Last updated June 30, 2025 

Thank you for choosing to be part of our community at The Data Group (“Company”, “we”, “us”, or “our”). We understand the importance of safeguarding your data and are dedicated to maintaining transparency about how we handle it.  We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy , or our practices with regards to your personal information, please contact us at Compliance@thedatagroup.com. When you visit our website https://thedatagroup.com/, and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our Sites and our services.

Please note that this policy applies only to the processing of data provided by our clients. We act as a data processor on behalf of clients and do not independently collect or compile personal data. All data processing activities are conducted strictly as directed by clients and for specified purposes. This privacy policy applies to all information collected through our website (such as https://thedatagroup.com/), and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the “Services“). This includes cases where clients provide us with data files for processing by third-party data partners or where we obtain third-party data for client-requested list rentals. Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

This Privacy Policy applies to all individuals who interact with our website, services, and products and outlines how we collect, use, and share personal data in compliance with various U.S. state privacy laws, including but not limited to:

• California Consumer Privacy Act (CCPA/CPRA)
• The Florida Digital Bill of Rights (FDBR)
• Colorado Privacy Act (CPA)
• Virginia Consumer Data Protection Act (VCDPA)
• Utah Consumer Privacy Act (UCPA)
• Connecticut Data Privacy Act (CTDPA)
• Texas Data Privacy and Security Act (TDPSA)
• New Jersey Data Protection Act (NJDPA)
• Nebraska Data Privacy Act (NDPA)
• Montana Consumer Data Privacy Act (MCDPA)
• Iowa Consumer Data Protection Act (ICDPA)
• Oregon Consumer Privacy Act (OCPA)
• Delaware Personal Data Privacy Act (DPDPA)
• Tennessee Information Protection Act (TIPA)
• Indiana Consumer Data Protection Act (ICDPA)
• Vermont Data Privacy Act (VDPA)
• New Hampshire Data Privacy (NHDPA)
• Minnesota Consumer Data Privacy Act (MCDPA)

For detailed information on your specific rights under these state laws and instructions on how to exercise them, please refer to the “State-Specific Privacy Rights” section at the end of this Privacy Policy.

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us such as name, address, contact information, passwords and security data, and payment information. We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our products and services, when participating in activities on the Services or otherwise contacting us. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make and the products and features you use.

Client Data Provided for Processing: In cases where clients upload data files to our Services for processing or enrichment, the information collected may include names, addresses, phone numbers, and other identifying information as directed by the client. We act solely as a data processor for this information and do not collect additional data beyond what clients provide. The personal information we collect can include the following:

• Client-Provided Personal Information: This may include names, addresses, phone numbers, or other contact information necessary to fulfill the specific data enrichment or processing service requested by the client.
• Third-Party Data for List Rentals: For clients requesting list rentals, we may source data from trusted third-party data partners according to the client’s specifications. This data, such as contact lists with specific demographics, is obtained solely to fulfill client requests and is not retained beyond the service scope.

Our Role as a Data Processor: We process this data only as instructed by the client and for the explicit purposes defined by them. We do not independently collect, analyze, or compile personal information, nor do we use client-provided data for any purpose other than the services requested.

Information automatically collected

In Short: Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our Services. We automatically collect certain information when you visit, use or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes. Like many businesses, we also collect information through cookies and similar technologies. Online Identifiers. We collect cookie identifiers, or others such as the ones used for analytics and marketing; device’s geolocation; and other similar data.

As part of our list rental services, we may obtain data from third-party sources at the request of clients. This information is procured solely to fulfill specific client requirements and is not compiled or stored by us for any other purposes.

2. HOW WE USE AND PROCESS CLIENT DATA

In Short: We process client data strictly according to client instructions and for the sole purpose of fulfilling specific client requests. We do not collect or compile data independently and act solely as a data processor.

We use client data provided through our Services to carry out data processing tasks as directed by our clients. This may include data enrichment, appending, or list rentals, and we perform these tasks within the scope and purpose defined by the client.

Specifically, we use and process client data in the following ways:

• Data Enrichment and Appending: Clients may upload data files to our secure platform to update or append information, such as adding cell phone numbers to customer records. We transmit these files to our trusted data partners for processing and then return the enriched data to the client. After processing, we delete all files in accordance with our data retention policy.
• List Rental Services: In cases where clients request specific audience lists, such as donors within a particular geographic area and income range, we obtain these lists from third-party data providers. These lists are purchased on behalf of the client and delivered directly to the client upon completion. We do not retain any list data beyond the fulfillment of the client request.

