Privacy Policy

PRIVACY POLICY

Last modified: January 2023

Introduction

The Lede Company LLC (“Lede,” “Company” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit www.ledecompany.com or use other services from Company (each referred to herein as a “Site” and collectively, the “Sites”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

NOTICE: THIS PRIVACY POLICY CONTAINS A MANDATORY ARBITRATION AGREEMENT. YOU AGREE THAT ANY CLAIMS YOU MAY HAVE AGAINST US RELATING TO THE SITE OR THE SERVICES, THIS PRIVACY POLICY OR ANY TERMS AND CONDITIONS CONTAINED HEREIN MUST BE ARBITRATED, AND YOU EXPRESSLY WAIVE THE RIGHT TO (1) ASSERT CLAIMS AGAINST US IN COURT; (2) PARTICIPATE IN A REPRESENTATIVE OR CLASS ACTION; AND (3) HAVE A JURY HEAR YOUR CASE. YOU EXPRESSLY CONSENT TO HAVE ALL OF YOUR CLAIMS ARBITRATED ON AN INDIVIDUAL BASIS ONLY. YOU ALSO AGREE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY OUR TERMS AND CONDITIONS.

This policy applies to information we collect:

On the Sites.
When you provide it to us.
In email, text, and other electronic messages between you and the Company.

It does not apply to information collected by:

Any third party, including through any application or content (including advertising) that may link to or be accessible from or through the Sites.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Sites. By accessing or using the Sites, you agree to this privacy policy. This policy may change from time to time. Your continued use of the Sites after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Information We Collect About You and How We Collect It

We collect several types of information from and about clients, including information by which you may be personally identified, such as name, postal address, email address, telephone number and any other identifier by which you may be contacted online or offline (“personal information“) or that is about you but individually does not identify you, such as the following:

We collect this information:

Directly from you when you provide it to us (as further described below).
From third parties, for example, our business partners.

Information You Provide to Us

The information we collect on or through our Sites may include:

Records and copies of your correspondence (including email addresses), if you contact us.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

To present our Site and its contents to you.
To provide you with information, products, or services that you request from us.
To fulfill any other purpose for which you provide it.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
To notify you about changes to our Sites or any products or services we offer or provide though it.
To protect the security or integrity of the Sites and our business.
To share your Personal Information with third parties on your behalf so we can provide our services to you.
In any other way we may describe when you provide the information.
For any other purpose with your consent.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

To data partners for the purposes set forth in this Privacy Policy.
To our subsidiaries and affiliates.
To contractors, service providers, and other third parties we use to support our business. The types of companies that may receive personal information and their functions are: technical assistance, database management/back-up services, use analytics, customer service, and our hosting provider.
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Lede’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Lede about our Site’s users is among the assets transferred.
To auditors and professional advisers like bankers, lawyers, accountants and insurers.
To fulfill the purpose for which you provide it.
For any other purpose disclosed by us when you provide the information.
With your consent.
To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
To enforce or apply our other agreements, including for billing and collection purposes.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us.

Residents of certain states, such as California, Nevada, Colorado, Connecticut, Virginia, and Utah may have additional personal information rights and choices.

Your State Privacy Rights

If you are a California, Nevada, Colorado, Connecticut, Virginia, or Utah resident, your state’s laws may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, see the section below titled “For California Users Only”.

Colorado, Connecticut, Virginia and Utah each provide their state residents with rights to:

Confirm whether we process their personal information.
Access and delete certain personal information.
Data portability.
Opt-out of personal data processing for targeted advertising and sales.

Colorado, Connecticut and Virginia also provide their state residents with rights to:

Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose.
Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise any of these rights please email us at compliance@ledecompany.com

Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to compliance@ledecompany.com. However, please know we do not currently sell data triggering that statute’s opt-out requirements.

GDPR and UK Rights

If you are a resident of the European Union or the United Kingdom, EU or UK laws may provide you with additional rights regarding our use of your personal information. To learn more about your these rights, see the section below titled “For UK Users Only”.

Children Under the Age of 13

We do not knowingly collect personal information from children under the age of 13. If you are under 13, please do not give us any personal information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children to never provide personal information without their permission. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us at compliance@ledecompany.com, and we will endeavor to delete that information from our databases.]

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see the section below titled “For California Users Only”.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls and any payment transactions are encrypted.

The safety and security of your information also depends on you.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Sites. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites.

