Updated May 28, 2021
Understanding How Information Is Collected on Okay Review:
Information You May Choose to Provide to Us
We may collect information, including personal data, directly from you if you choose to provide that information. For example, you may provide us with your name and contact information (such as an email address), date of birth, or other details of that nature, when you sign up for our newsletters or participate in promotions or surveys on the Site.
You also may choose to provide personally data about yourself when you participate in forums or discussions on the Site. Please be aware that information you post may be viewed or captured by anyone who visits the Site, therefore you should avoid posting sensitive or personal data that you would not want to be available to the public.
Information That Is Automatically Collected When You Visit Okay Review
When you access the Site, we and our third-party partners may automatically collect certain information about your visit using tools such as cookies, web beacons, and other similar technologies. The information collected automatically when you visit the Site may include your IP address, characteristics of your operating system, information about your browser and system settings, data about the computer or mobile device you use to access the Site, unique device identifiers, clickstream data (which shows the page-by-page path you take as you browse the Site). We or our third-party partners may combine information that each of us collects automatically with other information about you, including information you choose to provide.
To manage our automatic data collection, we may place tags (often referred to as “web beacons”) on pages on the Site or in emails we send to you. Web beacons are small files that link web pages to particular web servers and their cookies, and they may be used for a variety of purposes, such as counting the number of visitors to the Site, analyzing how users navigate around the Site, assessing how many emails that we send are actually opened and which articles or links are viewed by visitors.
We also use third-party web analytics services, such as Google Analytics, on the Site, to provide us with statistics and other information about visitors to the Site.
“Do Not Track” Signals. Your browser settings may allow you to automatically transmit a “do not track” signal to websites and online services you visit. At this time there is no consensus among industry participants as to the meaning of “do not track” in this context. Like many other websites, TheSpruce.com is not configured to respond to “do not track” signals from browsers. Click here to learn more about “do not track” signals.
Finally, companies that provide certain third-party apps, tools, widgets, and plug-ins that may appear on the Site (for example, Facebook “Like” buttons), also may use automated means to collect information regarding your interactions with these features. This information collection is subject to the privacy policies or notices of those providers.
How We May Use Information We Collect
We may use the information gathered on Okay Review for various purposes, including the purposes listed below. For example, if you were to contact us with a question and provide your email address, we would use the email address you provided to respond to your inquiry. In addition, we use information we collect from you and through the Site to:
- Provide products and services you request (such as when you sign up to receive our email newsletters);
- Respond to requests, questions, and comments, and provide other types of user support;
- Offer you products and services via marketing communications, or direct you to portions of this Site or other websites, that we believe may interest you;
- To serve advertising, content and offers to you based on your interests and online activities, from us or third parties;
- Communicate about, and administer your participation in, events, programs, contests, and other offers or promotions;
- Carry out, evaluate, and improve our business (which may include developing new features for the Site; analyzing and enhancing the user experience on the Site; assessing the effectiveness of our marketing and advertising; and managing our communications);
- Perform data analytics regarding usage of the Site (including market and customer research, trend analysis, and financial analysis);
- Guard against, identify, and prevent fraud and other criminal activity, claims, and other liabilities; and
- Comply with applicable legal requirements, law enforcement requests, and our company policies.
How We May Share Information
Our agents, vendors, consultants, and other service providers may have access to information we collect through the Site to carry out work on our behalf. Those parties are subject to confidentiality obligations and are restricted from using personal data collected through the Site for purposes other than to provide the requested assistance. In addition, we may share information:
- With our affiliates for internal business purposes;
- If we are required to do so by law, regulation, or legal process (such as a court order or subpoena);
- In response to requests from government agencies, such as law enforcement authorities, including to meet national security requirements;
- If we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity;
- With respect to analytics and statistical information, to inform advertisers about the nature of our user base;
- In the event we sell or transfer all or a portion of our business or assets (including a reorganization, dissolution, or liquidation) In such an event, we will seek to provide you with commercially reasonable notice, e.g., via email and/or notice on our website, of any change in ownership, incompatible new uses of your personal information, and choices you may have regarding your personal information; and
- With your consent or at your discretion.