Data Processing Limitations and Safeguards:

• No Independent Data Collection or Compilation: We do not independently collect, compile, or store any data outside the client-directed processing activities.
• Data Partner Compliance: We only work with reputable data partners who comply with applicable data privacy laws and standards. All data partners are vetted to ensure the security and confidentiality of client data.
• Data Security and Confidentiality: All client data is processed within secure, encrypted environments, and we implement strict access controls to protect against unauthorized access, disclosure, or modification.

We are committed to processing client data solely for the purpose intended and in compliance with all applicable privacy laws. If you have questions about our data processing practices, please contact us at Compliance@thedatagroup.com.

3. HOW DO WE USE YOUR INFORMATION?

In Short:  We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent. We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below. We process your data solely as needed to fulfill these purposes, with security and privacy controls in place to protect your information. We use the information we collect or receive:

• To send you marketing and promotional communications. We and/or our third party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. These communications may include updates about our services, new features, and exclusive offers You can opt-out of our marketing emails at any time (see the “WHAT ARE YOUR PRIVACY RIGHTS” below).
• To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
• To post testimonials. We post testimonials on our Services that may contain personal information. Prior to posting a testimonial, we will obtain your consent to use your name and testimonial. If you wish to update, or delete your testimonial, please contact us at Compliance@thedatagroup.com and be sure to include your name, testimonial location, and contact information.
• Deliver targeted advertising to you. We may use your information to develop and display content and advertising (and work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness.
• Request Feedback. We may use your information to request feedback and to contact you about your use of our Services.
• To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
• To enforce our terms, conditions and policies for Business Purposes, Legal Reasons and Contractual.
• To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
• To deliver services to the user. We may use your information to provide you with the requested service.
• To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

3. To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

In Short:  We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.  We may process or share data based on the following legal basis:

• Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose.
• Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
• Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
• Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
• Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

• Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. These services may include payment processing, data enrichment, email delivery, customer service, and marketing efforts.  Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Services, which will enable them to collect data about how you interact with the Services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. In such cases, we will notify you before your data is transferred and becomes subject to a different privacy policy.
• Third-Party Advertisers. We may use third-party advertising companies to serve ads when you visit the Services. These companies may use information about your visits to our Website(s) and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you. We work only with advertisers who agree to comply with our privacy and data security standards, ensuring that your data is handled responsibly.

4. DATA RETENTION AND DELETION POLICY

In Short: We retain personal information only as long as necessary to fulfill the purposes outlined in this privacy policy, or as required by law. After this period, we securely delete or anonymize your information.

We have implemented strict data retention and deletion policies to ensure that personal information is only stored for the minimum time needed to complete client requests, fulfill business purposes, and comply with applicable legal or regulatory obligations.

Our Data Retention Practices Include:

• Client-Provided Data: For data provided by clients for processing (e.g., appending or enrichment), we retain the information only for the duration of the requested service. Once the service is complete and the data has been returned to the client, all client-provided data files are securely deleted from our systems within 30 days unless otherwise requested by the client or required by law.
• List Rental Data: For list rentals sourced from third-party providers, data is retained only for the specific duration required to fulfill the client request. After the requested list is delivered, we do not store or archive the data.
• Transaction and Communication Records: We may retain information about your transactions or communications with us for administrative, legal, or compliance purposes. This information may be retained for a longer period as required by law or internal policies, but we will delete or anonymize it when it is no longer necessary.
• Anonymized Data: In cases where it is not feasible to delete data immediately (e.g., for backup purposes), we ensure that such information is securely stored and isolated until it can be permanently deleted. In some cases, we may anonymize the data so it no longer identifies an individual, allowing us to retain it for analytical or operational purposes without compromising privacy.

File Deletion and Security Measures: We utilize secure deletion protocols to ensure all personal information is removed from our active systems after the retention period. Additionally, we apply data protection standards and access controls to ensure that any information retained is securely stored and protected from unauthorized access.

Data Retention Requests:
Clients who wish to modify or extend the retention period of their data may contact us to discuss specific retention needs. We are committed to working with our clients to meet their data management preferences while complying with data protection laws.

