Our Pledge to You: We are committed to maintaining your trust and pledge the following:
- Transparency. We will keep you informed of our privacy practices.
- Keeping your information safe. While we cannot promise perfection, we have implemented security tools that are designed to safeguard your information in accordance with industry standards.
“Personal Information” is any information relating to an identified or identifiable natural person.
All individuals whose responsibilities include the Processing of Personal Information on behalf of Civic are expected to protect that data by adherence to this Policy. This Policy is intended to meet requirements globally, including those in North America, Europe, APAC, and other jurisdictions.
3. Collection of Information: Types of Information We Collect
As you interact with the Services, we may collect Personal Information from you. The types of Personal Information we may collect (directly from you or from Third-Party sources) depend on the nature of the relationship you have with Civic and the requirements of applicable law, as described below.
Information You Provide to Us
We collect information you provide directly to us, including:
- To provide Services requested. When you use the Services or engage in certain activities, such as registering for an account with Civic, requesting Services or information, verifying your identity through our Services, or contacting us directly, we may collect information from you such as your name, user name and password, email address, telephone number(s), mailing address, Social Security number, account numbers, payment information, government issued identification documents (e.g., passports, driver’s license, etc.), selfie image, biometric information, IP Address, utility bills, and statements to prove your current residence (e.g., bank statements).
- In surveys. From time to time, we may contact you to participate in online surveys. If you do decide to participate, you may be asked to provide certain information which may include Personal Information. All information collected from your participation in our surveys is provided by you voluntarily. We may use such information to improve our Services and in any manner consistent with the policies provided herein.
Facial Biometric Identity Verification
Facial biometric identity verification is performed by comparing two or more captured images of faces. For example, we may compare the face on a government-issued photo ID against a “selfie” that you capture and send to us. The biometric identifiers used to perform this comparison are derived from the photographs that you submit.
Information We Collect Automatically When You Use Our Services
In addition to the Personal Information described above, we may collect certain information about your use of our Services.
- Log Information. We collect log information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Services.
- Device Information. We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers and mobile network information.
- Location Information. We may collect information about the location of your device each time you access or use our Services or otherwise consent to the collection of this information.
- Cookies. Cookies are small text files placed in visitors’ computer browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.
- Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded on the Site that collects information about users’ engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement.
- Analytics. We may also use Google Analytics, Google Analytics Demographics, Heap Analytics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on some of our Services, and to develop website content. This analytics data is not tied to any Personal Information. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and Processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout.
Our uses of such Technologies fall into the following general categories:
- Advertising or Targeting Related. We may use first-party or third-party cookies and web beacons to deliver content, including ads relevant to your interests, on our sites or on third party sites. This includes using technologies to understand the usefulness to you of the advertisements and content that has been delivered to you, such as whether you have clicked on an advertisement.
If you would like to opt out of the Technologies we employ on our sites, services, applications, or tools, you may do so by blocking, deleting, or disabling them as your browser or device permits.
Information We Collect From Other Sources
4. Use of Information
We acquire, hold, use, and Process Personal Information about Individuals for a variety of business purposes, including:
- To Provide Products, Services, or Information Requested: Civic may use information about you to fulfill requests for products, Services, or information, including information about potential or future Services, including to:
- Generally manage Individual information and accounts;
- Respond to questions, comments, and other requests;
- Provide access to certain areas, functionalities, and features of Civic’s Services;
- Allow you to register for events.
- Administrative Purposes: Civic may use Personal Information about you for its administrative purposes, including to:
- Measure interest in Civic’s Services;
- Develop new products and Services or improve existing products and Services;
- Ensure internal quality control;
- Verify an Individual’s identity;
Communicate about Individual accounts and activities on Civic’s Services and systems, and, in Civic’s discretion, changes to any Civic policy;
- Send email to the email address you provide to us to verify your account and for informational and operational purposes, such as account management, customer service, or system maintenance;
- Process payment for products or Services purchased;
- Process applications and transactions;
- Comply with regulatory requirements, including collecting and using information relating to adverse effects you have experienced when using our products;
- Prevent potentially prohibited or illegal activities;
- Marketing Civic Products and Services: Civic may use Personal Information to provide you with materials about offers, products, and Services that may be of interest, including new content or Services. Civic may provide you with these materials by phone, postal mail, facsimile, or email, as permitted by applicable law. Such uses include:
- To tailor content, advertisements, and offers;
- To notify you about offers, products, and services that may be of interest to you;
- To provide Services to you and our sponsors;
- For other purposes disclosed at the time you provide Personal Information; or
- Otherwise with your consent.
You may contact us at any time to opt out of the use of your Personal Information for marketing purposes, as further described below.
