Privacy Policy

Your privacy matters to us. This Privacy Policy outlines how we, Community Ray (“we,” “us,” or “our”), collect, use, share, and safeguard your Personal Information. It applies to all interactions with us, including through our website https://communityray.com/ (“the Site”), communication channels, sales processes, marketing activities, and other services.

By interacting with us, you agree to the terms of this Privacy Policy. If you have any questions, please contact us at info@communityray.com or visit our Contact Us page.

1. Key Definitions

1.1 Personal Information

“Personal Information” refers to any information that can identify you directly or indirectly. Examples include:

Identifiers such as your name, email address, phone number, and postal address.
Internet activity details, such as your IP address or browsing behavior on the Site.
Professional or employment-related information if provided to us.

1.2 Processing

“Processing” involves any activity performed on Personal Information, including collecting, storing, sharing, and deleting data.

1.3 Data Controller and Processor

We act as the “Data Controller” when determining the purposes and means of processing Personal Information. We may also act as a “Data Processor” when processing data on behalf of another organization.

2. Acceptance of the Privacy Policy

2.1 Consent

By accessing our Site or engaging with our services, you confirm that you accept this Privacy Policy. If you do not agree, please discontinue your use of the Site and services immediately.

2.2 Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with the updated effective date.

3. How We Collect Your Personal Information

3.1 Information You Provide Directly

We collect information that you share with us voluntarily, including:

Contact details submitted through forms on our Site.
Information provided during customer support interactions.
Details you share when subscribing to newsletters or promotional offers.

3.2 Information Collected Automatically

When you visit our Site, we collect data automatically using tools such as cookies and tracking technologies. This may include:

Browser and device information.
IP address.
Pages viewed and time spent on the Site.

3.3 Information from Third Parties

We may obtain your information from third-party sources, such as:

Social media platforms.
Advertising partners.
Data aggregators that help enhance our services.

4. How We Use Your Personal Information

4.1 Provide Services

Ensure the functionality and performance of our Site, process transactions, and deliver requested services.

4.2 Improve User Experience

Enhance your experience by analyzing site traffic, customizing content, and personalizing interactions.

4.3 Marketing and Communication

Send you relevant updates, promotions, or newsletters if you’ve opted in. You can unsubscribe at any time.

4.4 Compliance and Security

Comply with legal obligations, detect and prevent fraud, and safeguard our systems and data.

5. Legal Basis for Processing Your Personal Information

5.1 Compliance with Applicable Laws

We process your Personal Information under the following legal bases:

Consent: When you provide consent for specific processing activities, such as subscribing to newsletters or marketing communications.
Contractual Obligations: To fulfill a contract or take steps at your request before entering into a contract (e.g., processing transactions).
Legitimate Interests: To pursue our legitimate business interests, such as improving our services and preventing fraud, provided they do not override your rights.
Legal Obligations: To comply with legal requirements, such as tax regulations or responding to lawful requests from public authorities.

6. Your Rights Regarding Personal Information

6.1 Right to Access

You have the right to request access to the Personal Information we hold about you.

6.2 Right to Rectification

If any of the Personal Information we have is incorrect, you can request that we update or correct it.

6.3 Right to Erasure

You may request that we delete your Personal Information, subject to certain legal obligations.

6.4 Right to Restrict Processing

You can ask us to limit the processing of your Personal Information under certain circumstances.

6.5 Right to Data Portability

You may request a copy of your Personal Information in a portable format and request that we transfer it to another service provider, where technically feasible.

6.6 Right to Object

You have the right to object to the processing of your Personal Information when it is based on legitimate interests or used for direct marketing.

6.7 Right to Withdraw Consent

You can withdraw your consent at any time for processing activities based on your prior consent.

6.8 Right to File a Complaint

If you believe your rights have been violated, you can file a complaint with the appropriate data protection authority.

7. Cookies and Tracking Technologies

7.1 Cookies on Our Site

Our Site uses cookies and similar technologies to enhance functionality, analyze user behavior, and deliver targeted advertising.

