Xeragenx LLC Privacy Policy

This Privacy Policy is effective as of its last update: March 4, 2020.   Thank you for choosing to be part of our community at Xeragenx LLC, doing business as Xeragenx ("Xeragenx", "we”, “us", or "our"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our notice, or our practices with regards to your personal information, please contact us at info@xeragenx.com.

When you visit our website https://www.xeragenx.com, (the “Site”), and use any of the services we may provide, you trust us with your personal information. We take your privacy very seriously. This Privacy Policy describes how we collect, use, share, protect and otherwise process your personal information in connection with your use of this Site.   We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. .
This privacy notice applies to all information collected through our Site.

Please read this privacy notice carefully as it will help you make informed decisions about sharing your personal information with us.  If there are any terms in this Privacy Policy that you do not agree with, please do not provide us with any personal information (as defined below) and discontinue your use of this Site.Make this “Privacy Policy” a separate icon on the home page, distinct from the Terms of Use.

1. WHAT INFORMATION DO WE COLLECT?

Xeragenx collects several types of information from visitors to and users of our Site under the following circumstances and in the following categories.  We collect personal information from you when you provide it to us or sign up to receive any email, newsletter or other products or services from Xeragenx. “Personal Information” includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual consumer or household, such as, your name, address, email address, phone number, or any other identifier that permits the physical or online contacting of a specific individual.  Personal Information is information concerning a user that a Site or online service collects online from the user and maintains in personally identifiable form and does not include publicly available, de-identified or aggregated consumer information. You may choose not to provide Xeragenx with your personal information.  If you choose not to provide your personal information, you may still use certain areas of the Site, but may not be able to access all portions of the Site or obtain full access to products or services offered on this Site.  If you sign up to receive any email or any other communications from us, you may elect to opt-out of Xeragenx correspondence at any time by clicking on the unsubscribe link at the bottom of our emails.
We may automatically collect certain information from you when you visit, use or navigate the Site.   This information does not reveal your full name or address,  but may include  your IP address.  Other types of information that we may automatically collect from you include usage information, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Site and other technical information. This information is primarily needed to maintain the security and operation of our Site, and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies as described below.

2. HOW DO WE USE AND SHARE YOUR INFORMATION?

We use personal information collected via our Site for the business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.
We use the information we collect or receive from you in the following ways:

• To send you marketing and promotional communications. We and/or our third party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails at any time.
• To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
• To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and assist you in solving any potential issues you might have with the use of our Site or obtaining a product or service from us.
• For other Business Purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Site, products, services, marketing, and your experience of our company. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not constitute  personal information.

We may also process and share the personal information we collect for other legitimate purposes, including:

• protecting and maintaining the security and integrity of our Site and its infrastructure;
• authenticating information you provide to us;
• protecting the rights and property of Xeragenx or the rights and property of others;
• detecting, preventing and responding to fraud, intellectual property infringement, violations of our Terms of Use, violations of law and any misuse of the Site or Xeragenx’s products or services;
• complying with any legal obligations imposed on us; and
• pursuing legal remedies available to us, limiting our damages, and complying with judicial proceedings, court order, or lawful requests from governmental authorities and other legal purposes.

More specifically, we may need to share your personal information in the following situations:

• Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Services, which will enable them to collect data about how you interact with the Site over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity.
• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

We do not share, sell, rent or trade any of your information with third parties for their promotional purposes and do not share your information other than as described in this Privacy Policy.

3. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and other tracking technologies (like web beacons and pixels) to collect, process, access, or store your information.

“Cookies” are small text files that are stored on your computer by a Web server based on permissions set in your browser software. Cookies do not read any information on your personal computer, rather, they’re used as identifiers by our Site to customize, monitor, or control the use of the Site based on information stored on the host server. The use of cookies is commonplace and standard Internet practice.

Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Site.

4. HOW LONG DO WE KEEP YOUR INFORMATION?

We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we collect, process and store, and to protect such information from unauthorized access, disclosure, alteration or destruction. However, please also remember that  no internet data transmission can be guaranteed to be 100% secure. Although we will do our best to protect your personal information and ensure its security and confidentiality, the transmission of personal information to and from our Site is at your own risk. You should only access the Site within a secure environment and you remain responsible for the security of your computer at all times.

6. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly solicit or collect data from or market to anyone under 18 years of age. If you are under the age of 18, you should not send us any personal data, including your email.

By using the Site, you represent that you are at least 18 years of age or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Site. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from anyone under age 18, please contact us at info@xeragenx.com.

This Site complies with the Children’s Online Privacy Protection Act of 1998 (COPPA) and implementing regulations protecting the privacy of children using the internet, specifically children under the age of 13.

7. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals across the internet is available, and we cannot control the DNT handling of third parties that may interact with our Site. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking and responding to a DNT feature is adopted across all businesses in the future, or enacted into law, we will inform you about that practice in a revised version of this Privacy Policy.

8. CHANGES TO THIS POLICY

We will change, amend and update this policy from time to time as necessary to reflect changes in our privacy practices, technology, products and services, and general business operations, and to stay compliant with relevant laws and regulations.

The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is posted. We reserve the right to change, amend and update this Privacy Policy at any time in our sole and absolute discretion. You should check this Privacy Policy on a regular basis to ensure you have reviewed and are familiar with the most current policy.

9. CONTACTING US

If you have questions or comments about this policy, you may
Email us at info@xeragenx.com
or by post to:

Xeragenx LLC
100 North Point Center East, Suite 125,
Alpharetta, GA, 30022

You may also request, at any time, that we review, change, or delete your personal information or your preferences to receive any emails, products or services from us. To do so, send us a written request as set forth above.

10. CALIFORNIA RESIDENTS

Pursuant to the California Consumer Privacy Act of 2018 (CCPA), effective January 1, 2020, California residents have certain additional rights regarding our collection and use of your Personal Information. This section sets out the rights of California residents under the CCPA.

(i) Key Definitions

(a) “Aggregate consumer information” means information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device. “Aggregate consumer information” does not mean one or more individual consumer records that have been de­identified.

(b) “Biometric information” means an individual’s physiological, biological, or behavioral characteristics, including an individual’s deoxyribonucleic acid (DNA),that can be used, singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.

(c) "Business purpose” means the use of Personal Information for the business’s or a service provider’s operational purposes, or other notified purposes, provided that the use of Personal Information shall be reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or processed or for another operational purpose that is compatible with the context in which the Personal Information was collected.

(d) “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

(1) Personal Information includes, but is not limited to, the following if it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household:

(A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
(B) Any categories of Personal Information described in subdivision (e) of Section 1798.80.
(C) Characteristics of protected classifications under California or federal law.
(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
(E) Biometric information.
(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
(G) Geolocation data.
(H) Audio, electronic, visual, thermal, olfactory, or similar information.
(I) Professional or employment-related information.
(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
(K) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

(2) “Personal Information” does not include publicly available information. For purposes of this paragraph, “publicly available” means information that is lawfully made available from federal, state, or local government records. “Publicly available” does not mean biometric information collected by a business about a consumer without the consumer’s knowledge.

(3) “Personal Information” does not include consumer information that is deidentified or aggregate consumer information.

(e) “Verifiable consumer request” means a request that is made by a consumer, by a consumer on behalf of the consumer’s minor child, or by a natural person or a person registered with the Secretary of State, authorized by the consumer to act on the consumer’s behalf, and that the business can reasonably verify, pursuant to regulations adopted by the California Attorney General.

(ii) Right to know about Personal Information we collect or share, and your data portability rights:

You have the right to request that we disclose the specific Personal Information we have collected over the past twelve months by submitting a verifiable consumer request. Once we receive, review and confirm your request, we will disclose to you the following information (where applicable):

(1) The categories of Personal Information we collected about you.

(2) The categories of sources from which we collected your Personal Information.

(3) The business or commercial purpose for collecting or selling your Personal Information.

(4) The categories of third parties with whom we share Personal Information.

(5) The specific pieces of your Personal Information we collected.

If we disclosed your Personal Information for a business purpose, we will also disclose:

• The categories of your Personal Information that we disclosed; and
• The categories of third parties with whom we shared your Personal Information, by category or categories of Personal Information for each third party to whom the Personal Information was disclosed.

(iii) What Personal Information do we collect, and how do we share it?