Governing Law/Dispute Resolution/Arbitration

All matters relating to the Site and this Privacy Policy and any dispute or claim arising therefrom or related thereto (in each case, including non-contractual disputes or claims), shall be governed by and construed in accordance with the internal laws of the State of California without giving effect to any choice or conflict of law provision or rule (whether of the State of California or any other jurisdiction).

By using the Site you agree that any dispute, claim or controversy arising out of or relating to this privacy policy or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, shall be determined by arbitration in Los Angeles, California before a single neutral arbitrator. The arbitration shall be administered by Judicial Arbitration and Mediation Services, Inc. (“JAMS”) pursuant to its Comprehensive Arbitration Rules and Procedures. The parties to arbitration may use legal counsel at their own expense. All costs of arbitration (including arbitrator fees) shall be paid by Lede, except only that if you bring the arbitration, you may be charged an initial filing fee that shall not exceed the filing fees that you would incur for bringing an action in court. Without limiting the generality of the foregoing, in the event that any party seeks injunctive or equitable relief with respect to any actual or threatened breach of this privacy policy, or with respect to public injunctive relief, such party may seek relief in a court of competent jurisdiction. Notwithstanding anything else in this privacy policy or the JAMS rules, any parties subject to this arbitration provision shall be barred from bringing or participating in any Class Action (as defined below) related to a dispute covered by this arbitration provision. Notwithstanding anything else in this privacy policy or the JAMS rules, it is agreed that the arbitrator is specifically denied the authority to consider or certify any Class Action under this privacy policy. However, if these Class Action restrictions are ever deemed illegal or unenforceable, they shall be severed from this arbitration provision. In that event, any Class Action shall by exempted from this arbitration provision and brought in court of competent jurisdiction, in connection therewith and each of the parties consent to the sole and exclusive jurisdiction of the state and federal courts of the State of California, County of Los Angeles, Central District. For purposes of this privacy policy, the term “Class Action” shall mean claims brought on behalf of or allegedly representing or including other persons or entities, including but not limited to any class, consolidated, representative, collective or private attorney general action. This arbitration provision is subject to the Federal Arbitration Act, and may be enforced in any court of competent jurisdiction.

WAIVER. BY AGREEING TO THIS PRIVACY POLICY AND SUBJECT THERETO, YOU HEREBY IRREVOCABLY WAIVE ANY RIGHT YOU MAY HAVE TO A COURT TRIAL (OTHER THAN SMALL CLAIMS COURT AS PROVIDED ABOVE) OR TO SERVE AS A REPRESENTATIVE, AS A PRIVATE ATTORNEY GENERAL, OR IN ANY OTHER REPRESENTATIVE CAPACITY, OR TO PARTICIPATE AS A MEMBER OF A CLASS OF CLAIMANTS, IN ANY LAWSUIT, ARBITRATION OR OTHER PROCEEDING FILED AGAINST US AND/OR RELATED THIRD PARTIES.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you by email to the email address specified in your account. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Site and this privacy policy to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at compliance@ledecompany.com.

For California Users Only:

This section applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA) and any terms defined in the CCPA or CPRA have the same meaning when used in this policy. Any other capitalized terms used in this policy will have the same meaning as defined in our general privacy policy.

Information We Collect

We and our Sites collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information“). Personal information does not include:

Publicly available information from government records.
Deidentified or aggregated consumer information.
Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

In particular, within the last twelve (12) months we have collected or may in the future collect the below categories of personal information from consumers and we keep this information only for so long as we need it to perform a contract or transaction with you or maintain an ongoing customer relationship with you, comply with any legal obligations and/or to bring or defend any legal claims:

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	NO
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	NO
G. Geolocation data.	Physical location or movements.	NO
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	NO
I. Professional or employment-related information.	Current or past job history or performance evaluations.	YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	NO
L. Sensitive Personal Information.	Sensitive personal information” means: (1) personal information that reveals (A) a consumer’s social security, driver’s license, state identification card, or passport number; (B) a consumer’s account log-In, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (C) a consumer’s precise geolocation; (D) a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; (E) the contents of a consumer’s mall, email and text messages, unless the business is the intended recipient of the communication; (F) a consumer’s genetic data; and (2)(A) the processing of biometric information for the purpose of uniquely identifying a consumer; (B) personal information collected and analyzed concerning a consumer’s health; or (C) personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.	NO

We and our Site obtain the categories of personal information listed above from the following categories of sources:

Directly from you. For example, when you provide information to us.