Data Retention and Access
Unsubscribe from emails. To unsubscribe from a particular newsletter, click the “unsubscribe” link at the bottom of that email newsletter. If you would like to globally opt-out from ALL Okay Review email campaigns, please send an email to [email protected] with “Unsubscribe” in the subject line. When we send newsletters to subscribers we may allow advertisers or partners to include messages in those newsletters, or we may send dedicated newsletters on behalf of those advertisers or partners. We may disclose your opt-out choices to third parties so that they can honor your preferences in accordance with applicable laws.
Disabling local shared objects. We may use other kinds of local storage that function similarly, but are stored in different parts of your computer from ordinary browser cookies. Your browser may allow you to disable its HTML5 local storage or delete information contained in its HTML5 local storage. Click here for details about deleting information contained in “local shared objects” or adjusting related preferences.
How We Protect Personal Data.
We maintain appropriate administrative, technical, and physical safeguards designed to protect the personal data you provide against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. That said, it is not possible to guarantee the security of information transmitted online, and you assume some risk with regard to the security of information you provide through any website, including this Site. If you have a data security inquiry, you may contact us by emailing [email protected] To request an invite to our bug bounty program to submit reports on vulnerabilities found on OkayReview.com, you may contact us by emailing [email protected]
Links From Okay Review to Other Websites
On this Site, we may provide links to other websites that are controlled by third parties. Linked websites may have their own privacy notices or policies, which we strongly suggest you review. We are not responsible for the content, usage terms, privacy policies, or any other aspects of websites that we do not own or control.
Surveys and Quizzes
This Site is not designed or intended for use by children, and we do not knowingly collect personal data from children under the age of 16. If we become aware that we have collected personal data from a child under the age of 16, we will delete any such information.
Information for Users Outside the United States
Your personal data may be stored, transferred and process in and to the United States and in other countries by our affiliates and/or service providers. The data protection laws in these countries may provide a lower standard of protection for your personal data than your country of residence. We take great care in protecting your personal data and have put in place adequate mechanisms to protect it when it is transferred internationally. We will transfer your personal data in compliance with applicable data protection laws and will implement suitable safeguards to ensure that your personal data is adequately secured by any third party that will access your information (for instance, by using the Model Clauses as approved by the European Commission).
If you have questions or wish to obtain more information about the international transfer of your personal data or the implemented safeguards, please send us an email to [email protected].
How to Contact Us
If you have questions about this policy or about our privacy practices, you may contact us by emailing [email protected].
If you are a California resident inquiring about your California privacy rights, please include “California privacy rights request” in the subject line of your email. If you are a resident of the European Economic Area inquiring about your rights under the General Data Protection Regulation (“GDPR”), please include “GDPR privacy rights request” in the subject line of your email.
JURISDICTION SPECIFIC PROVISIONS
California Privacy Notice
This California Consumer Act Privacy Notice (“CCPA Notice”) applies to “Consumers” as defined by the California Consumer Privacy Act (“CCPA”). For the purpose of this CCPA Notice, personal information applies to “Personal Information” as defined by the CCPA (also referred to herein as “PI”).
We collect and share the following categories of PI from the corresponding sources and for the corresponding purposes set forth in the table below.
|Category of Personal Information||Sources of Personal Information||Purposes for Collection||Categories of Third Parties with whom Personal Information is Shared||Purposes of Third Parties Receiving PI|
|1. Identifiers and Personal Records|
(e.g., email address, name, address, IP address, credit card number)
|Directly from you; your devices; Vendors||Performing Services;|
Processing and managing interactions and transactions;
Quality Assurance; security; debugging; marketing
|Vendors which assist us in providing services and running our internal business operations (“Vendors”); Data Analytics Partners; Corporate affiliates||Performing Services on our behalf;
Processing and managing interactions and transactions; performing services;
Quality Assurance; security; debugging
|2. Customer Acct. Details/Commercial Information|
(e.g., details of your use of our service)
|You; your devices; Vendors||Performing Services;|
Research and development; quality assurance; security; debugging; and marketing
|Data Analytics Partners; Vendors; Corporate affiliates||Performing Services on our behalf; research and development; quality assurance; security; and debugging|
|3. Internet Usage Information (e.g., information regarding your interaction with our services)||You; your devices; Data Analytics Partners; Vendors||Research and development; quality assurance; security; and debugging||Partners; Vendors; Corporate affiliates||Performing Services on our behalf; Research and development; quality assurance; security; and debugging|
|4. Inferences (e.g., your preferences, likelihood of interest in certain of our services)||Data Analytics Partners; Vendors; Advertising Networks||Research and development; quality assurance; and marketing||Data Analytics Partners; Vendors; Advertising Networks; Corporate affiliates||Performing Services on our behalf; research and development; quality assurance; marketing|
Some browsers have signals that may be characterized as do not track signals, but we do not understand them to operate in that manner or to indicate a do not sell expression by you, so we currently do not recognize these as a do not sell request. We understand that various parties are developing do not sell signals and we may recognize certain such signals if we conclude such a program is appropriate. California Consumers have the right to exercise the privacy rights under the CCPA.
