals may choose not to adhere to Red Bison’s terms and conditions before signing up or signing in the customer portal.
  9. The independent dispute resolution body designated to address complaints and provide appropriate recourse to the individual is JAMS, an alternative dispute resolution provider located in the United States, https://www.jamsadr.com/.
  10. Red Bison will aim to assist the FTC, the Department of Transportation, if needed.
  11. An individual may invoke binding arbitration, under certain conditions, as detailed in Privacy Shield’s Pre-Arbitration Requirements, Annex I
  12. Red Bison may disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements

Contact Information

To ask questions or comment about this Privacy Policy and our privacy practices, contact Us at:

[email protected]. You may also visit Our Terms of Use to register a complaint or concern at

https://redbison.us/terms.