Our Role With Respect to Your Personal Information
For GDPR purposes, NOTA operates as the controller of personal information.
Personal Information We Collect
NOTA collects various information categories when provided directly, requested, or shared through third-party sources:
Identifiers
- Email addresses and names (account signup, newsletter, support)
- Social media interactions (Facebook, LinkedIn, Twitter, Instagram)
- Third-party login data (Google, etc.)
- Marketing partner and publicly-available sources
Protected Characteristics
- Age, race, ancestry, marital status, medical condition, disability, sex, gender identity, pregnancy status
- Collected through customer support, social media, third-party accounts, and external sources
Sensory Information
- Profile pictures and images/audio from account signup and social media
- Third-party account profile photos
Financial Information
- Credit card and payment details from account signup
Commercial Information
- Membership details and transaction information from accounts, support, and third parties
Internet or Similar Network Activity
- Browser and device information via cookies and tracking technologies
- Pages viewed, time spent, navigation paths, IP addresses, device identifiers
- Third-party marketing partner data
Geolocation Data
- City, state, geographic area from customer support, third parties, and automated collection
Inferences
- Derived from geographic data, Site interaction, advertisements, communications, and activity patterns
What Bases of Processing We Use
Performance of a Contract
- Account creation and member setup
- Service provider sharing to fulfill requested services
Your Consent
- Cookie and tracking technology usage
- Targeted advertising based on activity
- Marketing communications
Legitimate Interests
- Keeping services safe and secure: security measures, fraud prevention, spam protection, Terms enforcement.
- Providing and improving services: Site operation, personalized services, business understanding.
- Providing ads and analytics: personalized advertising, measurement, advertiser reporting.
Legal Obligation
- Compliance with legal requests, court orders, subpoenas
- Regulatory requirement adherence
How We Use Your Personal Information
To Provide Products, Services, and Operate the Site
- Provide and improve the Site and services
- Establish user profiles
- Enable security features
- Communicate announcements, updates, security alerts
- Understand needs and personalize experience
- Provide support and maintenance
- Respond to requests and feedback
To Administer Events and Contests
- Register participation
- Send event and contest updates
For Research and Development
- Analyze Site usage for improvement
- Study user demographics
- Develop new products and services
To Send Marketing and Promotional Communications
Consent-based marketing communications with the ability to opt out at any time.
To Display Advertisements
Partner with advertisers for targeted ads based on Site use or online activity.
For Compliance, Fraud Prevention, and Safety
- Protect rights, privacy, safety, property
- Enforce Terms of Use
- Investigate and deter fraudulent, harmful, or unauthorized activity
- Provide information to law enforcement and government authorities
To Create Anonymous, Aggregated, or De-Identified Data
- Remove personally identifiable information
- Share with third parties for lawful business purposes
- Analyze and improve the Site
To Comply with Law
Respond to subpoenas and government requests.
Use for New Purposes
Compatible purposes with appropriate notification.
How Long We Keep Your Personal Information
NOTA retains personal information as long as necessary for:
- Original purposes
- Legal, accounting, and reporting requirements
- Legal claim establishment or defense
- Fraud prevention
Retention periods consider:
- Amount, nature, and sensitivity of information
- Risks of unauthorized use or disclosure
- Alternatives for achieving the same purpose
- Applicable legal requirements
When no longer needed, NOTA deletes, irreversibly anonymizes, or securely isolates information until deletion is possible. Anonymized information may be used indefinitely.
What Privacy Rights Do You Have?
Right to Be Informed
Access to information regarding data processing activities, collection methods, retention periods, and sharing practices.
Right of Access
Request and receive confirmation of processed personal information and a copy including:
- Processing categories
- Information sources
- Processing purposes
- Retention periods or determination criteria
- Third-party recipient categories
- Automated decision-making information
- Specific personal data pieces
- Sale or disclosure information
- Legitimate interest specifics
- Cross-border transfer safeguards
CCPA limitations: Social Security numbers, driver's licenses, government IDs, financial account numbers, health insurance and medical IDs, passwords, and security questions are not disclosed.
Right to Rectification
Request correction of inaccurate personal information through account settings or by contacting NOTA.
