Privacy Policy

Last Updated: November 14, 2022

Introduction

Proto Research Inc. and our affiliates and subsidiaries (collectively, the “Company”, “we”, “us”, “our(s)”) know how important privacy is to individuals. We are the owner and creator of an application to create and enable conversational agents (the “Services”).This Privacy Policy (“Policy”)describes the personal information we may obtain online and how we may use and disclose that information. This Policy also explains the choices available to you regarding our use of the information, how we safeguard the information, and how to contact us if you have questions regarding our privacy practices.  

The Services are currently under intense development and certain aspects of the Services may be deployed and/or updated over the coming months. Some parts of the Policy may refer to functions of the Services that have not yet been implemented or deployed.

This Policy applies to your use of the Services. Please read this Policy carefully to understand our policies and practices for collecting, processing, and storing your information, because any time you use our Services, you consent to the practices we describe in this Policy. Please check back often for updates to this Policy, as we may update it from time to time to reflect changes in our personal information practices with respect to the Services or changes in applicable law. We will notify you in advance either by e-mail or by posting a notice on our website of any material changes to this Policy and, where legally required, obtain your consent to changes in the ways that we collect, use, and disclose your personal information.

Definitions

Capitalized terms in this Policy, where not defined below, shall have the same meaning as in the Company Terms of Use (“Terms”). In addition:

“User” refers to a natural or legal person or entity that has been granted access to the Services and who has agreed to be bound by the Terms.

“User Content” refers to content that has been contributed to by users of the application, including personal information.

Overview

This Policy applies to information we collect, use, or disclose about you:

•  When you use the Services.
• In email, text, and other electronic messages, if applicable.
• Through mobile and desktop applications you download as part of the Services.

The Services may include links to third-party websites, plug-ins, services, social networks, or applications (“Third Party Services”). Clicking on those links or enabling those connections may allow the third party to collect or share data about you. Please note that these Third Party Services are subject to their own privacy policies. We do not control these Third Party Services, and are not responsible or liable for their collection, use or disclosure of personal information. We encourage you to carefully review the privacy policy of any Third Party Services you engage with.

Information we collect about you

We collect and use several types of information from and about you, including

• Personal information, that we can reasonably use to directly or indirectly identify you, such as your name, mailing address, e-mail address, telephone number, Internet protocol (IP) address used to connect your computer to the Internet, user name or other similar identifier, financial plans or goals, credit score, chat histories and any other identifier we may use to contact you.
• Non-personal information, that does not directly or indirectly reveal your identity or directly relate to an identifiable individual, such as generalized data, demographic information, or statistical or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal information. For example, we may aggregate personal information to calculate the percentage of users accessing a specific Services feature.
• Technical information, including your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, or information about your Internet connection, the equipment you use to access our Services, and usage details.
• Public preference information and content. When you use the Services, we may automatically receive information made available by social media profiles. That information is entirely public and could be indexed by Internet search engines and may be used for any purpose.
• Non-personal details about your Services usage and interactions, including the full Uniform Resource Locators (URLs), clickstream to, through and from our Services (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, or any phone number used to call our customer service number.

‍

How we collect information about you

We use different methods to collect your information, including through:

• Direct interactions with you when you provide personal information to us, for example, by filling in forms or corresponding with us by phone, email, or otherwise.
• Automated technologies or interactions, as you navigate through our Services. Information collected automatically may include usage details, IP addresses, browser type and language, access times, the content of any undeleted cookies that the User’s browser previously accepted, and the referring website address, and other information collected through cookies, web beacons, and other tracking technologies.
• Third parties or publicly available sources, for example, our business partners.

‍

Information You Provide to Us

The information we collect directly from you on or through our Services may include:

• Information that you provide by filling in forms on our Services. This includes information provided at the time of subscribing to a newsletter, registered with the Services, posting material, and/or requesting further services. We may also ask you for information when you report a problem with our Services.
• Financial information, such as your credit score or report, and authorization to use third party services, if applicable.
• Records and copies of your correspondence (including email addresses), if you contact us.
• Your responses to surveys that we might ask you to complete for research purposes.
• Your search queries on the Services.

‍

Information We Collect Through Cookies and Other Automatic Data Collection Technologies

As you navigate through and interact with our Services, we may use cookies or other automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

• Details of your use of the Services, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Services.
• Information about your computer and Internet connection, including your IP address, operating system, and browser type.
  

We may also use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). 

To learn more or to opt-out of tailored advertising please visit Digital Advertising Alliance of Canada’s Opt-Out Tool for information on how you can opt out of behavioral tracking on this Services and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.

