What Personal Information Does Rock Ash Collect?
Rock Ash may collect personal information as further described below through: (a) Personal Information provided by you, (b) Automatically Collected Information, (c) Billing Information (see next paragraph), (d) Cookies and Other Tracking Technologies, (e) Third Party Analytics Data, (f) Mobile App-Based Data and (g) Cross-App and Cross-Device Information. We do not collect or use “sensitive consumer information” and do not offer or sell to any third party any data based on sensitive consumer information.
Our Services, and How We Use Personal Information
We use Personal Information for various purposes. For instance,
- Create websites for our Customers
- We help Customers deliver, target and optimize direct mail and email campaigns, display, mobile and social media marketing;
- We help Customers measure the effectiveness of ad campaigns (online and offline), such as by determining which messages are most likely to be seen or opened by which types of consumers, or which types of ads are most likely to lead to purchases;
- We sometimes create sets of consumer attributes – categories of personal interests that are grouped together based on common interests or preferences (“Data Segments”). These Data Segments may be associated with a person, household, or when used online, a unique online identifier, such as enjoying sports, travel, living in a middle-class neighborhood, or being a member of a certain profession. Marketers may use these Data Segments to tailor more relevant ads and offers to groups of users, or to learn more about their own customers and improve their own databases.
- We provide other data services, such as (but not limited to) verification, record look-ups, anti-fraud services, B2B records and services, and other analytics and database tools.
Sometimes, we may use Personal Information and Data Segments to help Customers and other data platforms perform “cross-channel” marketing – analyzing, locating and creating potential marketing “audiences” through multiple channels, e.g., web and mobile, or TV/radio.
The above is not necessarily an exclusive description of the ways we may employ Personal Information and other data. (You may learn more about our products and services by reviewing descriptions of our services on our website.) Generally, however, by permitting Customers to reference Personal Information and other data when they send offers to their customers and others, we do so to help increase the likelihood that marketers will send relevant and desired, rather than unwanted offers, content, coupons and ads.
Data Collected On Our Websites
This website and other websites owned and operated by Rock Ash (including HomeBuildingSmart.com) are primarily directed to businesses that may wish to use our services, but we welcome consumers who want to know more about our services or educated on processes. When you access this website or engage with us by email, we may collect the following information:
- Personal Information. When you provide us with information through our website, such as to request or download information, sign up for a newsletter, event or service, or log in to a service or application we provide, we may request and you may provide certain personal information to us. We may use your personal information for any business purpose, including to administer your account and provide you services, to send communications and administrative emails, to respond to your inquiries, and to send marketing and product update messages. We may also use it to analyze how customers are using our website or services.
- Non-Personal Information. Whether or not you sign up for an account or provide us with Personal Information, we may collect other information when you visit our website. This may include:
- The type of browser and operating system you have used to access the website, a time-stamp, and other browser or device information;
- Your IP address (which is a number automatically assigned to your computer when you access the Internet and can be used to derive your general geographic location);
- Your clickstream data and any URL referral information (such as any website or social media platform that referred you to our website);
- What part(s) of our website you visit, click and view, and how long you view it;
- A unique identifier, which we may associate with a cookie, device identifier or similar technology.
We may collect or store the above information by using cookies, web beacons, and similar technologies, and may target or retarget ads to you using those cookies, device identifiers, or similar technologies, when you browse the Internet or use your mobile device. We may combine any information including Personal Information you provide to us.
While we would be sorry to see you go, you can unsubscribe from our corporate emails by accessing the “opt out” or “unsubscribe” (or similar) link we provide in the footer of each email that we send. Keep in mind, however, that even if you delete your account, we may retain your Personal Information to comply with laws, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigations, enforce our agreements and policies, and take other actions permitted by law. Note that even if you unsubscribe or opt-out, we may still send you communications related to your use of and transactions with our services.
How We Work With and Share Data With Third Parties
Rock Ash may share data, including Personal Information and Data Segments, as follows:
- Partners: We may share data with business and data partners (such as business partners who provide to marketers their own applications or data services) or with clients, to help provide more tailored advertising and for analytical purposes.
- Corporate transfers: If Infogroup or its significant assets are purchased by another entity, our data will likely be transferred to that entity, including for due diligence prior to any such potential purchase.
- Affiliates, Parents and Subsidiaries: We may share some or all of the data in our possession with affiliated or subsidiary companies.
- As Required by Law or to Protect Any Party: Infogroup may disclose data if we believe in good faith that such disclosure is necessary to (a) comply with relevant laws or to respond to subpoenas or warrants served on us; or (b) to protect or otherwise defend the rights, property or safety of Infogroup or any other party.
- Data We Collect on Our Website: We use data that you provide to us on our website to market, we may use this data for our business purposes. For instance, if you provide us with your name and email address, we may put your into our proprietary database and send you newsletters about our company, our services, and events. We will provide you a way to opt out of these emails, usually through a link in the email footer.
How long does Rock Ash retain your personal information?
As further described below, we will retain your information for as long as your account is active or as needed to provide you the Service, but in no event longer than permitted by applicable law.
