We may collect and use personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be directly or indirectly linked, with a consumer, device, or household ("personal information"). Personal Information does not include:
- Information We Collect About You
We regularly collect (and have collected in the past 12 months) several types of personal information about individuals offline regarding accounts we service, including: name, DOB, address, gender, account number, payment and other financial information, email address, insurance information, SSN, employment information, telephone number, IP address, military or veteran status, audio information, username, publicly available information, and information collected or shared pursuant to HIPAA, FIPA, GLBA, FCRA, DPPA, and/or other applicable privacy laws. We also may collect additional categories of personal information users provide directly to us or our service providers/contractors.
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA's scope, such as (but not limited to) information governed by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), the California Confidentiality of Medical Information Act ("CMIA"), the Fair Credit Reporting Act ("FCRA"), the Gramm-Leach-Bliley Act ("GLBA"), California Financial Information Privacy Act ("FIPA"), and the Driver's Privacy Protection Act of 1994 ("DPPA").
We collect most of this personal information from sellers of accounts receivable or from you or your authorized representative by telephone or written communications. However, we may also collect information:
- How Your Personal Information is Collected
- From publicly accessible sources (e.g., property or other government records);
- From our service providers (e.g., call analytics, information source, skip-tracing, payment processing, mailing, and other vendors)
We regularly use or disclose personal information for one or more of the following business purposes:
- Why We Use or Disclose Your Personal Information
We will not collect additional categories of personal information or use the personal information we collected for materially different purposes without providing you notice. We regularly disclose (and have disclosed in the past 12 months) several types of personal information about individuals for one or more business purposes, including: name, DOB, address, gender, account number, previous payment and other financial information, email address, insurance information, SSN, employment information, telephone number, IP address, military or veteran status, audio information, username, and information collected or shared pursuant to HIPAA, FIPA, GLBA, FCRA, DPPA, and/or other applicable privacy laws. We have not sold your personal information over the last 12 months and will not sell your personal information under the CCPA.
- Fulfill the reason you provided the information. For example, if you share your personal information to make a payment, we will use that information to process your payment.
- Perform services on behalf of a business or service provider, including maintaining or servicing accounts, providing customer service, processing transactions, verifying customer information, processing payments, providing analytic services, or providing similar services on behalf of the business or service provider
- Provide you with information or services that you request from us
- Auditing related to consumer interactions
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
- Debugging to identify and repair errors that impair existing intended functionality
- Short-term, transient use, where the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer's experience outside the current interaction
- Undertaking activities to verify or maintain the quality of a service or device that is owned, made by or for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, made by or for, or controlled by us
- Respond to law enforcement requests and as required by applicable law or court order
- As appropriate to protect the rights, property, or safety of us, our clients, or others
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
Upon verification of identity, California residents may in some cases request that a business:
- Verifiable Consumer Requests for Information
A business may charge a different price or rate, or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to you by your personal information. For applicable personal information access and portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
- Disclose the categories of personal information the business collected about the consumer;
- Disclose the categories of sources from which the personal information is collected
- Disclose the categories of personal information that the business sold about the consumer;
- Disclose the categories of personal information that the business disclosed about the consumer for a business purpose;
- Disclose the categories of third parties with whom the business shares personal information
- Disclose specific pieces of personal information the business has collected about the consumer
- Disclose any financial incentives offered by the business for collection, sale, or deletion of personal information
We may deny your information request if we are acting in the role of a service provider to another business regarding the applicable personal information. If we deny your request on that basis, we will generally refer you to the relevant business.
Please note that we are not required to:
- Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
- Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information;
- Provide the requested information disclosure to you more than twice in a 12-month period.
- Provide the requested information disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person's behalf; or
- Provide the requested information disclosure if a CCPA or applicable exception applies.
Upon verification of identity, California residents may in some cases request that we delete personal information about you that we collected from you and retained, subject to certain exceptions. We may deny your deletion request if we are acting in the role of a service provider to another business regarding the applicable personal information. If we deny your request on that basis, we will generally refer you to the relevant business. In addition, we may deny your deletion request if retaining the information is necessary for us or our service providers/contractors to:
- Right to Request Deletion of Personal Information
California residents may obtain more information about verifiable requests pursuant to the CCPA by contacting us via webform at https://dnasllc.com/contact-us/, or 1-877-314-4308.
- Complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
- Comply with a legal obligation.
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information; or
- If another CCPA or applicable exception applies.
If you choose to contact us directly via the designated methods described above to exercise your CCPA rights, you will need to:
- Verifying Your Identity If You Submit CCPA Requests
We are not obligated to make an information disclosure or carry out a deletion request pursuant to the CCPA if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person's behalf. Any personal information we collect from you in order to verify your identity in connection with your CCPA request will be used solely for the purposes of verification.
- Provide enough information to reasonably identify you [(e.g., your full name, account number if applicable, and potentially other identifying information]; and
- Describe your request with sufficient detail to allow us to properly process and respond to your request.
Last modified: 9/27/2021