5. DATA PARTNER SELECTION AND SECURITY

In Short: We carefully select and work only with trusted data partners who meet our strict data security and privacy standards. These partners assist us in fulfilling client requests, and we take extensive measures to ensure they handle data responsibly.

To provide high-quality services such as data appending and list rentals, we may work with third-party data partners. We recognize that the security and confidentiality of your data depend on the integrity of our partnerships. Therefore, we implement rigorous selection criteria and security protocols to maintain data privacy at every step.

Our Data Partner Selection Process Includes:

• Due Diligence and Compliance: We conduct thorough due diligence on all data partners before entering into any business relationship. This includes verifying that each partner complies with relevant data privacy laws and upholds high security standards. We prioritize partners who have demonstrated a strong commitment to data protection and regulatory compliance.
• Contractual Obligations: All data partners are required to enter into legally binding agreements that outline strict data handling, confidentiality, and security obligations. These agreements specify that data partners may only process data as instructed by us, solely for the purposes of fulfilling client requests. Our contracts with partners include provisions to prevent unauthorized use, sharing, or retention of data beyond the required period.

Data Security Measures Applied by Our Partners:

• Data Encryption and Secure Transmission: We require all data partners to use industry-standard encryption protocols to protect data in transit and at rest. This ensures that personal information remains secure throughout the transfer and processing phases.
• Access Controls: Our data partners must implement access controls and authentication mechanisms to restrict data access to authorized personnel only. This helps prevent unauthorized access, disclosure, or alteration of personal information.
• Incident Response and Reporting: All partners are required to have established incident response plans and to promptly notify us of any data security incidents. We work closely with our partners to investigate and resolve any security issues, ensuring swift and effective action to protect client data.

Commitment to Continuous Improvement: We continuously review and improve our partner selection and security practices to align with industry standards and adapt to evolving data protection requirements. Our goal is to maintain the highest standards of data security and integrity across all partnerships.

If you have questions about our data partner selection process or data security practices, please contact us at Compliance@thedatagroup.com.

6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short:  We may use cookies and other tracking technologies to collect and store your information. We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

5. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short:  We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law.  We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this policy will require us keeping your personal information for longer than 1 year. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. DATA MINIMIZATION AND PURPOSE LIMITATION

In Short: We are committed to collecting, processing, and storing only the minimum data necessary to fulfill specific client requests and legitimate business purposes. All data handling activities are carefully controlled to ensure data is used solely for its intended purpose.

We adhere to the principles of data minimization and purpose limitation to protect privacy and reduce risks associated with unnecessary data collection or processing. Our goal is to handle data in a way that respects individuals’ privacy while meeting client needs.

Our Data Minimization Practices Include:

• Limited Collection: We only collect the specific data elements required to fulfill the services requested by our clients, such as name, address, and contact information. We do not collect or retain additional personal information unless it is essential for the processing activity.
• Client-Directed Data Use: All data processing activities are performed strictly according to client instructions. We do not use, analyze, or compile data for any independent purposes beyond the scope specified by the client.
• Restricted Access and Usage: We limit access to personal data only to authorized personnel and partners directly involved in fulfilling the client’s request. This ensures that data is not accessed or used unnecessarily.

Purpose Limitation Practices:

• Defined Processing Purposes: We process data solely for the specific purposes requested by clients, such as data enrichment, appending, or list rentals. We do not repurpose data for other business activities, marketing, or profiling without explicit client authorization.
• No Independent Data Compilation: We do not compile or aggregate personal data for our own use. Any data processed by us is handled exclusively within the parameters of each client request and is not retained for independent business development or analysis.
• Compliance with Client Requirements: We adhere to all client instructions regarding data processing and limit our handling of data to align with these requirements. If a client’s needs change, we work with them to ensure data usage remains consistent with their updated instructions.

Ongoing Monitoring and Review: We regularly review our data minimization and purpose limitation practices to ensure compliance with privacy standards and to make any adjustments needed to maintain our commitment to responsible data handling. By limiting data use to essential purposes, we strive to protect privacy while providing reliable, high-quality services.

