- Visitor. You may simply just visit our Website and browse information, or possibly sign up for a newsletter or otherwise request communications from CentralReach.
- Consumer. You may have the opportunity to purchases goods or services from CentralReach.
- Customer. Through this Website, you may also have access to our Products and Services as an employee of one of our customers. As such, you may be granted an ID and password to access secure portals on our Website.
Furthermore, as a Consumer or Customer, your use of the Website and our processing of your information may also be subject to a terms of sale, written contract with your employer, or other agreement specific to the nature of any transaction in which you are participating.”
EU-U.S. Data Privacy Framework with UK Extension, and Swiss-U.S. Data Privacy Framework
CentralReach is responsible for the processing of personal data it receives, under each Data Privacy Framework, and subsequently transfers to a third party acting as an agent on its behalf. CentralReach complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU, the UK and Switzerland, including the onward transfer liability provisions.
The Federal Trade Commission has jurisdiction over CentralReach’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, CentralReach may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, CentralReach commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you.
Under certain conditions, more fully described on the Data Privacy Framework website at https://www.dataprivacyframework.gov/s/article/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization-s-Compliance-with-the-DPF-Principles-dpf, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
What We Collect and How We Collect It
To ensure that we provide you with the best possible experience, we will store, use, and share personal information about you in accordance with this Policy. Personal information is information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user, household or device (“Personal Information”). In particular, the Website may collect the following categories of Personal Information from users of the Website:
|A real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name.
|Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
|A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
|Protected classification characteristics.
|Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
|Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
|Sensitive Personal Information.
|Precise geolocation, Social Security number, driver’s license, state identification card, passport number, account log-in, financial account, debit card, credit card number with security, or access code or password, racial or ethnic origin, religious/philosophical beliefs, or union membership, contents of mail, email, and text messages, genetic data and processing of biometric information, health and sexual orientation.
|Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
|Internet or other similar network activity.
|Browsing history, search history, information on a consumer's interaction with CentralReach’s website, application, or advertisement.
|Physical location or movements.
|Audio, electronic, visual, thermal, olfactory, or similar information.
|Professional or employment-related information.
|Current or past job history or performance evaluations.
|Non-public education information.
|Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
|Inferences drawn from other Personal Information.
|Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We obtain the categories of Personal Information listed above from the following categories of sources:
- Directly from you. For example, when you:
- register yourself with the Website;
- subscribe to one of our e-newsletters;
- review or comment on one of our products;
- submit a job application; or
- communicate with us, such as request information.
- Indirectly from you. For example, through information we collect from you in the course of providing our services to you.
- Directly and indirectly from activity on our Website. For example, from Website usage details that are collected automatically. For more information on automatic information collection, please review the “Information We Collect Automatically” section below.
The information that you provide in each case will vary. In some cases, you may be able to provide Personal Information via email or free text boxes, such as contacting the Company to request further information. When providing your Personal Information, please provide only relevant information and do not provide unnecessary sensitive information, such as Social Security numbers, credit card information or other sensitive personal data, unless required for our services.
Additionally, we may ask you to create a username and password that should only be known to you. When you provide this information to us, you are no longer anonymous. Moreover, we may receive information about you from other sources and add it to the information you have provided to us.
Information We Collect Automatically
While you visit or use our Websites, certain information, including Personal Information, is collected about your use of the Website, as follows:
Device and Usage Information: Information about your hardware and software, IP address, browser type and version, operating system, browsing history and page views, length of visit, referral/exiting sources, device identifiers such as Apple IDFA or Google Advertising ID, cookie identifiers, other pseudonymous identifiers, and information about the timing, frequency, and patterns of your usage.
Location Information: We may collect information about your actual or non-precise physical location when you voluntarily tell us, or when you provide this information via sharing your device's IP address or mobile device's GPS, Wi-Fi, or cellular signal information. You may control, enable or disable the use of location-based services from within your device's settings or mobile application's permissions.
Server log files: We automatically gather server log file information when you visit our websites. This includes IP address, browser type, referring and exit web pages, and your operating system.
HIPAA. This Website is not intended for the processing of Protected Health Information (“PHI”) as required under the Health Insurance Portability and Accountability Act (“HIPAA”). When using the CentralReach Website, you agree you will never provide CentralReach with PHI nor will CentralReach provide you with PHI through the Website.
What is the information used for?
This collected information is used to:
- Personalize your experience on the Website
- Send you requested Central Reach product or service information
- Send product updates via email
- Improve customer service
- Administer your account
- Respond to your questions and concerns
- Administer contest, promotion, survey or other Website features
We collect and use Personal Information solely with the objective of fulfilling those purposes specified above and for other compatible purposes, unless we obtain your consent or as required by law.