- Research and Development: Civic may use Personal Information to create non-identifiable information that we may use alone or in the aggregate with information obtained from other sources, in order to help us to optimally deliver our existing products and Services or develop new products and Services. From time to time, Civic may perform research (online and offline) via surveys. We may engage Third-Party service providers to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve Individuals by learning more about their needs and the quality of the products and Services we provide. The survey responses may be utilized to determine the effectiveness of our Services, various types of communications, advertising campaigns, and/or promotional activities. If you participate in a survey, the information given will be used along with that of other study participants. We may share anonymous Individual and aggregate data for research and analysis purposes.
- Direct Mail, email and Outbound Telemarketing. Individuals who provide us with Personal Information, or whose Personal Information we obtain from Third Parties, may receive periodic emails, newsletters, mailings, or phone calls from us with information on Civic’s or our business partners’ products and services or upcoming special offers/events we believe may be of interest. We offer the option to decline these communications at no cost to the Individual by following the instructions below.\
- Mobile Devices. Civic may collect certain information that your mobile device sends when you use Services designed for mobile devices, like a device identifier, user settings and the operating system of your device. Mobile versions of Civic’s Services may require that users log in with an account. In such cases, information about use of mobile versions of the Services may be associated with user accounts. Civic’s mobile application stores Personal Information directly on your device in order to verify your identity. Personal Information may be transferred to Civic to enable identity verification. In the case that Personal Information is transferred to Civic, it will be retained as described below.
- Anonymous and Aggregated Information. Civic may use Personal Information and other information about you to create anonymized and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access Civic’s Services, or other analyses we create. Anonymized and aggregated information is used for a variety of functions, including the measurement of visitors’ interest in and use of various portions or features of the Services. Anonymized or aggregated information is not Personal Information, and Civic may use such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes. We may share this information within Civic and with Third Parties for our or their purposes in an anonymized or aggregated form that is designed to prevent anyone from identifying you.
- Information Submitted Via Services. You agree that Civic is free to use the content of any communications submitted by you via the Services, including any ideas, inventions, concepts, techniques, or know-how disclosed therein, for any purpose including developing, manufacturing, and/or marketing goods or Services. Civic will not release your name or otherwise publicize the fact that you submitted materials or other information to us unless: (a) you grant us permission to do so; (b) we first send notice to you that the materials or other information you submit to a particular part of a Service will be published or otherwise used with your name on it; or (c) we are required to do so by law.
- Other Uses. Civic may use Personal Information for other purposes for which we have a legitimate interest, such as Individual or market research, anti-fraud protection, or any other purpose disclosed to you at the time you provide Personal Information or with your consent.
We may also use data that we collect on an aggregate or de-identified basis for various business purposes, where permissible under applicable laws and regulations.
5. Third-Party Sites and Social Media Platforms
Our Services may contain links to other websites and other websites may reference or link to our Services. These other domains and websites are not controlled by us, and Civic does not endorse or make any representations about Third-Party websites or social media platforms. We encourage our users to read the privacy policies of each and every website and application that they interact with. We do not endorse, screen, or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
Our Services may also contain links and interactive features with various social media platforms. If you already use these platforms, their cookies may be set on your device when using our Services. You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible blog, chat room, social media platform, or otherwise online, or that you share in an open forum may be viewed and used by others without any restrictions. We are unable to control such uses of your information when interacting with a social media platform, and by using such services you assume the risk that the Personal Information provided by you may be viewed and used by third parties for any number of purposes.
6. Sharing of Information
- To verify Your Identity on our Services. In order to verify your identity on our Services, we may share Personal Information about you. For instance, we may share Personal Information about you with credit reporting agencies to verify your Social Security number.
- We Use Vendors and Service Providers. We may share any information we receive with vendors and service providers. The types of service providers (processors) to whom we entrust Personal Information include service providers for: (i) provision of IT and related services; (ii) provision of information and Services you have requested; (iii) payment processing; and (iv) customer service activities; (v) fraud prevention; and (vi) in connection with the provision of the Services. Civic has executed appropriate contracts with the service providers that prohibit them from using or sharing Personal Information except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements.
- Business Partners. Civic may share Personal Information with our business partners, affiliates, and for our affiliates’ internal business purposes or to provide you with a product or Service that you have requested. Civic may also provide Personal Information to business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you. In such cases, our business partner’s name will appear, along with Civic’s. Civic requires our affiliates and business partners to agree in writing to maintain the confidentiality and security of Personal Information they maintain on our behalf and not to use it for any purpose other than the purpose for which Civic provided it to them.
- Marketing. Interest-Based Advertising and Third Party Marketing. Through our websites (civic.com and other Civic-controlled websites), we may allow Third-Party advertising partners to set tracking tools (e.g., cookies) to collect information regarding your activities (e.g., your IP address, page(s) visited, time of day). We may also share such de-identified information as well as selected Personal Information (such as demographic information and past purchase history) we have collected with Third-Party advertising partners. These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit non-Civic related websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We may allow access to other data collected by the Services to facilitate transmittal of information that may be useful, relevant, valuable, or otherwise of interest to you.
