Privacy Policy
1. SCOPE OF THIS PRIVACY POLICY
This privacy policy (“Privacy Policy”) describes how Avetta, LLC and its worldwide affiliated group companies (“Avetta,” “we,” or “us”) process personal data, including personal data collected when you use our Software-as-a-Service solutions and any ancillary applications and services (collectively, “Services”) or visit Avetta’s websites that contain a link to this Privacy Policy. This Privacy Policy may be supplemented with additional privacy terms or notices in connection with certain specific features of the Services or our websites. To the extent a specific notice for any Services or websites differs from this Privacy Policy, the specific notice will take precedent. If there is a difference in translated, non-English versions of this Privacy Policy, the U.S.-English version will take precedence.
2. CONTROLLER AND PROCESSOR
For the purpose of the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (“EU GDPR”), the United Kingdom General Data Protection Regulation (“UK GDPR”), and other applicable data protection laws with a framework similar to the EU GDPR, Avetta, LLC is a “data processor” for your personal data when the processing is carried out on behalf of our customers (such as processing of your personal data contained in the prequalification forms or worker documentation), and is a “data controller” when the processing is for Avetta’s own purposes (such as billing, account management, product development, and other legitimate business interests).
You can reach our Privacy Officer via the following means of communication:
Postal Service:
AVETTA, LLC
Attention: Privacy Officer
3300 North Triumph Blvd. Suite 800
Lehi UT 84043, USA
Email: privacy@avetta.com
If you are located in the European Economic Area (“EEA”) or the United Kingdom (the “UK”) and have questions about your personal data or would like to request access, updates, or deletion, you may contact our representative at:
Bird & Bird GDPR Representative Services SRL
Avenue Louise 235
1050 Bruxelles
Belgium
EUrepresentative.Avetta@twobirds.com
Key Contact:
Vincent Rezzouk-Hammachi
Bird & Bird GDPR Representative Services UK
12 New Fetter Lane
London
EC4A 1JP
United Kingdom
UKrepresentative.Avetta@twobirds.com
Key Contact:
Vincent Rezzouk-Hammachi
3. THE DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The personal data we collect from you varies based on the Services you use, your role when using the Services, and your interactions with us. The table below summarizes the categories of personal data we may collect based on the types of the Services you use:
In addition to users of our Services, we collect data from business prospects (including not limited to website visitors and people who sign up for our newsletters or attend our events), and individuals who contact us via chats, emails, phone calls, or our websites. In general, we collect Identity Data (such as name), Contact Data (such as business email and address), Professional Data (such as title and name of company), Technical Data (such as system information about the browsers and devices that individuals use to interact with us), Usage Data (such as how you use our website), Marketing and Communications (such as your preferences in receiving marketing materials, and your interactions with us), and with respect to business prospects, Inferences drawn from other personal data. As mentioned above, the specific types of personal data we collect from you depend on how you interact with us, and some of the categories listed above may not be applicable to you. For example, if you attend an event hosted by us but do not otherwise interact with us, we will not collect Technical Data or Usage Data from you. If the only interaction you have with us is visiting our website, we will only collect Technical and Usage Data.
Under limited circumstances, we may collect your Biometric Data (such as fingerprints and voiceprints) for authentication purposes. For example, our customers may require fingerprints to authenticate personnel before they can enter a worksite; and we may enable voice authentication when our support team receives phone calls. However, please note that any collection of Biometric Data will only be conducted in compliance with all applicable laws and regulations and with your express consent.
We also collect, use and share Aggregated Data such as statistical data. Aggregated Data could be derived from your personal data but is not considered personal data as the data is anonymized and will not directly or indirectly reveal your identity. For example, we may aggregate Usage Data to calculate the percentage of users accessing a specific feature of the Services. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.
4. HOW IS YOUR PERSONAL DATA COLLECTED?
We use different methods to collect data from and about you including through:
Direct interactions. You or your authorized representatives may give us your data, such as Identity, Contact, Profile, Health, Professional, and Marketing and Communications Data by filling in forms or by corresponding with us by phone, email, chat or otherwise. This includes personal data you provide when you:
- Create an account with us.
