Privacy Policy | PrivacyPortfolio

PrivacyPortfolio, LLC is a limited liability corporation registered in the State of California, USA. As the sole manager of PrivacyPortfolio, LLC, Craig Erickson is accountable for all activities covered by this policy.

Empower individuals to exercise their privacy rights, hold organizations accountable for honoring their privacy policies and practices, and objectively report on the performance of enforcement authorities.

This privacy policy represents claims and rules pertaining to PrivacyPortfolio's privacy practices.

An individual or entity "accepting" this policy is known as a "Subscriber". This role designation recognizes the individual or entity as a consumer of the Publisher's (PrivacyPortfolio) resources, serving as the implied contractual basis and scope for a Subscriber's data privacy rights.

Your privacy rights are protected by privacy and data protection laws according to:

• where you reside
• where you engage in commerce
• where we collect or transfer personal data of residents
• which role identities your interactions are contextually associated with
• your personal preferences and explicit consent to process personal data

IF YOU HAVE AN AGENT AUTHORIZED TO REPRESENT YOU:
Ask your agent to register with PrivacyPortfolio by including agentReg@privacyportfolio.com as an email recipient when submitting privacy requests. This one-time, initial step is required for verifying the agent's identity and authorization to represent you.

IF YOU REPRESENT YOURSELF:
Send an email message to: privacyrequests@privacyportfolio.com
You may also leave a voice mail for Craig Erickson, Data Protection Officer directly at (510) 330-8638.

My legitimate business interests allow me to process your personal information for the following purposes:

• To conduct research in compliance with mutual agreements and applicable laws;
• To investigate complaints or concerns and ensure they are addressed appropriately to the satisfaction of all parties involved;
• To provide an audit trail of PrivacyPortfolio's research activities covered by this policy.

As an individual person or consumer, aka "data subject", there are almost no laws or restrictions on how other peoples' personal information can be collected and shared. I hold myself accountable for processing personal information as an independant researcher, as sole manager of PrivacyPortfolio, LLC, even though PrivacyPortfolio is itself exempt from most privacy and data protection laws according to:

• company size, revenue, and location
• legitimate interests
• compliance reporting obligations
• security and confidentiality requirements agreed to as authorized agent for consumers' privacy rights

PrivacyPortfolio's preferred method of communication is through email. PrivacyPortfolio's alternative method of communication is by telephone: (510) 330-8638.

This Privacy Policy is based on an xml schema to support common standards and automate policy enforcement processes. The xml format can be accessed here:
https://PrivacyPortfolio.com/xml/PrivacyPortfolio-PrivacyPolicy_v1.5.xml

PrivacyPortfolio will change this Policy periodically based on changes to applicable laws and regulations or changes in technology or our business operations. Changes made to the Policy in the future will:

• change the policy version and effective date;
• be posted as an update on the privacyportfolio.com web page;
• require notifications of such changes directly to PrivacyPortfolio's subscribers.

Policy schema supports different policy types, including security and other data governance policies, based on W3C Common Policy Markup Language and rulesets.

This Common Policy Markup Language supports transformation of privacy statements into actionable data governance policies which:

• defines the data,
• assigns ownership of the data, and
• provisions access permissions to an authenticated API that executes compliance tests for each claim within this policy.

This policy can be transformed into mutual, legally-binding agreements, such as:

• Data Processing Agreements
• Business Associate Agreements
• Consent Directives
• Consent Receipts
• Terms of Service

'Personal Information' is defined as: data attributed to you as a natural person.
'Personally Identifiable Information' is defined as: data that can be used to identify you.
'Sensitive Personal Data' is data attributed to you that, if used by unauthorized parties for unauthorized purposes, could cause harm to you. Sensitive Personal Data includes credentials, identifiers such as Social Security numbers or financial account numbers,
and 'Protected Health Information', defined as: any data contained in an electronic healthcare record.

PrivacyPortfolio collects 'Public Personal Information', defined as: personal data published in public forums and directories. This information is collected for the following purposes:

1. to validate the identity of Subscribers who submit opt-in, opt-out, data correction, and delete requests.
2. to generate leads for promotional purposes.
3. to monitor and test for data modifications or augmentations, unauthorized data sharing, unauthorized data use, and unauthorized data storage.

What personal data do I collect as PrivacyPortfolio?

• For consumers I represent as their authorized agent, I host and maintain a personal metadata repository of the consumer's personal data inventory. This voluntary disclosure of personal information is stored, maintained, and controlled by explicit consent directives governing use.
• For recipients of promotional content, any data provided by you through PrivacyPortfolio's vendors is collected, along with any contextual data associated with you and your activities.
• For employees of vendors doing business with PrivacyPortfolio, any personally identifying data collected only as evidence of compliance with our agreements, and shall be redacted from public view, except when the vendor is the subject of a formal complaint or legal matter.
• For other individual persons who are targeted as prospective consumers and/or subscribers and/or research subjects you may request disclose of the sources of public or private records used to discover you.

PrivacyPortfolio honors your preferences for how, when, and why information is exchanged with you, even when fulfilling privacy requests. Your preferences are honored on the condition that they do not conflict with applicable law, or with this policy.

You have the right:

• to file a formal complaint about PrivacyPortfolio's policies or practices to the appropriate authorities who are responsible for enforcing these legal protections.
• to use third-party advocates or agents to represent your privacy rights and register complaints on your behalf.
• to access and modify any element of your personal data which is used by PrivacyPortfolio.
• to opt-out or restrict ANY use by PrivacyPortfolio of your personal data.

You should have a reasonable expectation of privacy for anything you consider to be 'your business'.