CALIFORNIA RESIDENTS: PRIVACY POLICY NOTICE
This Privacy Policy Notice is intended for California residents pursuant to the California Consumer Privacy Act of 2018 and California Privacy Rights Act of 2020 (collectively “CCPA”), and supplements the information contained in the above Privacy Policy. Any terms defined in the CCPA and applicable California regulations have the same meaning as used in this Privacy Policy Notice. If you have a disability and want this Privacy Policy Notice provided in an alternative format, please call us as 877-314-4308 or write us at D & A Services, 1400 E. Touhy Ave., Suite G2 Des Plaines, IL 60018. If you have questions about our Privacy Policy or practices, please call 877-314-4308.
- Information We Collect About You
We may collect and use personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be directly or indirectly linked, with a consumer, device, or household ("personal information").
Personal Information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA's scope, such as (but not limited to) information governed by the Health
Insurance Portability and Accountability Act of 1996 ("HIPAA"), the California Confidentiality of Medical
Information Act ("CMIA"), the Fair Credit Reporting Act ("FCRA"), the Gramm-Leach-Bliley Act ("GLBA"),
California Financial Information Privacy Act ("FIPA"), and the Driver's Privacy Protection Act of 1994 ("DPPA").
We regularly collect (and have collected in the past 12 months) several types of personal information about
individuals regarding accounts we service or purchase, including:
| Category |
Examples |
| Identifiers |
Name, postal address, Internet Protocol address, email address, account number, Social Security number,
or other similar identifiers
|
| Categories listed in the California Customer Records statute, Cal. Civ. Code § 1798.80(e) |
Name, signature, Social Security number, address, telephone number, education, employment, bank account
number, credit card number, debit card number, or other financial information, medical information, or
insurance information
|
| Protected classifications under California or federal law |
Age, gender, medical condition, disability, veteran or military status |
| Commercial information |
Records of products or services purchased, obtained |
| Internet or other similar network activity |
Information on a consumer's interaction with our website(s) or application(s) |
| Audio, electronic, visual or similar data |
Call recordings |
| Professional or employment-related information |
Current or past job history |
| Non-public education information (per Family Educational Rights and Privacy Act (20 U.S.C. § 1232g, 34
C.F.R. Part 99))
|
Student financial information |
| Inferences drawn from personal information |
To create a profile reflecting the consumer’s preferences, characteristics, aptitudes, or behavior |
| Sensitive personal information |
A consumer's social security number, driver's license, state identification card, or passport number; a
consumer's account log-in in combination with any required security or access code, password, or credentials
allowing access to the account
|
- How Your Personal Information is Collected
We collect most of this personal information from our creditor clients or from you or your authorized representative by telephone or written communications. However, we may also collect information:
- From publicly accessible sources (e.g., property or other government records);
- From our service providers (e.g., call analytics, information source, skip-tracing, collections, payment
processing, mailing, and other vendors)
- Why We Use or Disclose Your Personal Information
We regularly use or disclose personal information for one or more of the following business purposes:
- Fulfill the reason you provided the information. For example, if you share your personal information to make a
payment, we will use that information to process your payment.
- Perform services on behalf of a business or service provider, including maintaining or servicing accounts,
providing customer service, processing transactions, verifying customer information, processing payments,
providing analytic services, or providing similar services on behalf of the business or service provider
- Provide you with information or services that you request from us
- Auditing related to consumer interactions
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and
prosecuting those responsible for that activity
- Debugging to identify and repair errors that impair existing intended functionality
- Short-term, transient use, where the personal information is not disclosed to another third party and is not
used to build a profile about a consumer or otherwise alter an individual consumer's experience outside the
current interaction
- Undertaking activities to verify or maintain the quality of a service or device that is owned, made by or for,
or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, made by or for, or
controlled by us
- Respond to law enforcement requests and as required by applicable law or court order
- As appropriate to protect the rights, property, or safety of us, our clients, or others
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
We will not collect additional categories of personal information or use the personal information we collected for
materially different purposes without providing you notice.
We regularly disclose (and have disclosed in the past 12 months) the above listed categories of personal information
for business purposes to one or more of the following categories of third parties: our creditor clients, our service
providers (payment processing, mailing, collection, call analytics and other vendors), credit reporting agencies,
regulatory and law enforcement agencies.
We do not sell or share your personal information under the CCPA.