7.2 Types of Cookies We Use

Essential Cookies: Necessary for basic site functionality.
Performance Cookies: Track user behavior to improve the site’s performance.
Advertising Cookies: Deliver personalized ads based on your browsing activity.

7.3 Managing Your Cookie Preferences

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may impact the functionality of our Site.

8. Sharing Your Personal Information

8.1 With Affiliates and Partners

We may share your information with our affiliates and trusted partners to provide services and improve offerings.

8.2 With Service Providers

Your information may be shared with third-party service providers who perform tasks on our behalf, such as payment processing, hosting services, and analytics.

8.3 For Legal and Regulatory Purposes

We may disclose Personal Information to comply with applicable laws, court orders, or governmental requests.

8.4 In Business Transfers

In the event of a merger, acquisition, or sale of our business, your Personal Information may be transferred as part of the transaction.

9. How We Share Your Personal Information

We may share your Personal Information globally with affiliates, partners, and third parties to fulfill the purposes outlined in this Privacy Policy. This includes transferring your information to countries with different data protection laws. Your Personal Information may be stored or processed in the United States or other countries where we, our affiliates, or our service providers operate.

9.1 Categories of Third Parties

Our Affiliates: To facilitate services and support.
Service Providers: Including payment processors, hosting platforms, and marketing agencies that assist in conducting our business.
Advertising Partners: To deliver relevant advertisements and improve marketing strategies.
Business Partners: For joint promotions or collaborations.
Legal Authorities: To comply with legal obligations or protect our rights.
In Business Transfers: During negotiations or the sale of our company, provided the recipient agrees to maintain your information's confidentiality.

10. Advertising

Our Site may feature advertisements from third-party networks. These networks may use cookies and tracking technologies to gather information about your browsing activities. We do not control their data collection practices, and their use of your Personal Information is governed by their privacy policies.

10.1 Third-Party Links

If you access a third-party site via advertisements on our Site, your information will no longer be protected under this Privacy Policy. Please review their privacy policies for details on how they manage your data.

11. Data Retention and Deletion

We retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected or comply with legal requirements.

11.1 Deletion Requests

Upon your request, we will delete your Personal Information unless we are required to retain it for legal, compliance, or dispute resolution purposes.

12. Security of Your Personal Information

We are committed to protecting your Personal Information by implementing industry-standard security measures such as encryption, secure servers, and access control protocols.

12.1 User Responsibility

While we take reasonable steps to secure your data, no system is entirely secure. Users are advised to adopt strong passwords, avoid sharing credentials, and logout from shared devices.

13. Data Breaches

Despite our best efforts, data breaches may occur. In the event of a breach, we will:

Notify affected users promptly.
Provide details of the breach, including the nature of the affected information and actions taken.
Take corrective measures to mitigate the impact and prevent recurrence.

Certain exceptions may apply if technical safeguards render the breached data inaccessible, such as through encryption.

14. Right to Opt-Out of the Sale/Sharing of Personal Information

You have the right to opt out of the sale or sharing of your Personal Information. We do not sell Personal Information in exchange for monetary value. However, we may share data with third parties for business purposes as outlined in Section 9.

14.1 How to Opt-Out

To exercise your right to opt out, you may:

Contact us at info@communityray.com with the subject line "Do Not Sell/Share My Personal Information."
Visit our Contact Us page and complete the form with your opt-out request.

14.2 Consequences of Opting Out

Please note that if you choose to opt out, certain services or features may no longer be available to you.

15. Use of Our Services by Children

We are committed to protecting children’s privacy. Our services are not intended for individuals under the age of 18.

15.1 No Collection of Underage Data

If we become aware that we have collected Personal Information from individuals under 18, we will delete such information promptly.

16. Where We Store Your Personal Information

Your Personal Information may be stored in our databases, on secure servers, or in cloud storage solutions operated by our service providers.

17. Do Not Track Settings

Our Site does not respond to Do Not Track (DNT) signals. Some third parties may track your online activities over time and across websites. While this information may not directly identify you, it could be combined with other data to infer identity.

18. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.