The information we collect automatically is statistical data and may include personal information, and we may maintain it or associate it with personal information we collect in other ways that you provide to us, or receive from third parties. It helps us to improve our Services and to deliver a better and more personalized service, including by enabling us to:

• Estimate our market size and usage patterns.
• Store information about your preferences, allowing us to customize our Services according to your individual interests.
• Speed up your searches.
• Recognize you when you return to our Services.
  

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. When the User accesses the Services, the User’s computer(s) may be assigned one or more cookies to facilitate access to the Services and to personalize experience. Cookies may automatically collect information such as web pages visited, links clicked, and search history. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Services. 
• Flash Cookies. Certain features of our Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Services. Flash cookies are not managed by the same browser settings that are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
• Web Beacons. Parts of our Services and our e-mails may generate or contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related Services statistics
• Other Technologies. Standard Internet technology, such as transparent GIFs and other similar technologies, to track use of the Application may be used.

‍

Third Party Use of Cookies and Other Tracking Technologies

The Company may allow third parties, including authorized service providers, advertising companies, corporate partners, and ad networks, to display links, promotions and advertisements through the Services. These companies may use tracking technologies, such as cookies, to collect information about users who view or interact with their advertisements. This information may allow them to deliver targeted advertisements and gauge their effectiveness. The Company does not provide any personal information to these third parties.

You can opt-out of several third party ad servers' and networks' cookies simultaneously by using an opt-out tool created by the Network Advertising Initiative. You can also access these websites to learn more about online behavioural advertising and how to stop websites from placing cookies on your device. Opting out of a network does not mean you will no longer receive online advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.

We do not control these third parties' tracking technologies or how they are used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For more information about how you can opt out of receiving targeted advertising from many providers, see CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION below.

‍

Information We Collect Through Third Parties

We may collect information about you from third parties with your consent, or where otherwise permitted by law. We may use information collected from third parties to present you with services or products that we determine you may be interested in.

‍

How we use your information

All information provided to the Company through the use of the Services is collected and stored as data that may be used for product development, and is considered to be part of the Intellectual Property Rights (as defined in the Terms) of the Company.

We use information that we collect about you or that you provide to us, including any personal information:

• To present our Services to you.
• Facilitate and enhance your use of the Services;
• Manage your account and provide customer support;
• Enforce the Company’s Terms;
• Perform functions as otherwise described to the User at the time of collection.
• To provide you with information, products, or services that you request from us.
• To fulfill the purposes for which you provided the information or that were described when it was collected, or any other purpose for which you provide it.
• To carry out our obligations and enforce our rights arising from any contracts with you, or to comply with legal requirements.
• To notify you about changes to our Services or any products or services we offer or provide through it.
• To improve our Services, products or services, marketing, or customer relationships and experiences.
• To allow you to participate in interactive features, social media, or similar features on our Services.
• To measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you.
• In any other way we may describe when you provide the information.
• For any other purpose with your consent

We may use the information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

‍

‍

Disclosure of your information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this Policy:

• To our subsidiaries and affiliates.
• In accordance with Applicable Law, to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Company about our customers and users is among the assets transferred.
• To advertisers and advertising networks that require the information to select and serve relevant advertisements to you and others. We do not disclose data about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 400 women between 30 and 45 have clicked on their advertisement on a specific day). We may also use such aggregate information to help advertisers target a specific audience (for example, men in a specific location). We may make use of the personal information we have collected from you to enable us to display our advertisers' advertisements to that target audience.
• To third parties to market their products or services to you if you have not opted out of these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION.
• To contractors, service providers, and other third parties we use to support our business (such as analytics and search engine providers that assist us with Services improvement and optimization) and who are contractually obligated to keep personal information confidential, use it only for the purposes for which we disclose it to them, and to process the personal information with the same standards set out in this Policy.
• To authorized agents and service providers. The Company may share personal information with authorized agents and service providers that perform certain services on behalf of the Company. These services include, but are not limited to, maintaining servers, fulfilling subscription requests, providing customer service and marketing assistance and performing business and sales analysis. These agents and service providers may have access to personal information but are not permitted to share or use such information for any purpose beyond what has been authorized by the Company.  

• To comply with any court order, law, or legal process, including to respond to any government or regulatory request, in accordance with Applicable Law. Specifically, the Company may disclose User information, including personal information, (a) in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from law enforcement or other government agencies; (b) to establish or exercise the Company’s legal rights; (c) to defend against legal claims; or (d) as otherwise required by law. In such cases, the Company may raise or waive any legal objection or rights available.
• To enforce or apply our Terms and other agreements, including for billing and collection purposes.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
• To fulfill the purpose for which you provide it. 
• For any other purpose disclosed by us when you provide the information.
• With your consent.