Do we disclose your information?
Third Party Service Providers/Vendors: We share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized under contract to use your Personal Information only as necessary to provide these services to us, pursuant to written instructions. In such cases, these companies must abide by our data privacy and security requirements, and are not allowed to use personally identifiable information they receive from us for any other purpose. Representative business processes that our service providers/vendors assist us with may include:
- Promotional, marketing and sales efforts
- Network or cybersecurity monitoring and intrusion detection
- Web or application development/management
- Providing customer service
- Sending marketing communications
- Displaying tailored content through personalized advertising
- Technical administration, such as hosting, managing and maintaining our Websites, services, applications, networks etc.
- Analytics, so that we may better understand how our Website is being used in order to optimize resources
Legal Compliance: In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your Personal Information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
Corporate Transactions: If CentralReach is involved in a merger, acquisition, dissolution, sale of all or a portion of its assets, or other fundamental corporate transaction, we reserve the right to sell or transfer your information as part of the transaction.
How long do we keep your information?
How can I opt in/out of emails?
You may choose to stop receiving our newsletters or marketing emails by following the unsubscribe instructions included in the emails or you can contact us toll-free at 1-800-939-5414.
CentralReach will offer you the opportunity to choose (opt-out) if we intend to use your Personal Information for a purpose other than the purpose for which it was originally collected by us or subsequently authorized by you. CentralReach will provide you with reasonable mechanisms to exercise your choices in such circumstance.
How can I control my Personal Information?
CentralReach respects your control over your information and, upon request, we will confirm whether we hold or are processing information that we have collected from you. You also have the right to amend or update inaccurate or incomplete Personal Information, request deletion of your Personal Information, or request that we no longer use it. Under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event we will respond to your request within a reasonable timeframe and provide you an explanation. In order to make such a request of us, please email us at firstname.lastname@example.org.
Do we use web cookies, beacons, and widgets?
We may also use tracking technologies to collect information and infer your interests for interest-based advertising purposes. If you would prefer to not receive personalized ads based on your browser or device usage, you may generally express your opt-out preference to no longer receive tailored advertisements. Please note that you will continue to see advertisements, but they will no longer be tailored to your interests.
To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
- Digital Advertising Alliance (DAA)’s self-regulatory opt-out page (http://optout.aboutads.info/) and mobile application-based "AppChoices" download page (https://youradchoices.com/appchoices)
- European Interactive Digital Advertising Alliance (EDAA)'s consumer opt-out page (http://youronlinechoices.eu)
- Network Advertising Initiative (NAI)’s self-regulatory opt-out page (http://optout.networkadvertising.org/)
Our Web pages contain electronic images known as Web Beacons (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our Website is used and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our customer communications and marketing campaigns.
Do we post customer testimonials?
We post customer testimonials, comments, and reviews on our Website which may contain personally identifiable information. We do obtain the customer’s consent via email prior to posting the testimonial to post their name along with their testimonial. To request removal of your Personal Information from Testimonials or comments please contact us at email@example.com.
Do we link to other websites?
To facilitate our operations, we may transfer, store and process your Personal Information in jurisdictions other than where you live, including in the United States. Laws in these countries may differ from the laws applicable to your country of residence. For instance, if you are a European Economic Area (EEA) data subject and your Personal Information is shared with our affiliates, partners, or third-party service providers acting on our behalf outside of the EEA, then it is done so pursuant to necessary means to ensure an adequate level of protection.
Your Rights Under State Law
Pursuant to California Civil Code Section § 1798.83, we will not disclose or share your Personal Information with third parties for the purposes of third-party marketing to you without your prior consent.
WE DO NOT SELL OR SHARE YOUR PERSONAL INFORMATION. If we ever decide to “sell” or “share” Personal Information, as those terms are defined under the California Consumer Privacy Act of 2018, we will update you via this Policy and include a link entitled “Do Not Sell or Share My Personal Information,” to provide you with an opportunity to opt out of the selling or sharing of your Personal Information.
Your Consumer Rights
Some state laws in the United States provide consumers with additional rights with respect to their Personal Information (also known as “personal data”), as those terms are defined under those applicable state laws. Such state laws may include, but are not limited to, the California Consumer Privacy Act of 2018 (the “CCPA”) as amended by the California Privacy Rights Act, the Colorado Privacy Act (“CPA”) and the Virginia Consumer Data Protection Act (“VCDPA”). Any Personal Information we collect is collected for the commercial purpose of effectively providing our services to you, as well as enabling you to learn more about, and benefit from, our services. If you reside in a state that provides additional rights with respect to your Personal Information, you may exercise each of your rights as identified below, subject to our verification of your identity. In the event you use a third party agent to make any such request of Central Reach under this section, we may require additional confirmation of your authorization of such a request before processing your request.