18.1 Notification of Updates

We will post updates on this page and, where appropriate, notify you via email or other communication channels.

18.2 Effective Date

Each version of the Privacy Policy will include an effective date for your reference.

Appendix: GDPR Provisions

If you are a resident of the European Union (“EU”) and we process data about you that qualifies as Personal Information under the GDPR, the provisions of this Appendix will apply to you.

Your Rights as a Data Subject

You have the rights outlined in Section 7 of this Privacy Policy in accordance with the GDPR. In addition, you have the following rights under the GDPR:

Right to Restriction of Processing: You can request that we restrict the processing of all or some of your Personal Information, either temporarily or permanently.
Right to Data Portability: You have the right to request a copy of your Personal Information in an electronic format and to transmit this data to another data controller.
Right Not to Be Subject to Automated Decision-Making: You have the right to avoid decisions based solely on automated processing, including profiling, that have legal effects concerning you or similarly significantly affect you.
Right to Withdraw Your Consent: You can withdraw your consent at any time regarding the processing of your Personal Information.

How to Exercise Your Rights

We will take all appropriate steps to provide you with the information you request in a concise, transparent, and easily accessible form, using clear and plain language. We will respond to your request within 1 month of receiving it. If the request is complex, we may extend this period by 2 additional months, informing you within the original 1-month period.

Restrictions to Your Rights

Please note that the exercise of your rights may be subject to certain limitations under EU and local laws as outlined in Section 23 of the GDPR. Additionally, we may not be able to facilitate the exercise of your rights if we are unable to identify you. If you withdraw your consent, the withdrawal will not affect the legality of processing based on consent before the withdrawal.

Sensitive Personal Information

Under the GDPR, Personal Information is considered sensitive if it reveals:

Racial or ethnic origin
Political opinions
Religious or philosophical beliefs
Trade union membership
Genetic or biometric data for the purpose of uniquely identifying a person
Data related to health or a person’s sex life or sexual orientation

We will only process your Sensitive Personal Information if one of the lawful conditions under Section 9 of the GDPR applies.

How Secure is Your Personal Information (GDPR)

We are committed to securing your Personal Information. We implement appropriate technical and organizational measures to protect your data. In the event of a data breach, we will notify you without undue delay, as required by Section 34 of the GDPR, and provide clear and plain language regarding the nature of the breach, the Personal Information affected, and the measures we have taken.

Please note that certain exceptions may apply to our notification obligations, such as if appropriate security measures (e.g., encryption) were applied to the affected data, rendering it unintelligible to unauthorized individuals.

Appendix II: California Privacy Rights Act (“CPRA”)

Scope

If you are a resident of California and we process data about you that might be considered Personal Information under the CPRA, this Appendix shall apply.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the CPRA.

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested. We shall answer your request within 45 days from the date on which your request was received. Please bear in mind that – in certain situations (e.g., the complexity of your request) – we may extend the term by 45 additional days. In such case, we will inform you within the original 45-day term, together with the reasons for the extension.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the CPRA. For example, we shall not delete your personal information if it is necessary to:

Complete the transaction for which the personal information was collected;
Help to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for those purposes;
Comply with a legal obligation, etc.

In case your request is manifestly unfounded or excessive, we may either charge you with a reasonable fee taking into account the administrative costs of providing the information or refuse to act on the request and notify you the reason for refusing your request.

Sensitive Personal Information

Under the CPRA, Personal Information is considered sensitive in the following cases:

Personal information that reveals a consumer’s social security, driver’s license, state identification card, or passport number;
Personal information that reveals a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
Personal information that reveals a consumer’s precise geolocation;
Personal information that reveals a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership;
The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication;
Personal information that reveals a consumer’s genetic data;
The processing of biometric information for the purpose of uniquely identifying a consumer;
Personal information collected and analyzed concerning a consumer’s health;
Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.

