We take privacy seriously and strive to protect our customers’ Personal Information.
PRIVACY MATTERS
We believe Personal Information should stay personal.
To achieve that goal, we have been working on building a CCPA compliance program designed to strengthen the protection of California residents’ Personal Information we process. This page explains how the CCPA impacts Plume and what steps we’ve taken to comply with applicable legal requirements.
FREQUENTLY ASKED QUESTIONS
What is the CCPA?
As of January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) has been in effect and applies to the collection, disclosure, and sale of California residents’ personal information. It creates new privacy rights for California residents and imposes new privacy compliance obligations on businesses that process personal information of California residents.
When does the CCPA apply?
The CCPA applies to any entity that qualifies as a “Business,” meaning it is a for-profit entity that does business in California, controls how California residents’ personal information is collected, and satisfies certain revenue or consumer thresholds defined by the statute.
What is Personal Information?
Under the CCPA, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. This includes not only name and contact details, but also any information that can reasonably be linked back to a California resident or household (e.g., IP address, device unique IDs, cookie identifiers) and general location data inferred from IP addresses.
Is Plume a Business or a Service Provider?
The CCPA distinguishes between a Business that determines the purposes and means of the processing of California residents’ Personal Information and a “Service Provider” to whom a Business discloses a California resident’s Personal Information to process on behalf of the Business for a business purpose pursuant to a written contract that restricts how the Service Provider can retain, use, or disclose the Personal Information.
Plume as a Business: When we offer products and services directly to California residents, we act as a Business. This is the case, for example, when a California resident orders the Plume Pods on our website after seeing an ad about Plume. This is also the case, for example, when a California resident has been redirected to Plume’s website by another company, such as an Internet Service Provider (“ISP”) with whom we may have a contract. The processing of Personal Information we perform as a Business is described in our Privacy Policy.
Plume as a Service Provider: When we process Personal Information on behalf of our customers, such as ISPs, we act as a Service Provider. In these instances, the California resident contracts with our customer (the Business) and we process the Personal Information on their behalf. Depending on the relationship, the software and hardware may either be Plume-branded or customer-branded.
What steps has Plume taken to comply with the CCPA?
Plume is committed to privacy and has implemented a CCPA compliance program. Here is an overview of key steps Plume has taken to comply with the CCPA:
Data processing agreements: When we act as a Service Provider, we enter into data processing agreements as needed that contain provisions to comply with the CCPA. In addition, we enter into similar agreements with our vendors as needed.
Privacy policy: We have updated our [Privacy Policy](/legal/privacy/) to provide enhanced transparency to our consumers, including their new CCPA rights. The CCPA gives California residents the right to:\n\n - Know what personal information has been collected by a business, how it is used, how it is disclosed and to whom, and to know their rights with regard to that data - Opt out of the “sale” of personal information; For minors under 16 years of age, opt in to the sale of personal information; Access and delete personal information; Equal service and price, even if they exercise their privacy rights; and Sue for damages and other relief after a breach of unencrypted/unredacted data.
Data security: We have implemented technical and organizational measures designed to protect the security of Personal Information.
Submit request. To exercise your rights under the CCPA, please submit your request at https://www.plume.com/legal/data-subject-rights-request/ or email us at privacy@plume.com. If you have any questions about our privacy practices, please email us at privacy@plume.com. This page is not intended to describe Plume’s processing of individuals who are not California residents. It is also not intended to provide legal advice. Please seek appropriate legal advice to ensure that your company complies with the requirements of the CCPA.