In certain jurisdictions, the processing of your Personal Data (as defined below) is lawful only if it is permitted under data protection legislation. In this case, we have a lawful basis for each of our processing activities (unless an exemption applies) as outlined below:
When you access the Site, register for any associated products and/or services, or opt-in to receive newsletters and other communications from us, we may collect Personal Data and Anonymous Data from you. We may also collect Personal Data and Anonymous Data when you send us information or communications. “Personal Data” means data that allows someone to identify or contact you, including, for example, and without limitation, your name, phone number, physical address, Internet Protocol (IP) address, and email address when you access the Site or any associated products and/or services. “Anonymous Data” refers to data about you that is not associated with or linked to your Personal Data. Anonymous Data does not permit the identification of individual persons.
We may use Personal Data collected from you for the following general purposes:
(1) to fulfill your requests to receive information from us;
(2) to improve the Site and our services;
(3) to contact you to resolve problems;
(4) to communicate with you about products and services offered by us and our selected partners;
(5) to engage with third-party service providers so that you can access and use the Site; and
(6) to periodically conduct market research regarding your use of the Site and our services.
If and when we use a third party technical support provider or third-party hosting provider, we ensure that the same privacy criteria, as defined herein, are in place with such third parties. We do not knowingly collect personal information from persons under the age of eighteen.
“Site Data” refers to data about how you use the Site. We may collect certain information from you including, but not limited to: User IP addresses, OS version, OS localization, device type, etc. We obtain this information from third-party traffic monitoring service providers. Other than User IP address, the Site does not, and will not, collect any other Personal Data from you without your prior approval. The Site Data we collect is primarily used to report Site usage and statistics, to improve the Site, and to track the performance of various marketing initiatives. Site Data may also be used by Assembly to answer questions that customers have about their use of the Site.
We will never sell, trade, or rent any Personal Data, Site Data, or any Anonymous Data that may contain Personal Data, to any third party.
In certain special cases, we may disclose Personal Data when we have reason to believe that disclosing such information is necessary to identify, contact, or bring legal action against someone who may be causing injury to you, or is otherwise injuring or interfering with our rights, property or operations, other users of the Site, or anyone who could be harmed by such activities. We may also disclose your Personal Data and any Site Data when we believe the law requires it or in response to any demand by law enforcement authorities in connection with criminal investigation, or civil or administrative authorities in connection with a pending civil case or administrative investigation.
If we determine, in our sole discretion, that you have engaged in conduct that might be considered unlawful, fraudulent, or might harm or damage the reputation or standing of Assembly with either the general public or with a business partner or potential business partner of Assembly, we reserve the right to release your Personal Data to such persons or third parties, as we consider necessary, to prevent you from causing injury to, or otherwise injuring or interfering, now or in the future, with our rights, property or operations or otherwise the rights, property or operations of anyone which could be harmed by such conduct.
If you opt-out of having your information collected through cookies and other web technologies, your existing display advertising cookie(s) will be deleted and a new cookie will attempt to be placed that instructs third-party service providers not to track your future activities when that cookie is detected (a “do-not-track” cookie). If your browsers are configured to reject cookies when you visit our opt-out page, a “do-not-track” cookie cannot be set on your computer. Also, if you subsequently erase “do-not-track” cookies, use a different computer or change web browsers, you will need to opt-out again. We currently do not respond to browser "do-not-track" signals.
Third-party Links. The Site may contain links to other third-party owned and/or operated websites and, where you request information from third-party providers, we may transfer you directly to the websites of such third-party providers. Assembly is not responsible for the privacy practices or the content of such third-party websites. In some cases, you may be required to provide certain information to register or complete a transaction at such website. These third-party websites have separate privacy and data collection practices and Assembly has no responsibility or liability relating to them. We do not endorse, nor are we responsible for the accuracy of, the privacy policies and/or terms and conditions of such third-party website. These third-party entities are independent third parties and are not affiliated with Assembly.
Without being discriminated against for exercising these rights, California law gives its residents the right to request that we disclose what personal information we collect from you, to delete that information, and to opt-out of the sale of your personal information (if we sell such information), subject to certain restrictions. For security purposes, we will verify your identity – in part by requesting certain information from you -- when you request to exercise your California privacy rights. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests.
If you are a California resident, you may submit, free of charge, but no more than twice in a 12-month period, a verifiable request for the following information:
• The specific pieces of personal information we have about you;
• The categories of personal information we collected, sold, or disclosed for a business purpose about you within the last 12 months;
• The categories of sources from which the personal information was collected;
• The purposes for which the information was collected or sold; and
• The categories of third parties to whom the information was sold, disclosed for a business purpose, or otherwise shared.
If possible, we will provide this information to you in a readily usable format that allows transmission to another entity. The easiest way to submit a request and receive your report is to direct your requests to email@example.com.
If you are a California resident, you may submit a verifiable request for us to delete the personal information we have collected about you. The easiest way to submit a request for deletion is to direct your requests to firstname.lastname@example.org.
California residents may opt out of the “sale” of their personal information, as defined by the CCPA. This does not include when:
• You direct us to disclose your personal information or use us to interact with a third party and the third party does not sell the personal information; • We use or share an identifier solely to alert a third party you have opted out of the sale of your personal information; • Your personal information is transferred as an asset as part of a transaction in which the third party assumes control of all or part of our business, in which case the third party would have to tell you in writing if it materially changes how the information is used or shared; and • We use or share your personal information under a written contract with a service provider necessary to perform a business purpose. Here, the service the service provider performs is on our behalf, and our written contract prohibits it from keeping, using or disclosing your personal information for any purpose other than for the specific purpose identified in the contract.
We may not discriminate against you because you have exercised your rights, including, for example, by denying you access to our owned and/or operated websites.
If you would like to designate an authorized agent to make a request on your behalf, please be sure the agent can (i) demonstrate you have provided written permission for the agent to submit the request on your behalf, and (ii) provide proof of his or her own identity. If the agent does not satisfy these requirements, we will deny the request.
The Site may contain certain software technologies and services licensed from third-party providers. Assembly may engage with certain third party services and solutions providers such as data hosting service providers, payment processing service providers, and email marketing service providers. These third-party providers have separate privacy and data collection practices and policies, and Assembly has no responsibility or liability relating to them. We do not endorse, nor are we responsible for the accuracy of the terms and conditions of any third-party privacy policies. These third-party entities are independent third parties and are not affiliated with Assembly.
Assembly may be using or sharing your Personal Data for Legitimate Interest purposes with third parties service providers, including without limitation:
Assembly is committed to protecting the security of any Personal Data that is collected by Assembly. We use a variety of industry-standard security technologies and procedures to help protect any Personal Data from unauthorized access, use, or disclosure. Despite these measures, no method of transmission over the Internet, or method of electronic storage is 100% secure. Assembly cannot fully eliminate security risks associated with the collection and storage of any Personal Data, including without limitation, any mistakes and security breaches that may happen. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. In the unlikely event of a data breach where your Personal Data has been compromised, Assembly will promptly notify you, the applicable authorities and supervisory authorities or data protection authorities.
Any Personal Data that is collected and stored by Assembly will be retained only for as long as required in order to provide certain products and/or services to you, or as required by applicable law. Any Personal Data that is no longer required by Assembly will be destroyed.
We reserve the right to limit or deny your request to view, update, or remove your Personal Data if you have failed to provide us with sufficient information to verify your identity.