‍

Transferring your personal information

We may transfer personal information that we collect or that you provide as described in this Policy to contractors, service providers, and other third parties we use to support our business (such as analytics and search engine providers that assist us with Services improvement and optimization) and who are contractually obligated to keep personal information confidential, use it only for the purposes for which we disclose it to them, and to process the personal information with the same standards set out in this Policy.

We may process, store, and transfer your personal information in and to a foreign country, with different privacy laws that may or may not be as comprehensive as U.K. law. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your personal information through the laws of the foreign country. Whenever we engage a service provider, we require that its privacy and security standards adhere to this Policy and applicable U.K. privacy legislation.

In the event that the Company or any portion of the business represented by the Services, is acquired by or merged with a third party entity, the Company reserves the right, in any of these or similar circumstances, to transfer or assign any or all of the information collected as part of such merger, acquisition, sale, or other change of control. In the event of bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors' rights generally, the Company may not be able to control how personal information is treated, transferred, or used.

By submitting your personal information or engaging with the Services, you consent to this transfer, storage, or processing.

‍

Choices about how we use and disclose your information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information: 

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's Services. If you disable or refuse cookies, please note that some parts of this Services may not be accessible or may not function properly. For more information about tracking technologies, see Information We Collect Through Cookies and Other Automatic Data Collection Technologies. 
• Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by checking the relevant box located on the form where we collect your data. You can also opt-out by sending us an email stating your request to team@proto.cx. 
• Promotional Offers from the Company. If you have opted in to receive certain emails from us but no longer wish to have your email address used by the Company to promote our own or third parties' products or services, you can opt-out by sending us an email stating your request to team@proto.cx. If we have sent you a promotional email, you may unsubscribe by clicking the unsubscribe link we have included in the email. 
• Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt out by checking the relevant box located on the form where we collect your data. For this opt-out mechanism to function, you must have your browser set to accept browser cookies. 
  

We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of several third party ad servers' and networks' cookies simultaneously by using an opt-out tool created by the Network Advertising Initiative. You can also access these websites to learn more about online behavioural advertising and how to stop websites from placing cookies on your device. Opting out of a network does not mean you will no longer receive online advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.

Data security

The security of your personal information is very important to us. We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us behind firewalls on our secure servers. 

As cloud-based software, the Services collect and store information on various servers throughout the world.

Appropriate security measures (including physical, electronic and procedural measures) are in place to safeguard personal information from unauthorized access and disclosure. Only authorized employees and third parties who have agreed to be bound by confidentiality restrictions may be permitted to access personal information, and may do so only for permitted business functions.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Services like message boards, which any Services user can view.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services.

Data retention

Except as otherwise permitted or required by Applicable Law or regulation, we will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize your personal information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.

Children under the age of 13

Our Services are not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Services. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this website or through the Services, use any of the interactive or public comment features of the Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at team@proto.cx.

Authorized users in the European Union

If personal data provided to Company is protected under the European General Data Protection Regulation (EU) 2016/679 (“GDPR”), such person to whom the personal data relates will have certain rights, which may include the right to view, correct or delete his/her/its personal data, the right to data transferability, and the right to withdraw his/her/its consent for data processing or to object to the processing of his/her/its personal data by Serene. This means that such person, including an Authorized User, can submit a request to Company to send the personal data that Company holds about such person in a computer file to him/her/it or another organization mentioned by him/her/it. 

The Company’s GDPR data processor is Google Cloud Platform.

In order to exercise any of these rights, a written request can be submitted to Company at team@proto.cx for access, correction, deletion, data transfer of the personal data or request for withdrawal of consent or objection to the processing of such person’s personal data, together with a copy of the person’s proof of identity. In the copy of proof of identity, it is advisable to conceal the passport photo, MRZ (machine readable zone, the strip with numbers usually at the bottom of the passport), passport number and citizen service number, so that these items are not legible. 

Authorized users in California

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit https://oag.ca.gov/privacy/ccpa.

Schedule “A” to this Policy contains terms applicable specifically to California residents who use the Services as Authorized Users (“California Policy”). Many parts of the California Policy are identical to those in this Policy. To the extent possible, the California Policy should be read in harmony with these Terms, and if there is any conflict between the two, the California Policy shall prevail in relation to any California resident’s use of the Services as Authorized Users. 

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of the Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an e-mail to team@proto.cx.

Accessing and correcting your personal information

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes. By law you have the right to request access to and to correct the personal information that we hold about you.

If you want to review, verify, correct, or withdraw consent to the use of your personal information you may also send us an email at team@proto.cx to request access to, correct, or delete any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. 