Right to Erasure
Request personal information deletion, subject to technical or legal limitations. NOTA will explain denial reasons and consider use limitations.
Right to Restrict Processing
Request limitation to specific purposes when data is inaccurate or processing is unlawful.
Right to Object
Instruct NOTA to stop using personal information, particularly when based on legitimate interests. NOTA ceases processing unless compelling legitimate grounds override objection or legal claims require continuation.
Right to Data Portability
Request portable personal information copies provided or generated through services for moving, copying, keeping, or transferring to other organizations.
Right Related to Automated Decision-Making
The right to decline automatic decision-making, including profiling, for decisions with serious impact. NOTA explains when, why, and the effects of such processing.
Right to Withdraw Consent
Revoke consent-based processing at any time. Prior processing remains lawful.
Right to Non-Discrimination
NOTA will not deny services, charge different prices, provide different quality, or suggest differential treatment for exercising privacy rights (unless permitted by law).
Right to Opt-Out of Personal Information Sales
Request cessation of personal information sales. Requests prevent reauthorization for twelve months. Opt-back-in is available anytime.
Shine the Light
California residents may request notice identifying personal information categories shared with affiliates and third parties for marketing, along with their contact information.
Right to Lodge Complaints
GDPR applicability allows complaints to data protection regulators in the EU Member State of habitual residence, work, or violation location. UK complaints are directed to the Information Commissioner's Office.
How to Exercise Your Rights
Submit requests via:
- Email: info@heynota.com
- Mail: Nota Collective, Inc., Attn: Legal – Privacy, 1100 Glendon Ave, 17th Floor, Los Angeles, CA 90024
- Online form: available on request via the contact channels above.
Identity Verification and Processing
NOTA confirms receipt within ten business days and describes identity verification if needed. Responses are expected within one month (up to ninety days total if extended). Opt-out requests are processed within fifteen business days, with third-party notification within ninety days. No fees are charged except for excessive, repetitive, or manifestly unfounded requests.
Authorized Agents
Agents require proof of signed permission, valid power of attorney, or parental responsibility documentation. Alternatively, individuals verify directly.
Cookies, Marketing, and Targeted Online Advertising
How We Use Cookies and Other Tracking Technologies
NOTA collects information via cookies, browser web storage, Flash-based LSOs, web beacons, and similar technologies on webpages and in emails. See the Cookie Policy for details.
Opt-out of Marketing Communications
Unsubscribe via email footer instructions or contact support@heynota.com. Service-related emails continue.
Targeted Online Advertising
Business partners offer opt-out mechanisms:
- Network Advertising Initiative opt-out
- Digital Advertising Alliance opt-out
- Mobile device ad tracking settings (Google Advertising ID, Apple ID for Advertising)
Opted-out users still see advertisements, but not targeted to their activity.
Third-Party Platforms or Social Media Networks
Users can limit information shared during third-party or social media connection at connection time and through third-party settings subsequently. Withdrawal does not affect already-received information.
Other Sites, Mobile Applications, and Services
The Site contains links to third-party websites, applications, and services operated independently. NOTA is not responsible for third-party actions or privacy practices. Users are encouraged to review third-party privacy policies.
Security Practices
NOTA employs organizational, technical, and physical safeguards to protect personal information.
Children
The Site is not directed to individuals under sixteen. NOTA does not knowingly collect personal information from children. Parents noticing unauthorized child information sharing should contact info@heynota.com for deletion.
Changes to This Privacy Notice
NOTA reserves modification rights. Material changes trigger date updates, Site posting, and notification via email or Site if required by law.
Contact Us
Email: info@heynota.com
Mailing Address:
Nota Collective, Inc.Attn: Legal – Privacy
1100 Glendon Ave
17th Floor
Los Angeles, CA 90024
Allow up to four weeks for replies.
EU Representative Contact
EDPO (European Data Protection Office)
- Online form: edpo.com/gdpr-data-request
- Address: Avenue Huart Hamoir 71, 1030 Brussels, Belgium
UK Representative Contact
EDPO (European Data Protection Office)
- Online form: edpo.com/gdpr-data-request
- Address: 8 Northumberland Avenue, London WC2N 5BY, United Kingdom