Appendix III: Virginia Consumer Data Privacy Act (“VCDPA”)

Scope

If you are a resident of the Commonwealth of Virginia and we process data about you that might be considered Personal Information under the VCDPA, this Appendix shall apply.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the VCDPA. You also have the following right:

Right to Receive a Copy of Your Personal Information

You have the right to request a copy of the Personal Information we have collected about you in a portable and, to the extent technically feasible, readily usable format to allow you to transmit your Personal Information to another entity without hindrance if the processing is carried out by automated means.

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

Jointly with the right to opt-out of the sale or sharing of your Personal Information, you have the right to opt-out of the processing of your Personal Information for purposes of targeted advertising and profiling in furtherance of decisions that produce legal or similarly significant effects to you.

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested. We shall answer your request within 45 days from the date on which it was received. Please bear in mind that – in certain situations (e.g., the complexity of your request) – we may extend the term by 45 additional days. In such case, we will inform you within the initial 45-day term together with the reasons for the extension.

In case we decline your request, we will inform you no later than 45 days from the date on which your request was received. If you want to appeal our decision, send your appeal request to the following address: info@britacademics.co.uk with the header “Appeal to Denial of Request”.

We will answer your appeal within 60 days from the date on which it was received, which will include a written explanation for the decision taken. If we deny your appeal, you may contact Virginia’s Attorney General to submit a complaint by visiting Virginia Attorney General's Office.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the VCDPA. For example:

If your request is manifestly unfounded, excessive, or repetitive, we may charge you a reasonable fee to cover up the costs of analyzing your request.
If we are unable to authenticate your request by using reasonable commercial efforts, we shall not analyze it.
We shall provide you the requested information free of charge up to twice annually.

Appendix III: Virginia Consumer Data Privacy Act (“VCDPA”)

Scope

If you are a resident of the Commonwealth of Virginia and we process data about you that might be considered Personal Information under the VCDPA, this Appendix shall apply.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the VCDPA. You also have the following right:

Right to Receive a Copy of Your Personal Information

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

How to Exercise Your Rights

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the VCDPA. For example:

If your request is manifestly unfounded, excessive, or repetitive, we may charge you a reasonable fee to cover up the costs of analyzing your request.
If we are unable to authenticate your request by using reasonable commercial efforts, we shall not analyze it.
We shall provide you the requested information free of charge up to twice annually.

Sensitive Personal Information

Under the VCDPA, Personal Information is considered sensitive in the following cases:

Personal Information revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status.
Genetic or biometric data processed for the purpose of uniquely identifying a natural person.
The Personal Information collected from a known child.
Precise geolocation data.

In case we process Sensitive Personal Information, we will only carry out such processing if you have given us your consent to do so.

Use of Our Services by Children

Under the VCDPA, a child is any natural person under 13 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the VCDPA, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child. In case we receive a request from a child’s parent and/or legal guardian, we will both analyze and reply to it within the legal terms granted by the VCDPA.

How Secure is Your Personal Information

In case of a data breach, please note that the Code of Virginia Title 18.2 Chapter 6, Article 5 Subsections 18.2-186.6 might apply.

Appendix IV: Colorado Privacy Act (“CPA”)

Scope

If you are a resident of the State of Colorado and we process data about you that might be considered Personal Information under the CPA, this Appendix shall apply.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the CPA. You also have the following right:

Right to Data Portability

You have the right to obtain your Personal Information in a portable and, to the extent technically feasible, readily usable format to allow you to transmit your Personal Information to another entity without hindrance.

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested. We shall answer your request within 45 days from the date on which it was received. Please bear in mind that – in certain situations (e.g., the complexity of your request) – we may extend the term by 45 additional days. In such case, we will inform you within the original 45-day term together with the reasons for the extension.

In case we decline your request, we will inform you no later than 45 days from the date on which your request was received, together with the reasons that support our decision and the instructions to appeal.

In case you want to appeal our decision, send your appeal request to the following address: info@britacademics.co.uk with the header “Appeal to Denial of Request”.

We will answer your appeal within 45 days from the date on which it was received. Please bear in mind that – in certain situations (e.g., the complexity of your request) – we may extend the term by 60 additional days. In such case, we will inform you within the original 45-day term, together with the reasons for the extension.