- Complete prequalification forms.
- Upload documentation requested by the parties you work with through our Services.
- Participate in the events and activities hosted by us.
- Give us feedback or contact us.
Automated technologies or interactions. As you interact with our websites and Services, we may automatically collect Location, Usage, and Technical Data about your devices, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our Cookie Policy for further details.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
- Identity, Contact, and Professional Data from verification services and data enrichment providers, such as greenID, ZoomInfo, or similar vendors, and from publicly available sources, such as the government document verification services provided by the Australian Government.
- Identity, Contact, Profile, Health, Professional, Location, and Transaction Data submitted to us by your employer(s) or other companies you or your employer(s) work with.
- Identity, Contact, Professional, Inferences Data from marketing solutions, such as 6sense.
5. HOW WE PROCESS YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to fulfill contracts we are about to enter into or have entered into with our customers.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
The table below describes in more detail the purposes and legal bases of our processing activities and what our legitimate interests are where appropriate.
Note that we may process your personal data pursuant to more than one lawful basis depending on the specific purpose for which we are using your data.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
6. DISCLOSURES OF YOUR PERSONAL DATA
We may share your personal data with the parties set out below for the purposes set out in the table above. Please note that we require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
7. THIRD-PARTY COOKIES AND OTHER TRACKING TECHNOLOGIES
Our websites may use third-party cookies or similar technologies to collect information about you when you visit our websites. The information collected may be associated with your online activities over time and across different websites, and may be used to provide you with interest-based (behavioral) advertising or other targeted marketing content. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. For more information about how to manage cookies, please see our Cookie Policy.
For clarification purposes, we do not use tracking technologies for behavioral advertising purposes when you use our Services.
8. DIRECT MARKETING
In certain cases and to the extent permitted by law, we may send you direct marketing messages without your consent. Nevertheless, you have a right to ask us not to process your personal data for such purposes. You can exercise this right by using the “opt-out” or unsubscribe mechanism provided in the communication. However, we may continue to send service-related communications (such as account notifications, payment confirmations, and renewal notices) after you opt out of direct marketing messages.
Please note that (i) we do not share your personal data with any third parties for their own direct marketing purposes, and (ii) users of our Services are prohibited from using any contact information obtained from our platform for solicitation purposes.
9. YOUR PRIVACY RIGHTS
You may request a copy of and correct the personal data we hold about you. To view and update any personal data you have uploaded to the Services, you can return to the webpage or application where you originally submitted your personal data, or contact us if the system does not allow changes or you need assistance. To the extent that our Services allow registered users to access and update their personal data themselves, the accuracy of such data is solely the user’s responsibility.
Under certain circumstances, you may have the right to object to the processing of your personal data or to have it erased.
You have the right to withdraw your consent at any time where we use your personal data on the basis of your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will endeavor to advise you if this is the case at the time you withdraw your consent.
In addition, if you are located in the EEA or the UK, you may have the following additional rights:
- Right of access (Art. 15 GDPR)
You have the right to obtain confirmation from us as to whether and which data we process about you, for which purposes, how long we process them, who may receive the data and where they originate from. You do not have such a right in exceptional cases, i.e. where your requests are excessive.
- Right to rectification (Art. 16 GDPR)
You generally have the right to request that we rectify inaccurate data, including the right to have incomplete data completed.
- Right to erasure/Right to be forgotten (Art. 17 GDPR)
You have the right in particular cases to request that we erase your data, e.g. if the data is no longer necessary in relation to the purposes for which it was collected, or if you have objected to the processing. This does not apply in exceptional cases, e.g. if the further processing is necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.
- Right to restriction of processing (Art. 18 GDPR)
You may ask us to restrict our use of your personal data where, for example, we no longer need your personal data for the purposes of which we are using it, but it is required by you for the establishment, exercise or defense of legal claims.
- Right to data portability (Art. 20 GDPR)
You can request a machine-readable copy of personal data that you have provided to us, which can be transmitted to another service provider where technically feasible. This only applies to personal data that we use by automatic means, and on the basis of your consent or our performance of a contract with you.
