Privacy Policy

Revised and effective June 1, 2024

EZDERM, LLC (“EZDERM”, “we”, “us”, “our”) takes your privacy seriously and we know you do too. This Privacy Policy (“Policy”) describes how we collect, process, and share Personal Information, your rights and choices, and other important information about how we handle your Personal Information.   

SCOPE OF THIS POLICY

This Policy applies to your use of our “Services” which include the following:

  • Our website, https://ezderm.com/, and any other websites or services where we link to/post this Policy (including any subdomains or mobile versions, the “Site(s)”); 
  • Our mobile applications (“Mobile Apps”); and
  • Our web portals and related software and applications used by Clients and their authorized users accessing our Client Services (our “Portal”). 

Please note: We operate our services (e.g. electronic health records, practice management systems, revenue cycle management and patient portal) (“Client Services”) on behalf of third parties that have entered into a services agreement with us to provide our Services (our “Clients”). These Client Services are not subject to this Policy. 

Similarly, when Clients and their authorized users input and provide to us Personal Information for processing in connection with our Client Services, that information is subject to the Client’s privacy policy or notice of privacy practices, and not this Policy. We process any Protected Health Information or other health data only on behalf of our Clients, and our processing of such information is not subject to this Policy,

We may also link to third party sites, services, or applications (e.g. payment processor). This Policy reflects only how we process Personal Information through our Services. This Policy does not apply to information processed by or on behalf of our Clients or any other third party. We neither can control nor are responsible for the privacy practices or content of websites or apps operated by any third party.

HOW TO CONTACT US/CONTROLLER

The controller of your Personal Information under this Policy is EZDERM, LLC. You may contact our data privacy team by visiting our Contact Us page, emailing privacy@ezderm.com, or via mail sent to the address below.

Physical Address:   
EZDERM, LLC
4850 Tamiami Trail N
Suite. 301
Naples, FL 34103

CATEGORIES AND SOURCES OF PERSONAL INFORMATION

The following describes how we process data relating to identified or identifiable individuals and households (“Personal Information”).

Categories of Personal Information We Process

The categories of Personal Information we process may include:

Audio/Visual Data – Recordings and images collected from audio files and records, such as voicemails, call recordings and the like.

Biographical Data – Data relating to professional and employment history, qualifications, and similar biographic information.

Contact Data – Identity Data we can use to contact you, such as email and physical addresses, phone numbers, company name or name of academic institution, social media or communications platform usernames/handles.

Device / Network Data – Browsing history, search history, and information regarding your interaction with a website, application, or advertisement (e.g. IP Address, MAC Address, SSIDs, application ID/AdID/IDFA, session navigation history and similar browsing metadata, and other data generated through applications and browsers, including cookies and similar technologies or other device identifiers or persistent identifiers), online user ID, device characteristics (such as browser/OS version), web server logs, application logs, first party cookies, third party cookies, web beacons, clear gifs and pixel tags.

General Location Data – Non-precise location data, e.g. location information derived from IP address, or social media tags/posts.

Identity Data – Information such as your name; address; email address; telephone number; gender; date of birth, age and/or age range; account login details, e.g. username and password, user profile photo/avatar, or other account handles/usernames.

Inference Data – Personal Information generated reflecting your preferences, characteristics, predispositions, behavior, demographics, household characteristics, market segments, likes, favorites and other data or analytics.

Payment Data  –  Data that includes financial account log‐in information, or financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to such financial account, and other similar information such as bank account details, payment card information, protected under applicable law.

Transaction Data – Information about transactions you make with us through our website, such as a paid subscription, and similar information.

User Content – Unstructured/free-form data that may include any category of Personal Information, e.g. data that you give us in free text fields such as through our Client chat service.

Sources of Personal Information We Process

We collect Personal Information from various sources, which include:

Data you provide us – We receive Personal Information when you provide them to us, when you purchase our Portal or services, complete a transaction via our Services, or when you otherwise use our Services.

Data we collect automatically – We collect Personal Information about or generated by any device used to access our Services.

Service Providers – We receive Personal Information from third party service providers who collect Personal Information when performing services on our behalf. Our service providers generally include:

  • IT service providers: third parties that provide us with technology or IT services, such as networking, cloud services, software applications, and the like.
  • Marketing services: third parties that engage in marketing on our behalf, e.g. marketing agencies.
  • Payment processors: third parties that process payments for Portal and services purchased through our Services.