7. HOW DO WE KEEP YOUR INFORMATION SAFE? 

In Short:  We aim to protect your personal information through a system of organizational and technical security measures. We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the services within a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

In Short:  We do not knowingly collect data from or market to children under 18 years of age. We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. This includes securely deleting any information inadvertently uploaded by clients that contains data from minors. If you become aware of any data we have collected from children under age 18, please contact us at Compliance@thedatagroup.com at

9. WHAT ARE YOUR PRIVACY RIGHTS?

In Short:  You may review, change, or terminate your account at any time. If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: 

http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. To opt-out of interest-based advertising by advertisers on our Services visit http://www.aboutads.info/choices/.

10. CONSUMER REQUEST METRICS

In accordance with the California Consumer Privacy Act (CCPA), we provide an annual summary of the consumer requests we receive and process. This disclosure ensures transparency in how we respond to requests related to personal information. The summary includes the total number of requests received, the number fulfilled in whole or in part, the number denied, and the average time taken to respond.

For the most recent reporting year, we received 52 consumer requests. All requests were processed in compliance with the CCPA’s requirements. Specifically:

Requests to delete personal information – 52

Requests to know or access what personal information the data broker was collecting – 52

Requests to know what personal information the data broker was selling or sharing and to whom- 52

Requests to opt out of sale or sharing of personal information -52

Requests to limit the data broker’s use and disclosure of sensitive personal information -52

• We responded to each request within the legally mandated timeframe.
• The average time to substantively respond was 6 days.
• Any requests denied were done in accordance with permitted exceptions under the CCPA.

Their were zero requests from CA Consumers were deletion was not required in whole, or in part, under each provision in California Civil Code section 1798.145 or 1798.146.

This section will be updated annually by July 1, 2025 to reflect the metrics from the previous calendar year. We remain committed to ensuring timely and lawful responses to all consumer requests.

If you have any questions about our privacy practices or wish to exercise your rights under the CCPA, please contact us at Compliance@TheDataGroup.com.

11. INDIVIDUAL RIGHTS AND OPT-OUT FOR LIST RENTALS

In Short: We are committed to respecting the privacy rights of individuals whose data may be included in list rentals. Individuals may request access to, correction, or deletion of their information, or opt-out of list rentals at any time.

Our list rental services may include personal data obtained from third-party providers. Although we do not independently collect this data, we recognize the importance of individual rights and privacy preferences. If you believe your information may have been included in a list rental or if you wish to opt-out of future list rentals, we offer the following rights and options:

• Access and Correction Requests: Individuals have the right to request access to their personal information included in list rentals and to request corrections if the information is inaccurate. To make an access or correction request, please contact us at Compliance@TheDataGroup.com.
• Opt-Out of List Rentals: If you prefer not to have your information included in future list rentals, you may opt out at any time. Upon receiving an opt-out request, we will work with our data partners to prevent your information from being included in future lists purchased on behalf of clients.
• Right to Deletion: In certain cases, you may have the right to request deletion of your personal information from our list rental data sources. While we do not control third-party data sources directly, we will facilitate this request by notifying our data partners and ensuring they handle your information in accordance with your deletion request.
• How to Exercise Your Rights: To exercise any of these rights or for assistance with an opt-out, please contact us at Compliance@TheDataGroup.com. We will respond promptly and work with our data partners to address your request.

Commitment to Privacy in List Rentals:
We only work with third-party data providers who comply with data privacy regulations and who respect individual opt-out requests. Your privacy and data rights are important to us, and we will make every effort to honor your preferences regarding list rentals.

12. DATA BREACH NOTIFICATION

In Short: We are committed to protecting your personal information and have procedures in place to respond promptly in the event of a data breach. While we implement strong security measures to protect your data, we recognize that no system is completely secure. If a data breach affecting your personal information occurs, we have established protocols to manage the incident and mitigate potential risks.

Our Data Breach Response Process Includes:

• Detection and Assessment: We continuously monitor our systems for potential security threats. In the event of a suspected breach, we quickly assess the situation to determine the nature and scope of the incident and the data affected.
• Containment and Mitigation: We take immediate steps to contain the breach and prevent further unauthorized access or damage. This may involve isolating affected systems, changing access controls, or applying security patches as needed.
• Investigation: Once the breach is contained, we conduct a thorough investigation to understand how the breach occurred, the data that may have been compromised, and the potential impact on affected individuals.
• Notification of Affected Individuals: If we determine that the breach poses a significant risk to your personal information, we will notify you promptly. Our notification will include:
  • A description of the breach, including when it occurred and the type of data affected.
  • Steps we are taking to mitigate the impact.
  • Recommendations for protecting yourself against potential risks (e.g., password changes or monitoring accounts).
  • Contact information for further assistance.
• Notification of Authorities: Where required by law, we will notify applicable regulatory authorities of the breach and provide them with relevant information about the incident and our response.
• Ongoing Monitoring and Prevention: Following a breach, we review and strengthen our security measures as needed to prevent similar incidents in the future. This may include additional employee training, implementing new security technologies, or revising our data protection practices.