Sharing Personal Information

We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months and/or in the future, Company has disclosed or may disclose personal information for a business purpose to the categories of third parties indicated in the chart below.

Personal Information Category	Category of Third-Party Recipients
Personal Information Category	Business Purpose Disclosures	Sales
A: Identifiers.	Background check providers HR providers Client managers Client agents Client attorneys Media	None
B: California Customer Records personal information categories.	Background check providers HR providers Client managers Client agents Client attorneys Media	None
C: Protected classification characteristics under California or federal law.	Background check providers HR providers Client managers Client agents Client attorneys	None
D: Commercial information.	None	None
E: Biometric information.	None	None
F: Internet or other similar network activity.	None	None
G: Geolocation data.	None	None
H: Sensory data.	None	None
I: Professional or employment-related information.	Background check providers HR providers Client managers Client agents Client attorneys Media	None
J: Non-public education information.	None	None
K: Inferences drawn from other personal information.	None	None

Your Rights and Choices

The CCPA and/or CPRA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:

The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information.
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
The specific pieces of personal information we collected about you (also called a data portability request).
If personal information was shared for cross-context behavioral advertising.

Right to Delete

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

Right to Correct

You have a right to correct data that we hold about you that is inaccurate.

Right to Limit Use of Sensitive Personal Information

You have the right to limit our use of your sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests such goods or services as well as other specified legitimate business purposes. “Sensitive personal information” is defined above. Any of the above information that is already publicly available is not considered to be sensitive personal information.]

Exercising Your Rights to Know, Delete or Correct

To exercise your rights to know described above, please submit a request by emailing us at compliance@ledecompany.com .

To exercise your rights to correct or delete, please submit a request by emailing us at compliance@ledecompany.com or contact us by mail at The Lede Company, 9777 Wilshire Blvd, Suite 805, Beverly Hills, CA 90212

Only you, or someone legally authorized to act on your behalf, may make a request to know, correct or delete related to your personal information.

You may only submit a request to know twice within a 12-month period. Your request to know, correct or delete must:

Provide sufficient information, at our request, that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

You do not need to create an account with us to submit a request to know or delete.

We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.

For instructions on exercising your sale, sharing and sensitive personal information use opt-out or opt-in rights, see Personal Information Sales or Sharing Opt-Out and Opt-In Rights and Limitation of Use of Sensitive Personal Information Rights.

Response Timing and Format

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please email us at compliance@ledecompany.com.

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA or CPRA rights. Unless permitted by the CCPA or CPRA, we will not:

Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

We currently do not offer any financial incentive programs that can result in different prices, rates, or quality levels in exchange for which we ask you to submit your personal information. However, we may in the future offer you such programs. Any permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to compliance@ledecompany.com

For United Kingdom and European Union Consumers Only:

Introduction

This GDPR Privacy Addendum supplements the information in the Lede Privacy Policy and applies to Personal Data about individuals located in the European Economic Area and the United Kingdom only.

We adopt this GDPR Privacy Addendum to comply with the General Data Protection Regulation (2016/679) and any implementing acts of the foregoing by any of the member states of the European Economic Area, the United Kingdom, or Switzerland (“GDPR”) and any terms defined in the GDPR or our Privacy Policy have the same meaning when used in this GDPR Privacy Addendum. For applicable users, this GDPR Privacy Addendum takes precedence over anything contradictory in our Privacy Policy.

For purposes of this GDPR Privacy Addendum, “Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data Controller, Data Protection Officer, and Representative

Lede is the data controller of the Personal Data you provide on or through our Site. We may be contacted in any manner set forth below in the “Contact Information” section of this GDPR Privacy Addendum.

Lawful Basis for Processing Your Personal Data

We have a lawful basis for our processing of your Personal Data, including processing for our legitimate interests (when balanced against your rights and freedoms), as required by law, and with your consent.