We do not use or disclose sensitive personal information for purposes other than those necessary to perform services
reasonably expected by an average consumer; to help ensure security and integrity where use of the information is
reasonably necessary and proportionate for this purpose; for short-term, transient use; for performing services,
including maintaining or servicing accounts, providing customer service, processing or fulfilling transactions,
verifying customer information, processing payments, or providing similar services; for undertaking activities to
verify or maintain the quality of our services, and to improve, upgrade, or enhance our services.
We retain each category of personal information or sensitive personal information no longer than is reasonably
necessary for the purposes for which it was collected as stated in this privacy policy, unless extending the
retention period is otherwise required or permitted by law. Subject to this limitation, the retention period of each
category of personal information or sensitive personal information is determined by considering the following: the
time required to retain the information to fulfill our business purposes; the time applicable to maintaining
corresponding transaction and business records; the time necessary to respond to consumer queries, complaints or
lawsuits; data retention requirements of applicable laws or contracts; and applicable data retention policies as may
be in place from time to time
- Verifiable Consumer Requests for Information
Upon verification of identity, California residents may in some cases request that a business:
- Disclose the categories of personal information the business collected about the consumer;
- Disclose the categories of sources from which the personal information is collected
- Disclose the categories of personal information that the business sold about the consumer;
- Disclose the categories of personal information that the business disclosed about the consumer for a business
purpose;
- Disclose the categories of third parties with whom the business shares personal information
- Disclose specific pieces of personal information the business has collected about the consumer
- Disclose any financial incentives offered by the business for collection, sale, or deletion of personal
information
You have a right not to receive discriminatory treatment by a business for your exercise of CCPA privacy rights.
A business may charge a different price or rate, or provide a different level or quality of goods or services to
you, if that difference is reasonably related to the value provided to you by your personal information.
For applicable personal information access and portability requests, we will select a format to provide your
personal information that is readily useable and should allow you to transmit the information from one entity to
another entity without hindrance.
Please note that we are not required to:
- Carry out information access requests we receive from you if acting as a service provider or contractor to
another entity regarding such information
- Retain any personal information about you that was collected for a single one-time transaction if, in the
ordinary course of business, that information about you is not retained;
- Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner
that would be considered personal information;
- Provide the requested information disclosure to you more than twice in a 12-month period.
- Provide the requested information disclosure if we cannot verify that the person making the request is the
person about whom we collected information, or is someone authorized to act on such person's behalf; or
- Provide the requested information disclosure if a CCPA or applicable exception applies.
- Right to Request Deletion of Personal Information
Upon verification of identity, California residents may in some cases request that a business delete personal
information about you that the business collected from you and retained, subject to certain exceptions.
We may deny your deletion request if we are acting in the role of a service provider to another business
regarding the applicable personal information. If we deny your request on that basis, we will generally refer
you to the relevant business. In addition, we may deny your deletion request if retaining the information is
necessary for us or our service providers to:
- Complete the transaction for which the personal information was collected, provide a good or service requested
by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise
perform a contract between you and us.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute
those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or
exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with
us.
- Comply with a legal obligation; or
- If another CCPA or applicable exception applies.
- Right to Request Correction of Inaccurate Personal Information
Upon verification of identity, California residents may in some cases request a business that maintains
inaccurate personal information about you correct that inaccurate personal information. We will use commercially
reasonable efforts to correct the inaccurate personal information.
California residents may make verifiable requests to disclose, delete, or correct pursuant to the CCPA or obtain
more information by calling us at 877-314-4308, visiting us at https://dnasllc.com/contact/,
mailing us at
1400 E. Touhy Ave., Suite G2 Des Plaines, IL 60018 or emailing us at contact@dnasllc.com.
- Verifying Your Identity If You Submit CCPA Requests
If you choose to contact us directly via the designated methods described above to exercise your CCPA rights, you
will need to:
- Provide enough information to reasonably identify you (e.g., your full name, account number if applicable,
and potentially other identifying information); and
- Describe your request with sufficient detail to allow us to properly process and respond to your request.
If seeking to make a verifiable request under the CCPA on behalf of someone else, we require enough information
to reasonably identify the subject of the request (including name and other identifying information) and the
subject’s written consent to make the CCPA request on his or her behalf, as consistent with applicable law.
We are not obligated to make an information disclosure or carry out a deletion request pursuant to the CCPA if we
cannot verify that the person making the request is the person about whom we collected information, or is
someone authorized to act on such person’s behalf.
Any personal information we collect from you in order to verify your identity in connection with your CCPA
request will be used solely for the purposes of verification.
Last modified: 3/10/2026