Your Role in Protecting Your Data: While we strive to protect your information, we encourage you to take steps to safeguard your own data. This includes using strong, unique passwords for online accounts, monitoring your accounts for suspicious activity, and being cautious about sharing personal Information online.

13. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.

14. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, if you are a resident of California, you have specific rights under the California Consumer Privacy Act (CCPA) and the “Shine the Light” law, granting you greater access and control over your personal information. As a California resident, you are entitled to certain privacy rights under California Civil Code Section 1798.83 (the “Shine the Light” law) and the California Consumer Privacy Act (CCPA). These rights provide you with transparency and control over how your personal information is handled. Below, we outline these rights and explain how you can exercise them:

If you are a California resident, the CCPA grants you the following rights regarding your personal information:

1. Right to Know: You have the right to request details about the categories and specific pieces of personal information we have collected about you. You can also request information about the sources of this data, the purposes for collecting it, and the categories of third parties with whom we share it.
2. Right to Delete: You have the right to request the deletion of your personal information that we have collected and retained, subject to certain exceptions (such as for legal compliance or completing a transaction).
3. Right to Opt-Out of Sale: If applicable, you may opt out of the “sale” of your personal information to third parties. Please note that while we do not sell personal information as defined by the CCPA, we honor California residents’ opt-out requests as part of our commitment to privacy.
4. Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your privacy rights. We will not deny you services, charge different prices, or provide a different level of quality based on your decision to exercise these rights.

Your Rights under the “Shine the Light” Law

California’s “Shine the Light” law allows California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. You may request, once per calendar year and free of charge, a list of categories of personal information we have shared, if any, and the names and addresses of all third parties with which we shared that information during the previous calendar year.

Additional Rights for Minors

If you are under 18 years of age, reside in California, and have a registered account with our Services, you have the right to request the removal of any content or information you have publicly posted. To request the removal of such data, please contact us using the information below, providing your account email address and confirming that you are a California resident. We will ensure that the data is no longer publicly displayed on the Services, though please note it may not be completely or comprehensively removed from all systems.

How to Exercise Your California Privacy Rights

Do Not Sell or Share My Personal Information

In accordance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), California residents have the right to opt-out of the sale or sharing of their personal information.

The Data Group respects your privacy and are committed to providing you with control over how your information is used. If you wish to exercise your right to opt-out, please click here to  complete a consumer opt-out request or email us directly at compliance@thedatagroup.com

Note: Opting out does not affect your ability to use our services. Some features of our website may rely on certain data to function optimally, and opting out could limit these functionalities. We do not knowingly sell or share the personal information of individuals under 16 years of age without explicit consent.

Thank you for trusting The Data Group with your information! If you have any questions about this process, feel free to reach out to us.

1. YOUR RIGHTS UNDER ADDITIONAL PRIVACY LAWS

In Short: Depending on your location, you may have additional rights related to your personal information.   Residents of certain states, such as those mentioned at the beginning of our this page may have additional privacy rights similar to those outlined in the CCPA. We are committed to respecting your rights in all applicable jurisdictions. For more information or to exercise your rights, please contact us at Compliance@thedatagroup.com.

15. DO WE MAKE UPDATES TO THIS POLICY?

In Short:  Yes, we will update this policy as necessary to stay compliant with relevant laws. We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

16. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may email us at Compliance@TheDataGroup.com or by post to: Chief Privacy Officer The Data Group 3208 E Colonial Drive, Suite 118 Orlando, FL 32803 800-262-5609

State-Specific Privacy Rights

1. Florida Digital Bill of Rights (FDBR)

Florida Residents have specific rights under the Florida Digital Bill of Rights (FDBR), which grants the following:

• Right to Access: You have the right to request access to the personal data we collect about you, including the sources and purposes for processing.
• Right to Correct: You have the right to request the correction of any inaccurate or incomplete personal data.
• Right to Delete: You have the right to request the deletion of personal data we have collected, subject to certain exceptions.
• Right to Opt-Out of Sale: You have the right to opt-out of the sale or sharing of your personal data to third parties.
• Right to Data Minimization: You have the right to request that we collect only the minimum amount of personal data necessary for the purpose.
• Right to Non-Discrimination: You cannot be discriminated against for exercising any of your rights under the FDBR.