Access: You may email us at firstname.lastname@example.org to request a copy of the Personal Information our Website databases currently contain.
Deletion. If you should wish to cease use of our Website and have your Personal Information deleted from our Website, then you may submit a request by emailing us at email@example.com. Upon receipt of such a request for deletion, we will confirm receipt and will confirm once your Personal Information has been deleted. Where applicable, we will ensure such changes are shared with trusted third parties.
Non-Discrimination. If a data subject exercises his or her rights under applicable state law, including but not limited to the CCPA, CPA, and VCDPA, we shall not discriminate against that data subject by denying our goods or services, charging different prices or rates to similarly situated consumers, providing a different level or quality of our goods or services, or taking any other adverse action.
Exercising your rights. If you are a data subject that has rights under applicable state law, including but not limited to the CCPA, CPA, and VCDPA, who chooses to exercise the rights listed above, you can:
- Submit a request via email at firstname.lastname@example.org; or
- Call us at 1-800-939-5414 to submit your request.
Only you, or someone legally authorized to act on your behalf, may make a request related to your Personal Information. If an authorized agent makes a request on your behalf, we may require proof that you gave the agent permission to submit the request.
Responding to Your Request. Upon receiving your request, we will confirm receipt of your request by sending you an email confirming receipt. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the Personal Information. In some instances, such as a request to delete Personal Information, we may first separately confirm that you would like for us to in fact delete your Personal Information before acting on your request.
We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing.
In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
How do we secure your information?
We use reasonable technical, administrative, and physical safeguards in order to protect your Personal Information against accidental loss and from unauthorized access, use, alteration, and disclosure. However, we can never promise 100% security. You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password. If you believe your credentials have been compromised, please change your password. Please also notify us of any actual or suspected unauthorized use. To report a security violation, please promptly call us at 1-800-939-5414 or email us at email@example.com.
For Website Users or Visitors Outside of the United States
For Website Users or Visitors in the European Union (“EU”)
Any personal data we collect from you is processed in the legitimate interest of our business and providing our services to you as the lawful means of such processing. You may always withdraw your consent to our use of your personal data as described below. We will only retain your personal data for the time necessary to provide you the information and services to which you have consented, to comply with the law and in accordance with your rights below.
The Data Controller is:
NAME: CentralReach, LLC
ADDRESS: 101 Crawfords Corner Road, Suite 2201, Holmdel, New Jersey, 07733
EMAIL ADDRESS: firstname.lastname@example.org
You can exercise any of the following rights, subject to verification of your identity, by notifying us as described below:
- Access. You may email us at email@example.com to request a copy of the personal data our Website databases currently contain.
- Automated Processing and Decision-Making. You may email us at firstname.lastname@example.org to request that we stop using your personal data for automated processing, such as profiling. In your email, please explain how you wish us to restrict automated processing of your personal data. When such restrictions are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this Policy, to include withdrawing your consent to the processing of your personal data.
- Correction or Rectification. You can correct what personal data our Website database currently contains by accessing your account directly, or by emailing us at email@example.com to request that we correct or rectify any personal data that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause information to be incorrect. Where applicable, we will ensure such changes are shared with trusted third parties.
- Restrict Processing. When applicable, you may restrict the processing of your personal data by submitting a request via email to firstname.lastname@example.org. In your email, please explain how you wish us to restrict processing of your personal data. When such restrictions are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this Policy, to include withdrawing your consent to the processing of your personal data. Where applicable, we will ensure such changes are shared with trusted third parties.
- Withdraw Consent. At any time, you may withdraw your consent to our processing of your personal data through this Website by notifying us via email at email@example.com. Using the same email address associated with your Website account, simply type the words “WITHDRAW CONSENT” in the subject line of your email. Upon receipt of such a withdrawal of consent, we will confirm receipt and proceed to stop processing your personal data. Where applicable, we will ensure such changes are shared with trusted third parties.
- Erasure. If you should wish to cease use of our Website and have your personal data deleted from our Website, then you may submit a request by emailing us at firstname.lastname@example.org. Upon receipt of such a request for erasure, we will confirm receipt and will confirm once your personal data has been deleted. Where applicable, we will ensure such changes are shared with trusted third parties.
Submit Complaints or Questions. If you wish to raise a complaint on how we have handled your personal data, you can contact us as described below. If you reside in a European Union member state, you may also lodge a complaint with the supervisory authority in your country.
ATTN: Privacy Officer
101 Crawfords Corner Road, Suite 2201
Holmdel, New Jersey 07733
Last Revised: October 10, 2023