If you have any concerns about our response to your appeal, you may contact Colorado’s Attorney General to submit a complaint by visiting Colorado Attorney General's Office.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the CPA. For example:

We shall not comply with your request if, after making reasonable commercial efforts, we cannot authenticate your request.
We may charge you a reasonable fee to cover up the costs of answering your request if you have submitted a second or subsequent request within a 12-month period.

Sensitive Personal Information

Under the CPA, Personal Information is considered sensitive in the following cases:

Personal Information revealing racial or ethnic origin, religious beliefs, a mental or physical health condition or diagnosis, sex life or sexual orientation, or citizenship or immigration status.
Genetic or biometric data that may be processed for the purpose of uniquely identifying an individual.
Personal Information from a known child.

In case we process Sensitive Personal Information, we will only carry out such processing if you have given us your consent to do so.

Use of Our Services by Children

Under the CPA, a child is any individual who is under 13 years old. The processing of Personal Information related to a child is lawful only if the child's parents or legal guardian have given their consent.

How Secure is Your Personal Information

We design our systems with your security and privacy in mind. We are firmly committed to the security of your Personal Information. That's why we implement reasonable measures to protect your Personal Information.

In case of a security breach, we will notify you without undue delay, no later than 30 days after we become aware of the incident pursuant to Title 6, Article 1, Part 7 Section 6-1-716 of the 2022 Colorado Code. Please note that certain exceptions may apply (e.g., if our internal investigation determines that the misuse of your Personal Information has not occurred and is not reasonably likely to occur).

Appendix V: Connecticut Data Privacy Act (“CDPA”)

Scope

If you are a resident of the State of Connecticut and we process data about you that might be considered Personal Information under the CDPA, this Appendix shall apply.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the CDPA. You also have the following rights:

Right to Obtain a Copy of the Personal Information

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested. We shall answer your request no later than 45 days from the date on which it was received. Please bear in mind that – in certain situations (e.g., complexity of your request/number of requests received) – we may extend the term by 45 additional days. In such case, we will inform you within the original 45-day term together with the reasons for the extension.

In case we decline your request, we will inform you no later than 45 days from the date on which your request was received, together with the reasons that support our decision. If you want to appeal our decision, you must send your appeal request to the following address: info@britacademics.co.uk with the header “Appeal to Denial of Request”.

If you decide to appeal our decision, we will answer your appeal no later than 60 days from the date on which it was received. If we deny your appeal, you may contact Connecticut’s Attorney General to submit a complaint by visiting Connecticut Attorney General's Office.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the CDPA. For example:

We shall not comply with your request if, after making reasonable commercial efforts, we cannot authenticate your request or identity or the identity of the agent acting on your behalf.
We shall not comply with your opt-out request if we have a good faith, reasonable and documented belief that such request is fraudulent.
If your request is manifestly unfounded, excessive, or repetitive, we may charge you with a reasonable fee to cover up the costs of analyzing your request.
We may give you the data requested free of charge up to once during a 12-month-period.
We shall not comply with your request if the confirmation or access to your Personal Information would require us to reveal a trade secret.

Sensitive Personal Information

Under the CDPA, Personal Information is considered sensitive in the following cases:

Data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, or citizenship or immigration status.
Genetic or biometric data processed only for the purpose of uniquely identifying an individual.
Personal Information collected from a known child.
Precise geolocation data.

In case we process Sensitive Personal Information, we will only carry out such processing if you have given us your consent to do so.

Use of Our Services by Children

Under the CDPA, a child is any individual who is under 13 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the CDPA, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child. In case we receive a request from a child’s parent and/or legal guardian, we will both analyze and reply to it within the legal terms granted by the CDPA.

Appendix VI: Argentine Personal Data Protection Act No. 25,326 (“PDPA”)

Sensitive Personal Information

Under PDPA, Personal Information is considered sensitive if it reveals:

Racial or ethnic origin.
Political opinions.
Religious or philosophical beliefs.
Trade union membership.
Data concerning health or data concerning a natural person’s sex life or sexual orientation.