Advertisers – We receive Personal Information from ad networks, and Targeted Advertising vendors when we engage in Targeted Advertising.

Data we create or infer – We, certain partners, social media companies, and third parties operating on our behalf, create and infer Personal Information such as Inference Data or Aggregate Data based on our observations or analysis of other Personal Information processed under this Policy, and we may correlate this data with other data we process about you. 

DATA PROCESSING CONTEXTS / NOTICE AT COLLECTION

Our Sites

Generally

We process Device/Network Data, Contact Data, Identity Data, General Location Data, and Inference Data when you visit our Site. You may also be able to request a demo, register for an account, or enroll in Marketing Communications through our Site. We use this Personal Information as necessary to operate our Sites, such as keeping you logged in, delivering pages, etc. We also use that data for our Business Purposes and other legitimate interests, such as ensuring the security of our Site and connected technology systems, to analyze the use of our Sites (e.g. navigation patterns, clicks, etc.) to help understand and make improvements to the Sites. We may also process this Personal Information for our Commercial Purposes, as described further below. 

Cookies and other tracking technologies

We process Identity Data, Device/Network Data, Contact Data, Inference Data, General Location Data, and other non-Personal Information in connection with our use of cookies and similar technologies on our Sites. We may collect this data automatically, subject to your consent as described further below. 

We and authorized third parties may use cookies and similar technologies for the following purposes, subject to your consent where required, as described below:

  • We automatically collect data using cookies and similar technologies for “essential” purposes necessary for our Services to operate (such as maintaining user sessions, CDNs, and the like). This processing is mandatory. 
  • Additionally, with your consent or subject to your opt-out right (as applicable), we may collect data using cookies and similar technologies: 
    • for “functional” purposes, such as to enable certain features of our Sites (for example, to operate our Client chat services, to save your user preferences and language settings);
    • for “analytics” purposes or to improve our Sites, such as to analyze the traffic to and on our Services (for example, we can count how many people have looked at a specific page, or see how visitors move around the website when they use it, to distinguish unique visits/visitors to our Sites, and what website they visited prior to visiting our website, and use this information to understand user behaviors and improve the design and functionality of the website); and
    • for “retargeting,” Targeted Advertising, or other advertising and marketing purposes, including technologies that process Inference Data or other data so that we can deliver, buy, or target advertisements which are more likely to be of interest to you.

We may also process this Personal Information for our Business Purposes and Commercial Purposes

If you do not want information collected through the use of cookies, you may need to opt out of third-party services directly via the third party. For example, to opt-out of Google’s analytic and marketing services, visit Google Analytics Terms of Use, the Google Policy, or Google Analytics Opt-out. See your rights and choices  for more information regarding opt-out rights for cookies and similar technologies.

Third parties may view, edit, or set their own cookies or place web beacons on our websites. We, or third party providers, may be able to use these technologies to identify you across platforms, devices, sites, and services. Third parties may engage in Targeted Advertising using this data. Third parties engaged in Targeted Advertising are third party controllers and may have their own privacy policies and their processing is not subject to this Policy. 

Our Portal

Generally

We automatically collect and process Device/Network Data, General Location Data, and Inference Data when you access and use our Portal. We use this Personal Information as necessary to operate our Portal on your behalf, such as keeping you logged in, delivering content, for information security operations, and our other Business Purposes.

Account Registration

We process Identity Data, Inference Data, and Contact Data when you register and create an account for our Portal. We may process User Content if you provide it. Subject to your rights and choices under applicable law, we use this Personal Information to create and maintain your account, to provide the Portal and services you request, and for our Business Purposes

Mobile App

If you use the mobile app associated with our Portal, we may process Identity Data, Device/Network Data, Preference Data, and General Location Data.  We process this Personal Information to provide our mobile app, for our Business Purposes, and our other legitimate interests, such as to optimize the display and functionality of the Mobile App on your device, provide contextual information, and deliver the features and services you request.

