Under the CCPA, if you’re a California resident you have the right to know not only what categories of “personal information” we collect, disclose or sell generally; but also what personal information we collect, disclose, or sell about you. (California law has a really detailed definition of “personal information”, see below.).
Our site is not directed at children under age 16, and we certainly would not sell or disclose the personal information of anyone we know is under age 16, even if we had it, without affirmative authorization as required by the CCPA and the regulations.
Even though we don’t collect personal information, you still have a right to submit what the CCPA calls a “verifiable consumer request,” to confirm the above, a request to opt-out of information collection, and/or a request to delete any personal information we may have about you. See the "Opt-out: Do Not Sell My Info" section below. We authenticate the request – that is, make sure it’s you and not someone else – by requiring you to log into Polar Signals. If you decide to use what the CCPA calls an “authorized agent” to submit your request, your agent must use your applicable authentication method (Google/GitHub auth) since that’s the only means we have to authenticate.
The CCPA prohibits us from discriminating against you in any way for exercising your rights as described above, and of course we won’t.
We’re required to track and report statistics regarding the number of requests we receive. Since our system has only been available since February 2nd 2021, our first report will be reported beginning of 2022.
Here’s how the CCPA defines “personal information”:
“Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
(“Household” is defined by the CCPA regulations as “a person or group of people occupying a single dwelling.”)
Personal information includes, but is not limited to, the following if it identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household:
(A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
(B) Any categories of personal information described in subdivision (e) of Section 1798.80.
[Section 1798.80 states: “ ‘Personal information’ means any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. ‘Personal information’ does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.”]
(C) Characteristics of protected classifications under California or federal law.
(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
(E) Biometric information.
(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
(G) Geolocation data.
(H) Audio, electronic, visual, thermal, olfactory, or similar information. (I) Professional or employment-related information.
(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. §1232g and 34 C.F.R. Part 99).
(K) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
The CCPA also excludes some things from the definition of “personal information”:
Publicly available information Aggregate consumer information Deidentified information The CCPA defines those as follows:
For these purposes, “publicly available” means information that is lawfully made available from federal, state, or local government records, if any conditions associated with such information. “Publicly available” does not mean biometric information collected by a business about a consumer without the consumer’s knowledge. Information is not “publicly available” if that data is used for a purpose that is not compatible with the purpose for which the data is maintained and made available in the government records or for which it is publicly maintained. “Publicly available” does not include consumer information that is deidentified or aggregate consumer information.
“Aggregate consumer information” means information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device. “Aggregate consumer information” does not mean one or more individual consumer records that have been deidentified.
“Deidentified information” means information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular consumer, provided that a business that uses deidentified information: (1) Has implemented technical safeguards that prohibit reidentification of the consumer to whom the information may pertain. (2) Has implemented business processes that specifically prohibit reidentification of the information. (3) Has implemented business processes to prevent inadvertent release of deidentified information. (4) Makes no attempt to reidentify the information.
Although you are free to submit an opt-out request, there is nothing to opt-out of since we do not sell your personal information. Complete this form or email firstname.lastname@example.org.
The CCPA requires that we verify that you are in fact the user who is submitting this form. To accomplish that, you'll need to login, then submit our opt-out request form. Please visit this page from the desktop site to log in.