Use of Our Services by Children

In Argentina, a child is a person under 18 years old. Pursuant to Criteria No. 5 of Annex I of the Resolution AAIP 4/2019, the processing of Personal Information of a child in Argentina will be lawful if:

The child has given its consent based on the progressive autonomy principle, as set forth in Sections 26 and 639 of the Argentine Federal Civil and Commercial Code, taking into account the child’s psychophysical characteristics, aptitudes, and development.
The consent has been given by the child’s holder of parental responsibility, parent and/or legal guardian when the child’s psychophysical characteristics, aptitudes, and development do not allow the child to give its consent.

How Secure Is Your Personal Information?

Appendix VII: Utah Consumer Privacy Act (“UCPA”)

Scope

If you are a resident of Utah and we process data about you that might be considered Personal Information under the UCPA, this Appendix shall apply, provided that the UCPA is in full force and effect.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the UCPA. You also have the following rights:

Right to obtain a copy of your personal information: You have the right to request a copy of the Personal Information you have previously provided to us in a portable and, to the extent technically feasible, readily usable format to allow you to transmit your Personal Information to another entity without impediment where the processing is carried out by automated means.
Right to opt-out of the processing of Personal Information for purposes of targeted advertising and processing of Sensitive Personal Information: Jointly with the right to opt-out of the sale or sharing of your Personal Information, you have the right to opt-out of the processing of your Personal Information for purposes of targeted advertising, as well as to opt-out of the processing of Sensitive Personal Information.
Right to receive a clear notice prior to processing Sensitive Personal Information: You have the right to receive a clear notice about the processing of Sensitive Personal Information prior to the beginning of such processing.
Right of no discrimination: You have the right to not be discriminated against (e.g., not to be denied any product or service; not to be charged with a different price or rate for any product or service; not to be provided with a different quality of a good or service) if you exercise your rights.

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested.

We shall answer your request no later than 45 days from the date on which it was received. Please bear in mind that –in certain situations (e.g., complexity of your request/volume of requests received)– we may extend the term by 45 additional days. In such case, we will inform you within the original 45-day term together with the reasons for the extension.

In case we decline your request, we will inform you no later than 45 days from the date on which your request was received, together with the reasons that support our decision.

Guardianship or Conservatorship

Please note that if the consumer is subject to guardianship, conservatorship, or other protective arrangement pursuant to Title 75, Chapter 5 Protection of Persons Under Disability and Their Property, the guardian or conservator of the consumer shall exercise their rights on their behalf.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the UCPA (e.g. we shall not comply with your request if it is excessive, repetitive, technically infeasible, or manifestly unfounded; if we reasonably believe that the primary purpose for submitting the request was something other than exercising a right or if the request, individually or as part of an organized effort, harasses, disrupts, or imposes undue burden on our business’ resources; we may charge you with a reasonable fee to cover up the administrative costs of complying with your request; we may give you the data requested free of charge up to once during the same 12-month-period; we shall not comply with your request if, using commercially reasonable efforts, we are unable to authenticate your request; we may request additional information reasonably necessary to authenticate your request if we are unable to authenticate your request using commercially reasonable efforts; we shall not comply with your request if we suspect it is fraudulent and we are not able to authenticate the request before the 45-day period expires, etc.).

Sensitive Personal Information

Under the UCPA, Personal Information is considered sensitive in the following cases:

Data revealing racial or ethnic origin, religious beliefs, medical history, mental or physical health condition or diagnosis, or medical treatment by a health care professional, sexual orientation, or citizenship or immigration status.
Genetic or biometric data, if the processing is for the purpose of identifying a specific individual.
Specific geolocation data.

In case we process Sensitive Personal Information, we will only carry out such processing if you have given us your consent to do so.

Use of Services by Children

Under the UCPA, a child is any individual who is under 13 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the UCPA, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child. In case we receive a request from a child’s parent and/or legal guardian, we will both analyze and reply to it within the legal terms granted by the UCPA.