Note that Civic does not engage in interest-based advertising on its mobile app, and does not use information gathered from its mobile app for interest-based advertising.
- If you prefer that we do not share your Personal Information with Third-Party advertising partners, you may opt-out of such sharing at no cost by following the instructions below.
- Disclosures to Protect Us or Others (e.g., As Required by Law and Similar Disclosures). We may access, preserve, and disclose your Personal Information, other account information, and content if we believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) respond to your requests; (iii) protect yours’, ours’ or others’ rights, property, or safety; (iv) to enforce Civic policies or contracts; (v) to collect amounts owed to Civic; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable.
In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.
- Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. Should such an event occur, Civic will endeavor to direct the transferee to use Personal Information in a manner that is consistent with the Policy in effect at the time such Personal Information was collected.
We may also share aggregated or de-identified information, which cannot reasonably be used to identify you.
Civic retains the Personal Information we receive as described in this Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our products and Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
We take our responsibility to protect the privacy and confidentiality of your information, including Personal Information, very seriously. We take reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure.
By using the Services or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on www.civic.com or sending an e-mail to you. You may have a legal right to receive this notice in writing.
If you have any questions about the security of your Personal Information, you can contact us at email@example.com.
9. Your Choices
If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. We will process your request within a reasonable time after receipt. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain communications regarding Civic and our Services and you will not be able to opt out of those communications (e.g., communications regarding updates to our Terms of Service or this Policy).
We may give you choices regarding the sharing of Personal Information with affiliates and third parties. Choices you have about the sharing of your Personal Information will be described in the privacy policies or notices you receive in connection with the products or Services you obtain from us.
Rights of Access, Rectification, Erasure, and Restriction
You may inquire as to whether Civic is Processing Personal Information about you, request access to Personal Information, and ask that we correct, amend, or delete your Personal Information where it is inaccurate. Where otherwise permitted by applicable law, you may send an e-mail to firstname.lastname@example.org or use any of the methods set out in this Policy to request access to, receive (port), restrict Processing, seek rectification, or request erasure of Personal Information held about you by Civic. Such requests will be processed in line with local laws.
Although Civic makes good faith efforts to provide Individuals with access to their Personal Information, there may be circumstances in which Civic is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary. If Civic determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, Civic will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Information.
Cookies and Interest-Based Advertising
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.
The online advertising industry also provides websites from which you may opt out of receiving targeted ads from our data partners and our other advertising partners that participate in self-regulatory programs. You can access these, and also learn more about targeted advertising and consumer choice and privacy, at www.networkadvertising.org/managing/opt_out.asp, or http://www.youronlinechoices.eu/ and www.aboutads.info/choices/. You can also choose not to be included in Google Analytics here.
We tell you when our privacy policies and practices change.
10. Children’s Privacy
We do not knowingly collect, maintain, or use Personal Information from children under 13 (and in certain jurisdictions under the age of 16) years of age, and no part of our Services are directed to children under the age of 13 (and in certain jurisdictions under the age of 16). If you learn that your child has provided us with Personal Information without your consent, you may alert us at email@example.com. If we learn that we have collected any Personal Information from children under 13 (and in certain jurisdictions under the age of 16), we will promptly take steps to delete such information and terminate the child’s account.
11. International Users
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and Processing globally. By providing your Personal Information, you consent to any transfer and Processing in accordance with this Policy.
12. Redress/Compliance and Accountability
If after reviewing this Policy, you would like to submit a request or you have any questions or privacy concerns, please contact us as described below.
Civic will address your concerns and attempt to resolve any privacy issues in a timely manner.
13. Other Rights and Important Information
- New Uses of Personal Information. Additionally, before we use Personal Information for any new purpose not originally authorized by you, we will endeavor to provide information regarding the new purpose and give you the opportunity to opt out. Where consent of the Individual for the Processing of Personal Information is otherwise required by law or contract, Civic will endeavor to comply with the law or contract.
California Privacy Rights
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the Third Parties to whom we have disclosed their Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties. Civic does not share Personal Information with Third Parties for their own marketing purposes.
The following capitalized terms shall have the meanings herein as set forth below.
- “Agent” means any Third Party that Processes Personal Information pursuant to the instructions of, and solely for, Civic or to which Civic discloses Personal Information for use on its behalf.
- “Employee” refers to any current, temporary, permanent, prospective or former employee, director, contractor, worker, or retiree of Civic or its subsidiaries worldwide.
- “Personal Information” is any information relating to an identified or identifiable natural person (“Individual”).
- “Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Sensitive Data” or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding EU residents that is classified as a “Special Category of Personal Data” under EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where Processed to uniquely identify a person; (6) health information; (7) sexual orientation or information about the Individual’s sex life; or (8) information relating to the commission of a criminal offense.
- “Third Party” is any company, natural or legal person, public authority, agency, or body other than the Individual, Civic, or Civic’s Agents.
15. Contact Us