EEA/UK Addendum
The following Addendum applies to users who reside in the European Economic Area ("EEA") and the United Kingdom, the provisions of which shall prevail over conflicting provisions in this Privacy Policy for EEA/UK residents only
The following Addendum applies to users who reside in the European Economic Area ("EEA") and the United Kingdom, the provisions of which shall prevail over conflicting provisions in this Privacy Policy for EEA/UK residents only
1. DATA CONTROLLER
For the purposes of data protection law, the controller is Red Ventures (“we,” “us,” or “our”), comprising of Red Ventures, LLC, of 1101 Red Ventures Drive, Fort Mill, SC, 29707, and its affiliated companies, as appropriate.
2. ADDENDUM TO TYPES OF INFORMATION WE COLLECT
Generally, we collect information from people in the EEA/UK in a similar manner, and for similar legitimate business purposes, as described above “Types of Information We Collect”
3. OUR LEGAL BASIS FOR PROCESSING
Our legal basis for processing your personal data will typically be one of the following:
Consent
You have actively given your informed consented to our processing of your personal data by completing a form on the site, or have indicated your consent with another affirmative act.
Legitimate Interests
We have a Legitimate Interest in processing your personal data, and our reasons for it do not override your data protection rights. Our Legitimate Interests in processing your personal information are:
Legal Obligation
It is necessary for us to process your personal data for us or another Red Ventures company to comply with our legal or regulatory obligations.
Contractual Obligation
It is necessary for us to process your personal information to perform the tasks associated with a contract to which you are a party, or to take steps at your request prior to you entering into a contract.
4. YOUR DATA RIGHTS
In addition to your rights of access and correction (rectification) described above in “Manage Your Information”, EEA and UK residents have certain other rights defined in the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Consent Withdrawal - You have the right to withdraw your consent in relation to our processing of your personal data based on your consent.
Erasure - You have the right to ask us to right to request deletion of your personal data in certain circumstances.
Restriction of Processing - You have the right to request that we restrict the processing of your data in certain circumstances.
Object to Processing - You have the right to object to the use or disclosures of your personal data.
Data Portability - You have the right to request we transmit your personal data to you or another company in certain circumstances.
We process all requests in accordance with the law, and there may be legal reasons why we cannot fulfill all requests.
Please contact us dpo@redventures.com if you wish to make a request. We have one month to respond to you. You are not required to pay any charge for exercising your rights.
5. INTERNATIONAL TRANSFER
We operate in the United States and transfer, store and process personal data outside of the EEA/UK, using applicable approved data transfer mechanisms (for example, the EU Standard Contractual Clauses and Privacy Shield) to ensure your personal data are adequately safeguarded.
EU-U.S. Privacy Shield
We (Red Ventures, New Imagitas, Inc. (ExpertFlyer.com), The Points Guy, LLC, and CollegeDegrees.com, LLC) participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and the United Kingdom, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
We are responsible for the processing of personal data received, under the Privacy Shield Framework, and subsequent transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and the UK, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
6. COOKIES
As described above (“Information We Collect Automatically”), with your consent, we use cookies to help us analyze, improve, secure, and market our website and services, and to support functionality which enhances your browsing experience. You can read more about how and why we use cookies on our cookie policy.
7. QUESTIONS & CONCERNS
If you have any comments or questions, or are concerned about the way in which we have handled any privacy matter, you can contact us using the details below:
EEA Post: Data Protection Officer, Red Ventures c/o B.H.L Cumberland Ireland Limited, Digital Depot, The Digital Hub, Roe Lane, Off Thomas Street, Dublin, D08 TCV4, Ireland.
UK Post: Data Protection Officer, Red Ventures, The Cooperage, 5 Copper Row, London, SE1 2LH, United Kingdom
E-mail: dpo@redventures.com.
You may also contact us at privacy@redventures.com or in writing at:
Red Ventures, LLC
1101 Red Ventures Drive
Fort Mill, SC 29707
Attn: Privacy Officer
Complaints
You also have the right to lodge a complaint about our processing of your personal information with the relevant Supervisory Authority:
UK: Information Commissioner's Office: https://ico.org.uk/concerns/ or 0303 123 1113 or casework@ico.org.uk/
EEA: Data Protection Commission: https://www.dataprotection.ie/ or +353 1800 437 737 or webform