Does Rock Ash Transfer Your Personal Information Outside the Country?
Where required, we may transfer your personal information to our servers located outside the country in which you live (In particular, if you are an EU resident, your personal information is automatically transferred to us in the U.S). Laws of other countries on personal information can sometimes be different from those in your country of residence. We will only transfer data where it is lawful to do so. Where your personal information is transferred outside its country of origin, we ensure security measures and appropriate safeguards are put in place to protect your personal information and ensure that all transfers of your personal information comply with applicable data protection law, and are carried out in accordance with Rock Ash’s instructions. We are Privacy Shield certified for transfers from within the EEA or Switzerland to the U.S. More information on our Privacy Shield Certification can be found in the Privacy Shield Certification section 14 below. To find out more about how we safeguard your personal information (including obtaining a copy of such safeguards) in relation to transfers outside the EEA, please contact us through our help center or through the details provided in the Contact Us section below.
How Does Rock Ash Keep Your Personal Information Safe?
We take reasonable steps to put in place appropriate physical, electronic, and procedural safeguards to protect the integrity and security of personal information about you and to prevent unauthorized or unlawful processing of personal information and the accidental loss, destruction, or damage to personal information. These measures include internal reviews of our data collection, storage and processing practices and security measures (Strong password protection and in certain areas industry standard SSL-encryption to protect data transmissions), as well as physical security measures to guard against unauthorized access to systems where we store data.
However, data transmissions over the Internet and methods of electronic storage are not 100% secure. Consequently, we cannot guarantee or warrant the security of any information you transmit to us and you do so at your own risk.
If Rock Ash learns of a security systems breach we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice on our applicable web sites if a security breach occurs. If this happens, you will need a web browser enabling you to view the applicable web sites. In these circumstances, we may also send an email to you at the email address you have provided to us. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice) submit a request to firstname.lastname@example.org.
What are your Privacy Rights?
Rock Ash as Data Controller. Upon request, we will provide you with information about whether we hold or process your personal information on behalf of third parties. You can access and edit your account information with Rock Ash at any time by logging into your account. You can also contact us at email@example.com, and we will respond as soon as possible, but at most within 30 days.
You can delete your applicable account by visiting the applicable account deletion page; however, some personal information, primarily your contact information, may remain in our records to the extent necessary to protect our legal interests or document compliance with regulatory requirements, in each case solely to the extent permitted by applicable law.
If your personal information changes, or if you no longer wish to use our Service, you may correct, update, or delete such information by making the change on your user account page, or by submitting a request to firstname.lastname@example.org.
Rock Ash as Data Processor. Rock Ash acknowledges you have the right to access and change the personal information we collect and process as a data processor. An individual who seeks to access or to correct, amend, or delete personal information should direct their request to the Rock Ash user who is the data controller, and not to Rock Ash directly. If the data controller requests Rock Ash remove personal information we will respond within a reasonable timeframe.
Users in the European Union only:
Under EU Regulation 2016/679 of the European Parliament and the Council; the General Data Protection Regulation (“GDPR”), you have a number of rights when it comes to your personal information. Further information and advice about your rights can be obtained from the data protection regulator in your country of residence within the EU. You can exercise any of these rights by contacting us in the contact us section below:
The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in personal information that we hold by writing us on the email address below.
The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
The right to restrict processing. You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
The right to data portability. You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. This is not a general right however and there are exceptions.
The right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving emails from us notifying you about other services we provide which we think may be of interest to you or being contacted with varying potential opportunities). You may change your preferences regarding email communications by visiting one of our preference centers listed below.
The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
The right to withdraw consent. If you have given your consent to anything we do with your personal data (i.e we rely on consent as a legal basis for processing your personal information), you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal information at any time.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for baseless or excessive/repeated requests, or further copies of the same information. Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We will respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
Users from the European Economic Area (“EEA”) or the EU
If you are based in a country in the EEA or EU and we hold personal information about you as a data controller, the controller of your personal information is Rock Ash, Inc., a Delaware corporation incorporated in Delaware whose principal place of business is located at 2908 Wendover Place, Champaign, IL 61822.
Users from California
Under California Civil Code sections 1798.83- 1798.84, California residents are entitled to ask us for a notice identifying the categories of personal information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the following address:
Attention: Legal – Privacy
Rock Ash, Inc.
2908 Wendover Place
Champaign, Illinois 61822 USA
Privacy Shield Certification
Rock Ash participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
Changes to this Privacy Notice
Rock Ash reserves the right to revise, modify, or update this notice at any time. We will notify you about material changes in the way we treat personal information by sending a notice to the primary email address specified in your particular Rock Ash account or by placing a prominent notice on our site.
If you have a privacy concern regarding Rock Ash, or this notice, and if you cannot satisfactorily resolve it through the Service, you can write to us by email at privacy@Rock Ash.com or by mail at:
Attention: Legal – Privacy
Rock Ash, Inc.
2908 Wendover Place
Champaign, Illinois 61822 USA