- RIGHT TO OBJECT (ART. 21 GDPR)
To the extent that we are relying upon legitimate interest as a legal basis to use your personal data, or to the extent we process your personal data for direct marketing purposes, you have the right to object to such use on grounds relating to your particular situation, at any time. However, we cannot always comply with this, e.g. if legal provisions oblige us to process data within the scope of our official duties.
- Right to lodge a complaint (Art. 77 (1) GDPR)
You also have the right to lodge a complaint with the competent supervisory authority, in particular in your member state of residence, if you consider that our use of your personal data violates applicable data protection law.
To protect your privacy and security, we may need to request specific information from you to verify your identity whenever you request to exercise your rights.
Notwithstanding the foregoing, to the extent we are a data processor, instead of responding to you directly, we will forward your privacy requests to the controller (e.g. your employer) and will assist them in fulfilling their obligations to respond to your requests.
For further information regarding your rights, or to exercise any of your rights, please contact us at privacy@avetta.com.
10. DATA RETENTION AND SECURITY
We store information about you in computer systems and databases operated by either us or our external service providers.
We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
The security of your personal data is important to us. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and are bound by a duty of confidentiality, whether contractual or statutory. If you have any reason to believe that your interaction with us is no longer secure, please notify us immediately at infosec@avetta.com.
11. INTERNATIONAL DATA TRANSFER
For the purposes described above, your personal data may be transferred to recipients mentioned in Section 6.
When transferring personal data outside the EEA or the UK, we:
(i) ensure that the country in which your personal data will be handled has been deemed “adequate” by the European Commission or the UK, as applicable;
(ii) include in our contracts the Standard Contractual Clauses approved by the European Commission (as applicable) for transferring personal data from the EEA or the UK, and additionally the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (the “UK Addendum”) for transferring personal data from the UK; or
(iii) rely on other legally compliant mechanisms or conditions for such data transfer to ensure that a similar degree of protection is afforded to the data.
You can obtain further information about the rules on data transfers outside the EEA and the UK, including the mechanisms that we rely upon, on the European Commission website here and the UK’s Information Commissioner’s Office website here.
For data transfers to the United States, Avetta has elected to self-certify to the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework administered by the US Department of Commerce. For further information, please refer to our Data Privacy Framework Notice, which is available here.
If applicable data protection laws prescribe additional requirements or modify any existing mechanisms for cross-border data transfers, we will take appropriate measures, including working with our customers (such as your employer), to implement the requirements or update the transfer mechanisms to enable the lawful transfer of your personal data outside your home country.
12. CHILDREN'S PRIVACY
We do not knowingly collect personal data from children under the age of 18 and we do not target our Services to children under 18.
13. LOCAL LAWS AND REGULATIONS
While this Privacy Policy is designed to deliver consistent and efficient information on a global basis with a specific focus on the EU GDPR and UK GDPR, all information will always be processed in accordance with applicable local law. For more details on the local laws and regulations applicable to your home jurisdiction, please see Appendix I of this Privacy Policy.
14. CHANGES TO THIS PRIVACY POLICY
If we modify this Privacy Policy to reflect changes to our information practices, we will post the revised version here, with an updated revision date. We encourage you to periodically review this page for the latest information on our privacy practices.
15. THIRD-PARTY LINKS
Our Services and our websites may include links to third-party websites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. When you leave the Services or our websites, we encourage you to read the privacy policy of every website you visit.
16. HOW TO CONTACT US
If you have comments or questions about this Privacy Policy or our processing of your information, please contact:
AVETTA, LLC
Attention: Privacy Officer
3300 North Triumph Blvd. Suite 800
Lehi UT 84043, USA
Email: privacy@avetta.com
Our data protection representatives within the EEA and the UK are as follows:
Individuals within the EEA or the UK can contact us directly (see above) or contact the respective representative.
Appendix I: Jurisdiction Specific Terms
United States - Notice to California Residents
Last Updated: January 30, 2025
This notice to California residents supplements solely to the visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”). Any terms defined in the CCPA have the same meaning when used in this notice.