To exercise any of these rights under the FDBR, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.

2. Colorado Privacy Act (CPA)

Colorado Residents have specific rights under the Colorado Privacy Act (CPA), which include:

• Right to Access: You have the right to request access to the specific personal data we hold about you.
• Right to Correct: You may request the correction of any inaccuracies in the personal data we hold.
• Right to Delete: You have the right to request the deletion of personal data we maintain about you, subject to certain exceptions (such as compliance with legal obligations).
• Right to Opt-Out: You have the right to opt-out of the sale of your personal data and from processing your data for targeted advertising, profiling, and other purposes.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Non-Discrimination: You will not be discriminated against for exercising your rights under the CPA.

To exercise any of these rights under the CPA, please contact us at Compliance@TheDataGroup.com or submit a request via our Consumer Privacy Request Form.

3. Virginia Consumer Data Protection Act (VCDPA)

Virginia Residents are entitled to rights under the Virginia Consumer Data Protection Act (VCDPA), including:

• Right to Access: You may request access to the personal data we have collected about you.
• Right to Correct: You may request that we correct any inaccuracies in your personal data.
• Right to Delete: You have the right to request the deletion of your personal data that we have collected.
• Right to Opt-Out: You have the right to opt-out of the sale of your personal data, as well as the right to opt-out of processing for targeted advertising or profiling.
• Right to Data Portability: You may request that we provide your personal data in a structured, machine-readable format.
• Right to Non-Discrimination: You will not face discrimination for exercising your rights under the VCDPA.

To exercise your rights under the VCDPA, please contact us at Compliance@TheDataGroup.com or use our Consumer Privacy Request Form.

4. Utah Consumer Privacy Act (UCPA)

Utah Residents have specific rights under the Utah Consumer Privacy Act (UCPA), which include:

• Right to Access: You have the right to request access to the specific personal data we hold about you.
• Right to Correct: You can request corrections to any inaccuracies in your personal data.
• Right to Delete: You may request the deletion of your personal data, subject to certain exemptions (such as legal obligations).
• Right to Opt-Out: You have the right to opt-out of the sale of your personal data and from processing for targeted advertising purposes.
• Right to Data Portability: You may request that your data be provided in a portable format.
• Right to Non-Discrimination: You will not be discriminated against for exercising any of your rights under the UCPA.

To exercise your rights under the UCPA, please contact us at Compliance@TheDataGroup.com or submit a request via our Consumer Privacy Request Form.

5. Connecticut Data Privacy Act (CTDPA)

Connecticut Residents are granted the following rights under the Connecticut Data Privacy Act (CTDPA):

• Right to Access: You have the right to request access to the personal data we collect about you, including the categories of data collected and the purposes for which it is used.
• Right to Correct: You may request the correction of any inaccurate personal data we hold.
• Right to Delete: You have the right to request that we delete personal data we hold about you.
• Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information.
• Right to Data Portability: You have the right to request that your personal data be provided in a structured, commonly used format.
• Right to Non-Discrimination: You cannot be discriminated against for exercising your rights under the CTDPA.

To exercise any of these rights under the CTDPA, please contact us at Compliance@TheDataGroup.com or use our Consumer Privacy Request Form.

6. Texas Data Privacy and Security Act (TDPSA)

Texas Residents have rights under the Texas Data Privacy and Security Act (TDPSA), including:

• Right to Access: You may request access to the categories and specific personal data we have collected.
• Right to Correct: You have the right to request the correction of any inaccuracies in your personal data.
• Right to Delete: You may request the deletion of your personal data, subject to legal exceptions.
• Right to Opt-Out: You have the right to opt-out of the sale of your personal data to third parties and from processing your data for targeted advertising.
• Right to Non-Discrimination: You will not be discriminated against for exercising your rights under the TDPSA.

To exercise your rights under the TDPSA, please contact us at Compliance@TheDataGroup.com or submit a request via our Consumer Privacy Request Form.