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

We will provide access to your personal information, subject to exceptions set out in applicable privacy legislation. Examples of such exceptions include:

• Information protected by solicitor-client privilege.
• Information that is part of a formal dispute resolution process.
• Information that is about another individual that would reveal their personal information or confidential commercial information.
• Information that is prohibitively expensive to provide.

If you are concerned about our response or would like to correct the information provided, you may contact us at team@proto.cx.

Withdrawing your consent

Where you have provided your consent to the collection, use, and transfer of your personal information, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact us at team@proto.cx. Please note that if you withdraw your consent we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you with your decision.

Changes to our privacy policy

It is our policy to post any changes we make to our Policy on this page. If we make material changes to how we treat our users' personal information, we will notify you through a notice on the Services home page. 

We include the date the Policy was last revised at the top of the page. You are responsible for ensuring we have an up-to-date, active, and deliverable email address for you, and for periodically visiting our Services and this Policy to check for any changes.

General terms

If any provision of this Policy is held to be invalid, illegal or unenforceable in any respect, that provision shall be limited or eliminated to the minimum extent necessary so that this Policy shall otherwise remain in full force and effect and enforceable.

If there is any dispute arising out of the Services, by using the Services the User expressly agrees that any such dispute shall be governed by the laws of England and Wales without regard to its conflict of law provisions, and the User expressly agrees and consents to the exclusive jurisdiction and venue of the courts of England and Wales.

Contact information and challenging compliance

We welcome your questions, comments, and requests regarding this Policy and our privacy practices. Please contact us at team@proto.cx. 

We have procedures in place to receive and respond to complaints or inquiries about our handling of personal information, our compliance with this Policy, and with applicable privacy laws. To discuss our compliance with this Policy please contact us using the contact information listed above.

Schedule “A”

California Policy

This Privacy Policy for California Residents (“California Policy”) supplements the Proto Global Ltd. (UK) (“we”, “us”, “our(s)”) main Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California ("consumers" or "you"). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this California Policy. 

This California Policy does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors, or similar individuals. 

Where noted in this California Policy, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication ("B2B personal information") from some its requirements.

Information we collect

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device ("personal information"). Personal information does not include:

• Publicly available information from government records.
• Deidentified or aggregated consumer information.
• Information excluded from the CCPA's scope, like:

• health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
• personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you. For example, from forms you complete or products and services you purchase.
• Indirectly from you. For example, from observing your actions on our Website.

‍

Use of personal information

We may use or disclose the personal information we collect for one or more of the following purposes: 

• To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns. 
• To provide, support, personalize, and develop our Website, products, and services.
• To create, maintain, customize, and secure your account with us.
• To process your requests, purchases, transactions, and payments and prevent transactional fraud.
• To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
• To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
• To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
• For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• As described to you when collecting your personal information or as otherwise set forth in the CCPA.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing personal information

We may share your personal information by disclosing it to a third party for a business purpose. 

We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, Company has disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.

We do not sell personal information.

‍

Your rights and choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

‍

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the "right to know"). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting or selling that personal information.
• The categories of third parties with whom we share that personal information.
• If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:

• sales, identifying the personal information categories that each category of recipient purchased; and 
• disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained. 

• The specific pieces of personal information we collected about you (also called a data portability request).

 We do not provide a right to know or data portability disclosure for B2B personal information.

Right to Delete 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: 

1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
3. Debug products to identify and repair errors that impair existing intended functionality.
4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
8. Comply with a legal obligation.
9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for B2B personal information.

Exercising Your Rights to Know or Delete

To exercise your rights to know or delete described above, please submit a request by emailing us at team@proto.cx.

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information. 

You may also make a request to know or delete on behalf of your child by the same method.

You may only submit a request to know twice within a 12-month period. Your request to know or delete must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: a) Two (2) pieces of government-issued photo from a state, provincial, or federal government; b) Parental or guardian identification information.

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. 

You do not need to create an account with us to submit a request to know or delete. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in the request to verify the requestor's identity or authority to make it. 

For instructions on exercising your sale opt-out or opt-in rights, see Personal Information Sales Opt-Out and Opt-In Rights.

Response Timing and Format

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact team@proto.cx.   

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. 

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

‍

‍

Non-discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

‍

Changes to California Policy

We reserve the right to amend this California Policy at our discretion and at any time. When we make changes to this California Policy, we will post the updated notice on the Website and update the notice's effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

‍

‍

Contact information

If you have any questions or comments about this notice, the ways in which Proto collects and uses your information described here, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Email: team@proto.cx‍