Information We Collect
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
As described in Section 4 of the Privacy Policy, we obtain the categories of personal information listed above from the following categories of sources:
- Direct interactions with you.
- Automated technologies or interactions.
- Third parties or publicly available sources.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following purposes:
- To process an order or a transaction (including for billing and payment purposes).
- To register you as a user of the Services, either as an authorized user of a client or a supplier.
- To provide our Services and enable the use of features, including but not limited to enabling customers to (i) manage their contractors/workers/clients; (ii) submit/share/assess prequalification or compliance documents; and (iii) manage worksite access.
- To maintain, protect, and improve our Services (including troubleshooting, enhancing user experience, product analytics, system maintenance, support, adding new features, and preventing and detecting security threats).
- To provide customer support, to contact you about your account or tasks to complete, and to manage our relationship with you such as notifying you about changes to the Services or our terms and asking you for your feedback or comments.
- To verify your identity and account when you contact our customer support team.
- To test new products and services (e.g. Beta testing if our customers opt in).
- To deliver relevant content and marketing materials to you and measure or understand the effectiveness of our marketing strategy.
- To deliver targeted advertising to visitors of our websites (through cookies and other tracking technologies) and measure or understand the effectiveness of the advertising we serve.
- To identify business prospects.
- To invite you to participate in surveys, sweepstakes, competitions and similar promotions.
- To aggregate information in order to anonymize it for data analysis, audits, developing new products, enhancing the Services, identifying usage trends and determining the effectiveness of our promotional campaigns.
- To use data analytics to improve our Services, marketing, customer relationships and experiences.
- To prepare or implement reorganization or sale of assets or shares.
- To comply with our legal obligations, respond to government or judicial requests for information (including in the context of private litigation), resolve disputes, and enforce our agreements.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
As stated above, if you contact our customer support team, we may collect voice data for authentication purposes but only after obtaining your express consent. Please note that any other sensitive personal information we collect from individuals is strictly used to fulfill contracts with our customers that the individuals work for and for purposes permitted under the CCPA. We do not process any sensitive personal information to infer characteristics about individuals, nor do we use or disclose sensitive personal information for purposes other than the permitted purposes under the CCPA.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Retention of Personal Information
As stated in Section 10 of the Privacy Policy, we will only retain your personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. In some circumstances we will anonymize your personal Information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Disclosure of Personal Information
We may disclose your personal information to third parties for business purposes. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.
We do not sell personal information for any monetary consideration. However, we sometimes use tracking technologies on our websites for advertising purposes, which may be considered “selling” or “sharing” of your personal information under the CCPA. In the preceding twelve (12) months, we may have sold or shared the following categories of personal information to the categories of third parties indicated in the chart below.
We do not sell or share personal information about individuals who we know are under age 16, and we do not sell or share personal information that our customers have submitted to us in the course of using our Services.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information (the “right to know”). Once we receive your request and confirm your identity, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting, selling, or sharing that personal information.
- The categories of third parties with whom we disclose that personal information.
- If we sold/shared or disclosed your personal information for a business purpose, two separate lists disclosing:
- Selling/sharing, identifying the personal information categories that each category of recipient purchased/received; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
Right to Correct
You have the right to request us to correct any inaccuracies in any personal information we maintain about you, taking into account the nature of the personal information and the purposes of the processing of the personal information (the “right to correct”). Once we receive your request and confirm your identity, we will review the contested personal information and may request additional documentation from you to validate your request. We will use commercially reasonable efforts to correct any confirmed inaccuracies, or otherwise process your request in accordance with the CCPA.
We may deny your request to correct if there are reasonable grounds to believe that the request is fraudulent or abusive.
Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide the service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill our obligations under applicable law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers, contractors, and third parties to take similar action.
Exercising Your Rights to Know, Correct, or Delete
To exercise your rights to know, correct, or delete described above, please submit a request by emailing us at privacy@avetta.com.
Only you, or someone legally authorized to act on your behalf, may make a request to know, correct, or delete related to your personal information.