Request a Demo

We process Identity Data, Inference Data, Contact Data, and User Content when you request a demo of one of our Portal. We process this Personal Information as necessary to learn more about your practice, to contact you, to schedule a demo, to provide an applicable demonstration, and for our Business Purposes. We may also process this Personal Information for our Commercial Purposes.

Complete a Transaction

We process Transaction Data, Identity Data, Payment Data, Inference Data, and Contact Data when you complete a purchase or sale transaction, or subscribe to our Platform. We do not permanently store your Payment Data, though you may be able to store Payment Data with our payment processor. We process this Personal Information as necessary to perform or initiate a transaction with you, process your order, payment, or refund, carry out fulfilment and delivery, document transactions, and for our Business Purposes

We may process Identity Data, Transaction Data, Contact Data, and Device/Network Data for Commercial Purposes. We do not sell or “share” or process Payment Data for Business Purposes not permitted under applicable law.

Third party businesses/controllers may receive your information. Third Party data controllers/businesses (such as payment processors) provide services related to your purchase through our Services. We may disclose Identity Data, Transaction Data, Contact Data, and Device/Network Data to those third parties to facilitate your purchase. You may also direct us to disclose this data to or interact with these third parties as part of your purchase (which does not involve a sale by EZDERM.) For more information, please review the “Disclosure/Sharing of Personal Information” section below.

Case Studies

We process Audio/Visual Data, Identity Data, Biographical Data, Contact Data, and User Content when you participate in a Product case study. We process this Personal Information to help you use and implement our Portal, to document your use cases, to tell your story, to market our Portal, and for our Business Purposes

Case Studies may be public, or reposted on our Site. Content you provide may be publicly available when you participate in a Case study that we post on our Site.

Marketing Communications

We process Device/Network Data, Contact Data, Identity Data, and Inference Data in connection with our newsletter, marketing emails, SMS marketing, or similar communications, and when you open or interact with those communications (“Marketing Communications”). 

You may receive Marketing Communications if you consent and, in some jurisdictions where permitted by law, as a result of account registration, purchase, or other inquiry or transaction that allows us to send marketing communications without consent. Marketing communications will include information such as offers, product recommendations, newsletters, feedback requests, and other information relating to our services or promotional material we believe will interest you.

We process this Personal Information to contact you about relevant Portal or services and for our Business Purposes.  We may also use Device/Network Data, Contact Data, Identity Data, and Inference Data for our Commercial Purposes.

You can withdraw your consent to receive Marketing Communications by clicking on the unsubscribe link in an email, or by contacting us at the address below. To opt-out of the collection of information relating to email opens, configure your email so that it does not load images in our emails. See your Rights & Choices for more information.

Contact Us; Support

We collect and process Identity Data, Contact Data, and User Content when you contact us, e.g. through our Client services chat or through email. If you call us via phone, we may collect Audio/Visual data from a call recording or voicemail.

We process this Personal Information to respond to your request, and communicate with you, as appropriate, and for our Business Purposes. If you consent or if permitted by law, we may use Identity Data and Contact Data to send you Marketing Communications and for other Commercial Purposes

Job Applications

We process Identity Data, Contact Data, Biographical Data, Inference Data, and User Content in connection with your application for a job or internship. We process this Personal Information as necessary to evaluate, establish, and maintain the employment relationship, and for our Business Purposes. We do not sell or share Personal Information processed in this context.  

PROCESSING PURPOSES

Business Purposes

We and our Service Providers generally process Personal Information for the following “Business Purposes,” depending on the context of collection, your rights and choices, and our legitimate interests.

Service Delivery

We process Personal Information as necessary to provide our Services and the Portal and services you purchase or request. For example, we process Personal Information to authenticate users and their rights to access the Services, as otherwise necessary to fulfill our contractual obligations to you, provide you with the information, features, and services you request, and create relevant documentation.

Internal Processing and Service Improvement

We may use any Personal Information we process through our Services as necessary in connection with our legitimate interests in improving the design of our Service, understanding how our Services are used or function, for Client service purposes, for internal research, technical or feature development, to track use of our Service, QA and debugging, audits, and similar purposes. 

Security and Incident Detection

We may process Personal Information in connection with our legitimate interest in ensuring that our Services are secure, identify and prevent crime, prevent fraud, and verify or authenticate users/individuals. Similarly, we process Personal Information on our Services as necessary to detect security incidents, protect against, and respond to malicious, deceptive, fraudulent, or illegal activity. We may analyze network traffic, device patterns, and characteristics, maintain and analyze logs and process similar Personal Information in connection with our information security activities.