California Consumers may exercise these rights via an authorized agent who meets the agency requirements of the CCPA. Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”). We will not fulfill your CCPA request unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we collected PI. In order to verify your identity, we will send you an email to the email address that you provide to us, and you must take action as described in our email. This will enable us to verify that the person who made the request controls and has access to the email address associated with the request. We will check our systems for the email address that you provide, and any information associated with such email address. If you provide us with an email address that has not been used to interact with us, then we will not be able to verify your identity. In other words, the only reasonable method by which we may verify the identity of individuals is if we have an email address on file that was provided to us in relation to our services. We will be unable to fulfill your request if we cannot verify your identity.
Some personal information we maintain about Consumers is not sufficiently associated with enough personal information about the Consumer for us to be able to verify that it is a particular Consumer’s personal information (e.g., clickstream data tied only to a pseudonymous browser ID). As required by the CCPA, we do not include that personal information in response to Verifiable Consumer Requests. If we cannot comply with a request, we will explain the reasons in our response.
We will make commercially reasonable efforts to identify Consumer PI that we collect, process, store, disclose, and otherwise use and to respond to your California Consumer privacy rights requests. We will typically not charge a fee to fully respond to your requests, but we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome.
In order to verify your identity, we will send you an email to the email address that you provide to us, and you must take action as described in our email. This will enable us to verify that the person who made the request controls and has access to the email address associated with the request. We will check our systems for the email address that you provide, and any information associated with such email address. If you provide us with an email address that has not been used to interact with us, then we will not be able to verify your identity. In other words, the only reasonable method by which we may verify the identity of individuals is if we have an email address on file that was provided to us in relation to our services. We will be unable to fulfill your request if we cannot verify your identity.
For your specific pieces of information, as required by the CCPA, we will apply heightened verification standards, which may include a request to provide further information.
You have the right to send us a request, no more than twice in a twelve-month period, for any of the following for the period that is twelve months prior to the request date:
- The categories of PI we have collected about you.
- The categories of sources from which we collected your PI.
- The business or commercial purposes for our collecting or selling your PI.
- The categories of third parties to whom we have shared your PI.
- The specific pieces of PI we have collected about you.
- A list of the categories of PI disclosed for a business purpose in the prior 12 months, or that no disclosure occurred.
- A list of the categories of PI sold about you in the prior 12 months, or that no sale occurred. If we sold your PI, we will explain:
- The categories of your PI we have sold.
- The categories of third parties to which we sold PI, by categories of PI sold for each third party.
You have the right to make or obtain a transportable copy, no more than twice in a twelve-month period, of your PI that we have collected in the period that is 12 months prior to the request date and are maintaining.
Please note that PI is retained by us for various time periods, so we may not be able to fully respond to what might be relevant going back 12 months prior to the request.
Except to the extent we have a basis for retention under CCPA, you may request that we delete your PI that we have collected directly from you and are maintaining. Note also that we are not required to delete your PI that we did not collect directly from you.
You may alternatively exercise more limited control of your PI by instead exercising one of the following more limited opt-outs, including unsubscribing from email newsletters.
We will not discriminate against you in a manner prohibited by the CCPA because you exercise your CCPA rights. However, we may charge a different price or rate, or offer a different level or quality of good or service, to the extent that doing so is reasonably related to the value of the applicable data. In addition, we may offer you financial incentives for the collection, sale and retention and use of your PI as permitted by the CCPA that can, without limitation, result in reasonably different prices, rates, or quality levels. The material aspects of any financial incentive will be explained and described in its program terms. Please note that participating in incentive programs is entirely optional, you will have to affirmatively opt-in to the program and you can opt-out of each program (i.e., terminate participation and forgo the ongoing incentives) prospectively by following the instructions in the applicable program description and terms. We may add or change incentive programs and/or their terms by posting notice on the program descriptions and terms linked to above so check them regularly.