If you are in the European Union, the processing of your Personal Data is lawful only if it is permitted under the applicable data protection laws. We have a lawful basis for each of our processing activities as set forth more fully below:

Purpose/Activity	Type of data	Lawful basis for processing
To register you as a new client	Identity Contact	Performance of a contract with you
To process your materials	Identity Contact Financial Transaction Marketing and Communications	Performance of a contract with you Necessary for our legitimate interests
To manage our relationship with you which will include: Notifying you about changes to our terms or privacy policy; Communicating with you regarding issues related to you	Identity Contact Profile Marketing and Communications	Performance of a contract with you Necessary to comply with a legal obligation Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	Identity Contact Technical Tracking	Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) Necessary to comply with a legal obligation
To prevent and detect unlawful acts	Identity Contact Financial Transaction Technical Tracking	Necessary for our legitimate interests (to protect our business and our customers by way of undertaking fraud monitoring and suspicious transaction monitoring) Necessary to comply with a legal or contractual obligation to share personal data for the purposes of law enforcement
In order to resolve legal claims or disputes involving you or us	All relevant data categories, depending on the nature of the allegation or claim	Necessary to bring or defend a claim

Automated Decision Making

We do not use your Personal Data with any automated decision-making process.

Your Rights Regarding Your Information and Accessing and Correcting Your Information

You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, transfer certain Personal Data to another controller, withdraw your consent at any time, and the right to have us erase certain Personal Data about you. You may also have the right to complain to a supervisory authority about our processing of your Personal Data.

Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.

Access and Update. You may notify us through the Contact Information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
Restrictions. You may have the right to restrict our processing of your Personal Data under certain circumstances. In particular, you can request we restrict our use of it if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need your Personal Data for processing but we have retained it as permitted by law.
Portability. To the extent the Personal Data you provide us is processed based on your consent and that we process it through automated means, you may have the right to request that we provide you a copy of, or access to, all or part of such Personal Data in structured, commonly used and machine-readable format. You also have the right to request that we transmit this Personal Data to another controller, when technically feasible.
Withdrawal of Consent. To the extent that our processing of your Personal Data is based on your consent, you may withdraw your consent at any time by contacting us through email at compliance@ledecompany.com. You may also withdraw your consent to send you updates by clicking the unsubscribe link at the bottom of an update that you receive from us. Note that unsubscribing from one of our newsletters in this way only unsubscribes you from that newsletter; you may need to unsubscribe from additional newsletters separately. Withdrawing your consent will not, however, affect the lawfulness of the processing based on your consent before its withdrawal, and will not affect the lawfulness of our continued processing that is based on any other lawful basis for processing your Personal Data.
Right to be Forgotten. You may have the right to request that we delete all of your Personal Data. We will only delete your Personal Data when we no longer have a lawful basis for processing your Personal Data or after a final determination that your Personal Data was unlawfully processed. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies.
Complaints. You may have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.

How You May Exercise Your Rights. You may exercise any of the above rights (when applicable) by contacting us through any of the methods listed under Contact Information below. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.

Consent to Processing of Personal Data in the United States

We may process your Personal Data outside of your home country, including to the United States. We only do this when we are legally permitted to do so and when we have appropriate safeguards in place to protect your Personal Data.

If you are a resident of the European Economic Area (“EEA”), in order to provide our Site and legal updates to you, we may send and store your Personal Data outside of the EEA, including to the United States. Accordingly, your Personal Data may be transferred outside the country where you reside or are located, including to countries that may not or do not provide an equivalent level of protection for your Personal Data. Your information may be processed and stored in the United States and United States federal, state, and local governments, courts, or law enforcement or regulatory agencies may be able to obtain disclosure of your information through the laws of the United States. By using our Site, you represent that you have read and understood the above and hereby consent to the storage and processing of your Personal Data outside the country where you reside or are located, including in the United States.

Your Personal Data is transferred by us to another country only if it is required or permitted under applicable data protection law and provided that there are appropriate safeguards in place to protect your Personal Data.

Data Retention Periods

We may retain your Personal Data for as long as you have an account or profile with us. In some instances, we may keep it after you no longer have an account or profile with us, for example we may keep it:

on our backup and disaster recovery systems;
for as long as necessary to protect our legal interests;
to comply with other legal requirements; and
for data that has been aggregated or otherwise rendered anonymous in such a manner that you are no longer identifiable, indefinitely.

Changes to this GDPR Privacy Addendum

We reserve the right to amend this GDPR Privacy Addendum at our discretion and at any time and at any time and as described in our Privacy Policy. When we make changes to this GDPR Privacy Addendum, we will post the updated notice on the Site and update the notice’s effective date. Your continued use of our Site following the posting of changes constitutes your acceptance of such changes.

Contact Information

To ask questions or comment about this GDPR Privacy Addendum and our privacy practices, contact us at compliance@ledecompany.com.