Compliance and Public Interest

We may also process Personal Information as necessary to comply with our legal obligations, such as where you exercise your rights under data protection law, for the establishment and defense of legal claims, where we must comply with requests from government or law enforcement officials, and as may be required to meet national security or law enforcement requirements or prevent illegal activity. We may also process data to protect the vital interests of individuals, or on certain public interest grounds, each to the extent required or permitted under applicable law. Please see the “How We Share Personal Information” section for more information about how we disclose Personal Information in extraordinary circumstances.

Commercial Purposes

We and certain third parties process Personal Information to further our commercial or economic interests (“Commercial Purposes,”) depending on the context of collection and your rights and choices.

Marketing Communications

You may receive Marketing Communications if you consent and, in some jurisdictions where permitted by law, as a result of account registration, purchase, or other inquiry or transaction that allows us to send marketing communications without consent. Marketing communications will include information such as offers, product recommendations, newsletters, feedback requests, and other information relating to our services or promotional material we believe will interest you.

You can withdraw your consent to receive Marketing Communications by clicking on the unsubscribe link in an email, or by contacting us. To opt-out of the collection of information relating to email opens, configure your email so that it does not load images in our emails. See your Rights & Choices for more information.

Targeted Advertising

We may engage in Targeted Advertising on our Site (“Targeted Advertising”) to help market our services to interested parties who have visited our Site. This form of advertising involves various parties and services providers, including third party data controllers, engaged in the use of Personal Information to deliver and tailor ads you see. 

These parties may collect Personal Information such as unique IDs, IP addresses, device information, OS/browser type, and other similar data, as well as information about the ads you see and view, to develop and assess aspects of a profile about you to deliver more relevant advertisements and offers, to determine whether and how ads you see are effective, and to enable and assess advertisements you see from us on other sites. These third parties may augment your profile with demographic and other preferences data derived from these observations, and may also track whether you view, interact with, and how often you have seen an ad, or whether you complete a purchase for a good or service you were shown in an advertisement. These parties may be able to identify you across sites, devices, and over time. You can control how these third parties use your data, and the ads you see on these platforms, using the tools described in the rights and choices section below.

To learn about the specific providers we use for these services, please contact us at the address below.

DISCLOSURE/SHARING OF PERSONAL INFORMATION

We may share Personal Information with the following categories of third-party recipients and/or for the following reasons. Note, some parties may be third party controllers who process data subject to their own privacy policy. 

Affiliates – we will share your Personal Information with any of our current or future affiliated entities, subsidiaries, and parent companies in order to streamline certain business operations, and in support of our Business Purposes and Commercial Purposes.

Service Providers – We may share your Personal Information with service providers who provide certain services or process data on our behalf in connection with our general business operations, product/service fulfilment and improvements, to enable certain features, and in connection with our (or our Service Providers’) Business Purposes.

Third Party Payment Processor – We share your Personal Information, including Contact details, Financial information, and Cookies, with Stripe, Inc. (Privacy policy) when you complete a purchase or sale transaction. Stripe processes payments on our behalf in the EU and US.

Advertisers– We may share certain Personal Information with advertisers in support of our Business Purposes and Commercial Purposes. We may allow these third parties to operate on or through our Services.

Public Disclosure – If you participate in a Case Study, we may make your story available on our Services or to the general public. We may share, rebroadcast, or redisplay Personal Information or other information in the post or story available on our Site.

Successors– We may share Personal Information if we go through a business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, Personal Information may be part of the assets transferred, or may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction.

Lawful Recipients – In limited circumstances, we may, without notice or your consent, access and disclose your Personal Information, any communications sent or received by you, and any other information that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Use, in the vital interests of us or any person (such as where we reasonably believe the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual or to public health or safety) or in such other circumstances as may be required or permitted by law. These disclosures may be made to governments that do not ensure the same degree of protection of your Personal Information as your home jurisdiction. We may, in our sole discretion (but without any obligation), object to the disclosure of your Personal Information to such parties.

INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION 

We operate in and use service providers located in the United States. If you are located outside the U.S., your Personal Information may be processed in the U.S. The U.S. may not provide the same legal protections guaranteed to Personal Information in foreign countries. Contact us for more information regarding transfers of data to the U.S.

YOUR RIGHTS & CHOICES

Your Rights

Applicable law may grant you rights in your Personal Information. These rights vary based on your location, state/country of residence, and may be limited by or subject to our own rights in your Personal Information. You may submit requests to exercise rights you may have by contacting us

Note: We are able to fulfill rights requests regarding Personal Information that we control or process. We may not have access to or control over Personal Information controlled by third parties. Please contact the third party directly to exercise your rights in third party-controlled information. 

Verification of Rights Requests

We verify all rights requests to ensure that the individual making the request is authorized to make that request, to reduce fraud, and to ensure the security of your Personal Information. For example, we may require that you verify that you have access to the email on file in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.

Your Choices

You may have the following choices regarding the Personal Information we process, to the extent required under applicable law:

Consent

If we rely on your consent to our processing of Personal Information, you may withdraw your consent at any time. You may be required to close your account in order to withdraw consent where your consent is necessary to perform essential aspects of our Services. You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email (for email), by responding with “OPT-OUT”, “STOP”, or other supported unsubscribe message (for SMS), by adjusting the push message settings for our mobile apps using your device operating system (for push notifications), or for other communications, by contacting us using the information below. To opt-out of the collection of information relating to email opens, configure your email so that it does not load images in our emails.

Email Marketing

You have the choice to opt-out of or withdraw your consent to email marketing communications. You may exercise your choice via the links in our communications. 

Cookies & Similar Technology

If you do not want information collected through the use of cookies and similar technologies, you can manage/deny cookies and certain similar technologies using your browser’s settings menu, or our Cookie Preferences menu. You must opt out of the use of some third party Platform directly via the third party. 

To learn more about Google Analytics, please click here. To opt-out of Google’s analytic services, you may use the Google Analytics Opt-Out, or use your device’s settings.

In some cases, you may be able to opt-out with third parties directly by submitting requests to third party partners, including for the parties listed below 

Our Services may support certain automated opt-out controls, such as the Global Privacy Control (“GPC”). GPC is a specification designed to allow Internet users to notify businesses of their privacy preferences, such as opting-out of the sale/”Sharing” of Personal Data. To activate GPC, users must enable a setting or use an extension in the user’s browser or mobile device. Please review your browser or device settings for more information regarding how to enable GPC. 

Please note: We may not be able to link GPC requests to your Personal Data in our systems, and as a result, some sales/ of your Personal Data may occur even if GPC is active. 

Do Not Track

Our Platform does not respond to your browser’s do not track signal. 

DATA SECURITY 

We implement and maintain reasonable security measures to secure your Personal Information from unauthorized processing. While we endeavor to protect our Services and your Personal Information unauthorized access, use, modification and disclosure, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others. When we process information, we may pseudonymize data (i.e. store or use Personal Information using only a non-identifying number) or anonymize data (i.e. store data in a form that is not linked to or reasonably able to identify you personally) in order to protect your Personal Information during processing.

CHILDREN

Our Services are neither directed at nor intended for use by persons under the age of 13 in the US. We do not knowingly collect Personal Information from such individuals. If we learn that we have inadvertently done so, we will promptly delete such Personal Information if required by law. Do not access or use our Services if you are not of the age of majority in your jurisdiction unless you have the consent of your parent or guardian.

DATA RETENTION

We retain Personal Information for so long as it is reasonably necessary to achieve the relevant processing purposes described in this Policy, or for so long as is required by law. What is necessary may vary depending on the context and purpose of processing. We generally consider the following factors when we determine how long to retain data (without limitation):

  • Retention periods established under applicable law;
  • Industry best practices;
  • Whether the purpose of processing is reasonably likely to justify further processing;
  • Risks to individual privacy in continued processing;
  • Applicable data protection impact assessments;
  • IT systems design considerations/limitations; and
  • The costs associated continued processing, retention, and deletion.

We will review retention periods periodically and may pseudonymize or anonymize data held for longer periods. 

CHANGES TO OUR POLICY

We may change this Policy from time to time. We will post changes on this page. We will notify you of any material changes, if required, via email or notices on our Services. Your continued use of our Services constitutes your acknowledgement of any revised Policy.