You may only submit a request to know twice within a 12-month period. Your request to know, correct, or delete must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
You do not need to create an account with us to submit a request to know or delete. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
Response Timing and Format
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact privacy@avetta.com.
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Right to Opt-out of Sale/Sharing – Notice of Right to Opt-out of Sale/Sharing
You have the right to opt-out of sale or sharing of your personal information with third parties for cross-context behavioral advertising (the “right to opt-out”).
You can exercise the right to opt-out by enabling an opt-out preference signal on your browser or device. We process the signal in a frictionless manner, as long as the signal is in a format commonly used and recognized by businesses. We treat the opt-out preference signal as a valid request to opt-out sale/sharing for the browser or device and any consumer profile (pseudonymous profiles) associated with that browser or device. You may need to install an extension/application to your browser/device to implement the opt-out preference signal. Providers of the platform, technology, or mechanism that sends the signal typically will disclose to consumers that the signal is meant to have the effect of opting consumers out of sale/sharing of their personal information.
You can also exercise the right to opt-out by utilizing the Cookie Settings on our website to reject cookies that could be used for marketing and behavioral advertising purposes, which may include social media cookies and targeting cookies. If you visited our website previously but did not opt-out of sale/sharing during your visit, you may need to clear the cookies that have already been stored/dropped on your browser/device first and then re-visit our site to opt-out of sale/sharing. Please note the Cookie Settings only controls the cookie settings for the browser or device you are using. You will need to update the cookie settings on all of the browsers/devices that you use to access our website to fully exercise the right to opt-out.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@avetta.com.
Except for the opt-out preference signal discussed above, we do not respond to Do Not Track signals. You may, however, disable certain tracking as discussed in our Cookie Policy, such as by disabling cookies.
Changes to Our Privacy Policy
We reserve the right to amend the Privacy Policy at our discretion and at any time. When we make changes to this notice, we will post the updated notice on this page and update the notice’s effective date. Your continued use of our Services following the posting of changes constitutes your acceptance of such changes.
Contact Information
If you have any questions or comments about this notice, the ways in which Avetta collects and uses your information described here and in the main terms of the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Email: privacy@avetta.com
Postal Address:
AVETTA, LLC
Attention: Privacy Officer
3300 North Triumph Blvd. Suite 800
Lehi UT 84043, USA
If you need to access this notice in an alternative format due to having a disability, please contact privacy@avetta.com.
Australia – Additional Disclosures to Australian Residents
Last Updated: January 30, 2025
We adhere to the Privacy Act 1988 (Cth) and the Australian Privacy Principles. For details on how and why we collect, use, hold and disclose your personal information, please refer to the previous sections of the Privacy Policy. This notice provides additional disclosures to Australian residents.
DO WE DISCLOSE PERSONAL INFORMATION TO OVERSEAS RECIPIENTS?
We may disclose your personal information to recipients which are located outside Australia. Please see Section 6 of the Privacy Policy for details.
DO WE USE YOUR PERSONAL INFORMATION FOR MARKETING?
We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to.
Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication. However, please note that we may continue to send service-related communications (such as account notifications, payment confirmations, and renewal notices) after you opt out of marketing messages.
ACCESS TO AND CORRECTION OF YOUR PERSONAL INFORMATION
You may access or request correction of the personal information that we hold about you. To view and update any personal information you have uploaded to the Services, you can return to the webpage or application where you originally submitted the information, or contact us if the system does not allow changes or you need assistance. There are also some circumstances in which we are not required to give you access to your personal information.
There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).
We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate. However, please note that to the extent that our Services allow registered users to access and update their information themselves, the accuracy of such data is solely the user’s responsibility.
COMPLAINTS
If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us. Our contact details are set out below.
We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.
If you remain unsatisfied with the way in which we have handled a privacy issue, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (“OAIC”) (www.oaic.gov.au) for guidance on alternative courses of action which may be available.
CONTACT DETAILS
If you have any questions, comments, requests or concerns, please contact us at:
Email: privacy@avetta.com
Postal Address:
AVETTA, LLC
Attention: Privacy Officer
3300 North Triumph Blvd. Suite 800
Lehi UT 84043, USA