7. New Jersey Data Protection Act (NJDPA)

New Jersey Residents have the following rights under the New Jersey Data Protection Act (NJDPA):

• Right to Access: You have the right to request access to the personal data we have collected about you.
• Right to Correct: You may request the correction of any inaccurate personal data.
• Right to Delete: You may request the deletion of your personal data.
• Right to Opt-Out: You may opt-out of the sale of your personal information to third parties.
• Right to Data Portability: You can request your personal data in a structured, machine-readable format.

To exercise your rights under the NJDPA, please contact us at Compliance@TheDataGroup.com or submit a request via our Consumer Privacy Request Form.

8. Nebraska Data Privacy Act (NDPA)

Nebraska Residents have rights under the Nebraska Data Privacy Act (NDPA), which include:

• Right to Access: You have the right to request access to the personal information we hold about you.
• Right to Correct: You may request corrections to any inaccurate personal information we maintain.
• Right to Delete: You may request the deletion of your personal data.
• Right to Opt-Out: The right to opt-out of the sale or sharing of your personal data with third parties.
• Right to Non-Discrimination: You cannot be discriminated against for exercising your rights under the NDPA.

To exercise your rights under the NDPA, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.

9. Montana Consumer Data Privacy Act (MCDPA)

Montana Residents have rights under the Montana Consumer Data Privacy Act (MCDPA), including:

• Right to Access: You have the right to request access to the specific personal information we hold about you.
• Right to Correct: You may request the correction of any inaccurate data.
• Right to Delete: You may request the deletion of your personal information, with some exceptions.
• Right to Opt-Out: The right to opt-out of the sale or sharing of your personal information to third parties.

To exercise your rights under the MCDPA, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.

10. Iowa Consumer Data Protection Act (ICDPA)

Iowa Residents have the following rights under the Iowa Consumer Data Protection Act (ICDPA):

• Right to Access: You may request access to your personal data, including how it was collected and its use.
• Right to Correct: The right to request the correction of inaccurate personal data we hold.
• Right to Delete: You have the right to request deletion of your personal information.
• Right to Opt-Out: You can opt-out of the sale of your personal data and from processing for targeted advertising.

To exercise your rights under the ICDPA, please contact us at Compliance@TheDataGroup.com or submit a request via our Consumer Privacy Request Form.

11. Oregon Consumer Privacy Act (OCPA)

Oregon Residents have rights under the Oregon Consumer Privacy Act (OCPA), which include:

• Right to Access: You may request access to the personal data we collect about you.
• Right to Correct: You have the right to request corrections to any inaccuracies.
• Right to Delete: You may request deletion of your personal data.
• Right to Opt-Out: The right to opt-out of the sale of your personal data.

To exercise your rights under the OCPA, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.

12. Delaware Personal Data Privacy Act (DPDPA)

Delaware Residents have rights under the Delaware Personal Data Privacy Act (DPDPA), including:

• Right to Access: You have the right to request access to the specific personal information we have collected about you.
• Right to Correct: You may request the correction of inaccurate personal data.
• Right to Delete: You have the right to request deletion of your personal data.
• Right to Opt-Out: The right to opt-out of the sale or sharing of your personal data with third parties.

To exercise your rights under the DPDPA, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.

13. Tennessee Information Protection Act (TIPA)

Tennessee Residents are entitled to rights under the Tennessee Information Protection Act (TIPA), including:

• Right to Access: You have the right to request the categories of personal data we have collected about you.
• Right to Correct: You may request corrections to any inaccurate personal data we maintain.
• Right to Delete: You have the right to request the deletion of your personal data.
• Right to Opt-Out: You may opt-out of the sale or sharing of your personal information.

To exercise your rights under the TIPA, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.

14. Indiana Consumer Data Protection Act (ICDPA)

Indiana Residents have rights under the Indiana Consumer Data Protection Act (ICDPA), including:

• Right to Access: You have the right to request access to the personal data we have collected about you.
• Right to Correct: The right to request correction of any inaccuracies in your personal data.
• Right to Delete: You have the right to request deletion of personal data.
• Right to Opt-Out: The right to opt-out of the sale or sharing of your personal data.

To exercise your rights under the ICDPA, please contact us at Compliance@TheDataGroup.com or submit your request via our Consumer Privacy Request Form.