Effective Date: March 4, 2020
Privacy Shield Participation
CentralReach participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce's Privacy Shield List at https://www.privacyshield.gov.
CentralReach is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. CentralReach complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, CentralReach is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
What information do we collect?
Information You Voluntarily Provide Us
While you interact as a visitor or user of our website we may ask, or you may volunteer, certain personal information, including but not limited to the following:
- Email address
- Mailing address
- Phone number
Information We Collect Automatically
- While you visit or use our Websites, certain information, including personal information, is collected about your use of the Website, as follows:
- Device and Usage Information: Information about your hardware and software, IP address, browser type and version, operating system, browsing history and page views, length of visit, referral/exiting sources, device identifiers such as Apple IDFA or Google Advertising ID, cookie identifiers, other pseudonymous identifiers, and information about the timing, frequency, and patterns of your usage.
- Location Information: We may collect information about your actual or non-precise physical location when you voluntarily tell us, or when you provide this information via sharing your device's IP address or mobile device's GPS, Wi-Fi, or cellular signal information. You may control, enable or disable the use of location-based services from within your device's settings or mobile application's permissions.
- Server log files: We automatically gather server log file information when you visit our websites. This includes IP address, browser type, referring and exit web pages, and your operating system.
- When using the CentralReach Website, you will never provide CentralReach with Protected Health Information (PHI) as that term is defined under the Health Insurance Portability & Accountability Act ("HIPAA") nor will CentralReach provide you with PHI.
What is the information used for?
This collected information is used to:
- Personalize your experience on the Website
- Send you requested product or service information
- Send product updates via email
- Improve customer service
- Administer your account
- Respond to your questions and concerns
- Administer contest, promotion, survey or other Website features
We collect and use personal information solely with the objective of fulfilling those purposes specified above and for other compatible purposes, unless we obtain your consent or as required by law.
Do we disclose your information?
Third-Party Service Providers/Vendors: We share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized under contract to use your personal information only as necessary to provide these services to us, pursuant to written instructions. In such cases, these companies must abide by our data privacy and security requirements, and are not allowed to use personally identifiable information they receive from us for any other purpose. Representative business processes that our service providers/vendors assist us with may include:
- Promotional, marketing and sales efforts
- Network or cybersecurity monitoring and intrusion detection
- Web or application development/management
- Providing customer service
- Sending marketing communications
- Displaying tailored content through personalized advertising
- Technical administration, such as hosting, managing and maintaining our Websites, services, applications, networks etc.
- Analytics, so that we may better understand how our Website is being used in order to optimize resources
Legal Compliance: In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
Corporate Transactions: If CentralReach is involved in a merger, acquisition, dissolution, sale of all or a portion of its assets, or other fundamental corporate transaction, we reserve the right to sell or transfer your information as part of the transaction.
How long do we keep your information?
The period of time in which information we obtain from your use of our Websites is retained will depend on the manner in which the information has been collected (contact forms, session cookies, etc.). If you wish to request that we remove or no longer use information you provide through our Websites, please contact us at firstname.lastname@example.org. We will reserve the right to retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
How can I opt-in/out of emails?
You may choose to stop receiving our newsletters or marketing emails by following the unsubscribe instructions included in the emails or you can contact us toll-free at 1-800-939-5414.
CentralReach will offer you the opportunity to choose (opt-out) if we intend to use your personal information for a purpose other than the purpose for which it was originally collected by us or subsequently authorized by you. CentralReach will provide you with reasonable mechanisms to exercise your choices in such circumstance.
How can I control my personal information?
CentralReach respects your control over your information and, upon request, we will confirm whether we hold or are processing information that we have collected from you. You also have the right to amend or update inaccurate or incomplete personal information, request deletion of your personal information, or request that we no longer use it. Under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event we will respond to your request within a reasonable timeframe and provide you an explanation. In order to make such a request of us, please email us at email@example.com.
Do we use web cookies, beacons, and widgets?
We may also use tracking technologies to collect information and infer your interests for interest-based advertising purposes. If you would prefer to not receive personalized ads based on your browser or device usage, you may generally express your opt-out preference to no longer receive tailored advertisements. Please note that you will continue to see advertisements, but they will no longer be tailored to your interests.
To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
- Digital Advertising Alliance (DAA)'s self-regulatory opt-out page (https://optout.aboutads.info/) and mobile application-based "AppChoices" download page (https://youradchoices.com/appchoices)
- European Interactive Digital Advertising Alliance (EDAA)'s consumer opt-out page (http://youronlinechoices.eu)
- Network Advertising Initiative (NAI)'s self-regulatory opt-out page (http://optout.networkadvertising.org/)
Our Web pages contain electronic images known as Web Beacons (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our Website is used and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our customer communications and marketing campaigns.
Do we post customer testimonials?
We post customer testimonials, comments, and reviews on our Website which may contain personally identifiable information. We do obtain the customer's consent via email prior to posting the testimonial to post their name along with their testimonial. To request removal of your personal information from Testimonials or comments please contact us at firstname.lastname@example.org.
Do we link to other websites?
To facilitate our operations, we may transfer, store and process your personal information in jurisdictions other than where you live, including in the United States. Laws in these countries may differ from the laws applicable to your country of residence. For instance, if you are a European Economic Area (EEA) data subject and your personal information is shared with our affiliates, partners, or third-party service providers acting on our behalf outside of the EEA, then it is done so pursuant to necessary means to ensure an adequate level of protection.
What rights do I have if I am a California consumer?
Pursuant to California Civil Code Section § 1798.83, we will not disclose or share your personal information with third parties for the purposes of third-party marketing to you without your prior consent.
If you are a California consumer, as defined by the California Consumer Privacy Act of 2018, you may be afforded additional rights with respect to your "Personal Information" as that term is explicitly defined under California law. Any Personal Information we collect is collected for the commercial purpose of effectively providing our services to you, as well as enabling you to learn more about, and benefit from, our services. You may exercise each of your rights as identified below, subject to our verification of your identity. In the event you use a third party agent to make any such request of Central Reach under this section, we may require additional confirmation of your authorization of such a request before processing your request.
- Access: You may email us at email@example.com to request a copy of the Personal Information our Website databases currently contain.
- Deletion. If you should wish to cease use of our Website and have your Personal Information deleted from our Website, then you may submit a request by emailing us at firstname.lastname@example.org. Upon receipt of such a request for deletion, we will confirm receipt and will confirm once your Personal Information has been deleted. Where applicable, we will ensure such changes are shared with trusted third parties.
In addition, if a California resident exercises his or her rights under California law, including the CCPA, we shall not discriminate against that California resident by denying our goods or services, charging different prices or rates to similarly situated consumers, providing a different level or quality of our goods or services, or taking any other adverse action.
In accordance with and subject to then current requirements of the CCPA, requests from California residents relating to the type of data we collect or process, or requests to delete data will be responded to within 10 business days of our receipt of the request, and completion of requested action shall occur within 45 days (or within 90 days if we advise you that additional time is required due to reasonable restraints, limitations or conditions).
How do we secure your information?
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. To report a security violation, please promptly call us at 1-800-939-5414 or email us at email@example.com
ATTN: Privacy Officer
100 Matawan Road
Matawan, New Jersey 07747