The following table includes categories of Personal Information as defined under the CCPA, and discloses how we have collected or shared that information during the past 12 months.

(iiv) Right to request deletion of Personal Information

You have the right to request via verifiable consumer request that we delete your Personal Information that we collected and retained, subject to exceptions listed below. Once we receive and confirm your request to delete Personal Information, we will delete, and will direct our trusted partners to delete, your Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’ ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
• Debug identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another Consumer to exercise their free speech rights, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the business’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
• Enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
• Comply with a legal obligation.
• Otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.

(v) Exercising your rights to access, data portability, and deletion:

To exercise the rights described above, please submit a verifiable consumer request to us by completing the form on our Site. Only you or an authorized agent may make a verifiable consumer request related to your Personal Information. An authorized agent must have your written permission to submit the request on your behalf and must directly verify his or her own identity with us. We may deny the agent’s request if the agent does not submit proof of direct authorization. See the attached format for the form for such user requests.

The following information must be provided by you or your authorized agent in order for us to process your request:

a.     Your first and last name

b.     Your mailing address

c.     Your email address

This information may be submitted via the form.

The verifiable consumer request must:

• Provide sufficient information in order for us to reasonably verify the consumer about whom we collected Personal Information.
• Describe the request with sufficient detail such that we can properly understand and respond to it.

If we cannot verify your identity or your authorized agent’s authority to make a request, or confirm that the Personal Information belongs to you, we will not be able to respond to your request. We will not use any Personal Information that you provide within a verifiable consumer request for anything beyond verifying your identity and responding to the request.

(vi) How we respond to verifiable consumer requests

When we receive a verifiable consumer request, we will confirm receipt within 10 business days and provide information about how we will process the request. Typically, we will respond to your request within 45 days of receipt. However, if additional time to evaluate and fulfill your request is reasonably necessary, we will notify you of the extension (up to an additional 90 days taking into account the complexity and number of requests) within the initial 45-day period. If we provide a disclosure of your Personal Information, it will cover the 12-month period preceding our receipt of your verifiable consumer request and shall be made in writing and delivered through your user account, if you maintain an account with our business, or by mail or electronically at the your option if you do not. The disclosure will be provided in a readily useable format that will allow you to transmit this information from one entity to another entity without hindrance.

We will not charge a fee to process or respond to your verifiable consumer request unless the request is manifestly unfounded or excessive. If you submit unfounded requests, or an excessive number of requests, we may either charge a reasonable fee, taking into account the administrative costs of providing the information or communication or taking the action requested, or refuse to act on the request and notify you of the reason for refusal. We are not required to provide you with your Personal Information more than twice in a 12-month period.

(vii) Your right to non-discrimination

We will not discriminate against you for exercising any rights set forth in this Privacy Policy. Unless permitted by law, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through the use of discounts or other benefits, or by imposing penalties.
• Provide a different level or quality of goods or services to you.
• Suggest that you will receive a different price or rate for goods or services, or a different level or quality of goods or services.

However, we may offer you certain legally permitted financial incentives that can result in different prices, rates, or quality levels. These incentives will reasonably relate to your Personal Information’s value, and any incentive program will contain written terms describing that program’s material aspects. Any such financial incentive program requires your opt-in consent; such consent may be revoked at any time.

(viii) Your consent:

By using the Xeragenx Site, you consent to our Privacy Policy. If you do not agree to our Privacy Policy, do not use the Site.

(ix) Changes to Our Privacy Policy:

We will change, amend and update this Privacy Policy from time to time to reflect changes in our privacy practices, technology, products and services, general business operations and industry. In the event of any such change, we will post a revised policy on this Web site and revise the “Last revised” date of such policy. We reserve the right to change, amend and update this Privacy Policy at any time in our sole and absolute discretion, and such changes will be effective upon posting of the revised policy. You should check this Privacy Policy on a regular basis to ensure you have reviewed and are familiar with the most current policy.

(x) Contacting Us

For any questions or concerns you may have regarding this Privacy Policy and our information and data collection and use practices, please contact us by email at:  info@xeragenx.com

or by post to:

Xeragenx LLC
100 North Point Center East, Suite 125,
Alpharetta, GA, 30022