US State Privacy Rights and Supplemental Notices

Under the California Consumer Privacy Act (“CCPA”) and other state privacy laws, residents of certain US states may have the following rights, subject to regional requirements, exceptions, and limitations. 

Additional US State Rights

Confirm – Right to confirm whether we process your Personal Data

Access/Know – Right to request any of following: (1) the categories of Personal Data we have collected, sold/“Shared,” or disclosed for a commercial purpose; (2) the categories of sources from which your Personal Data was collected; (3) the purposes for which we collected or sold/“Shared” your Personal Data; (4) the categories of third parties to whom we have sold/“Shared” your Personal Data, or disclosed it for a business purpose; and (5) the specific pieces of Personal Data we have collected about you.Portability – Right to request that we provide certain Personal Data in a common, portable formatDeletion – Right to delete certain Personal Data that we hold about you.Correction – Right to correct certain Personal Data that we hold about you.

Opt-Out (Sales, Sharing, Targeted Advertising, Profiling) – Right to opt-out of the following:

  • If we engage in sales of data (as defined by applicable law), you may direct us to stop selling Personal Data.
  • If we engage in Targeted Advertising (aka “Sharing” of personal data or cross-context behavioral advertising) you may opt-out of such processing by clicking here
  • If we engage in certain forms of “profiling” (e.g. profiling that has legal or similarly significant effects), you may opt-out of such processing.

Opt-out or Limit Use and Disclosure of Sensitive Personal Data – Right to opt-out of the processing of certain Sensitive Data, or request that we limit certain uses of Sensitive Personal Data. This right does not apply in cases where we only use Sensitive Personal Data where necessary, or for certain business purposes authorized by applicable law.

Opt-in/Opt-out of Sale/Sharing of Minors’ Personal Data – To the extent we have actual knowledge that we collect or maintain personal information of a minor under age 16 in California, those minors must opt in to any sales/“Sharing” of personal information (as defined under CCPA), and minors under the age of 13 must have a parent consent to sales/“Sharing” of personal information. All minors have the right to opt-out later at any time.

Non-Discrimination – California residents have the right to not to receive discriminatory treatment as a result of your exercise of rights conferred by the CCPA

List of Direct Marketers – California residents may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year.

Remove Minors’ User Content – Residents of California under the age of 18 can delete or remove posts using the same deletion or removal procedures described above, or otherwise made available through the Services. If you have questions about how to remove your posts or if you would like additional assistance with deletion you can contact us using the information below. We will work to delete your information, but we cannot guarantee comprehensive removal of that content or information posted through the Services.

Submission of Rights Requests

You may submit requests via email to our privacy team at privacy@ezderm.com (please our review verification requirements section). If you have any questions or wish to appeal any refusal to take action in response to a rights request, contact us at privacy@ezderm.com. We will respond to any request to appeal within the time period required by law.

Additional Notices for California Residents 

Categories of Personal Data Disclosed for Business Purposes

For purposes of the CCPA, we have disclosed to Service Providers for “business purposes” in the preceding 12 months the following categories of Personal Data, to the following categories of recipients:

Category of Personal Data Category of Recipients
Audio/Visual Data;  Transaction Data; Contact Data; Device/Network Data; Identity Data; Inference Data; General Location Data; User Content Affiliates; Service Providers; Successors; Lawful Recipients; Public Disclosure
Contact Data, Identity Data, Transaction Data, Payment Data Third Party Payment Processor

Categories of Personal Data Sold, Shared, or Disclosed for Commercial Purposes

For purposes of the CCPA, we have “sold” or “Shared” in the preceding 12 months the following categories of Personal Data in the, to the following categories of recipients: 

Category of Personal Data Category of Recipients
Transaction Data; Contact Data; Device/Network Data; Identity Data; Inference Data; General Location Data; User Content Advertisers and Social Media Platforms

Categories of Sensitive Personal Data Used or Disclosed

For purposes of CCPA, we may use or disclose the following categories of Sensitive Personal Data: Government ID Data and Payment Data. However, we do not sell or “Share” Sensitive Personal Data, or use it for purposes other than those listed in CCPA section 7027(m).