Appendix VIII: Texas Data Privacy and Security Act (“TDPSA”)

Scope

If you are a resident of Texas and we process data about you that might be considered Personal Information under the TDPSA, this Appendix shall apply, provided that the TDPSA is in full force and effect.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the TDPSA. You also have the following rights:

Right to Obtain a Copy of Your Personal Information

If the data is available in a digital format, you have the right to obtain your Personal Information in a portable and, to the extent technically feasible, readily usable format to allow you to transmit your Personal Information to another controller without hindrance.

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

Jointly with the right to opt-out of the sale or sharing of your Personal Information, you have the right to opt-out of the processing of your Personal Information for purposes of targeted advertising or profiling in furtherance of a decision that produces a legal or similarly significant effect concerning yourself.

Right of No Discrimination

You have the right not to be discriminated against (e.g. not to be denied any product or service; not to be charged a different price or rate for any product or service; not to be provided with a different quality of goods or services) if you exercise your rights.

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested.

We shall answer your request no later than 45 days from the date on which it was received. Please bear in mind that – in certain situations (e.g. complexity of your request/number of requests received) – we may extend the term by 45 additional days. In such case, we will inform you within the original 45-day term together with the reasons for the extension.

In case we decline your request, we will inform you no later than 45 days from the date on which your request was received, together with the reasons that support our decision. In case we decline your request, we will provide you with the instructions to appeal our decision.

Appealing Our Decision

If you decide to appeal our decision, we will answer your appeal no later than 60 days from the date on which it was received. If we deny your appeal, you may contact Texas’ Attorney General to submit a complaint by visiting https://www.texasattorneygeneral.gov/.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the TDPSA (e.g., we shall not comply with your request if it is excessive, repetitive, or manifestly unfounded; we may charge you with a reasonable fee to cover the administrative costs of complying with your request; we may give you the data requested free of charge up to twice annually; we shall not comply with your request if, using commercially reasonable efforts, we are unable to authenticate your request; we may also request additional information reasonably necessary to authenticate your request; we shall not comply with an opt-out request received from an authorized agent if:

i) the authorized agent does not communicate the request to us in a clear and unambiguous manner;
ii) we are not able to verify, with commercially reasonable efforts, if you are a resident of Texas;
iii) we do not possess the ability to process the agent’s request; or
iv) if we do not possess similar or identical requests we receive from you for the purpose of complying with similar or identical laws or regulations of another state.

Sensitive Personal Information

Under the TDPSA, Personal Information is considered sensitive in the following cases:

Data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status.
Genetic or biometric data, if the processing is for the purpose of identifying an individual.
Personal Information collected from a known child.
Precise geolocation data.

In case we process Sensitive Personal Information, we will only carry out such processing if you have given us your consent to do so.

Use of Services by Children

Under the TDPSA, a child is any individual who is under 13 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the TDPSA, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child. In case we receive a request from a child’s parent and/or legal guardian, we will both analyze and reply to it within the legal terms granted by the TDPSA.

Appendix IX: Oregon Consumer Privacy Act (“OCPA”)

Scope

If you are a resident of Oregon and we process data about you that might be considered Personal Information under the OCPA, this Appendix shall apply, provided that the OCPA is in full force and effect.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the OCPA. You also have the following rights:

Right to Obtain a Copy of Your Personal Information

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

Jointly with the right to opt-out of the sale or sharing of your Personal Information, you have the right to opt-out of the processing of your Personal Information for purposes of targeted advertising and profiling in furtherance of a decision that produces a legal or similarly significant effect concerning yourself.

Please note that you can designate another person to serve as your authorized agent to act on your behalf regarding this right to opt-out.

Right of No Discrimination

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested.

Appealing Our Decision

If you decide to appeal our decision, we will answer your appeal no later than 45 days from the date on which it was received. If we deny your appeal, you may contact Oregon’s Attorney General to submit a complaint by visiting https://www.doj.state.or.us/oregon-department-of-justice/contact-us/.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the OCPA (e.g., we may give you the data requested free of charge up to once during any 12-month period unless the purpose of the second or subsequent request is to verify that we corrected inaccuracies in, or deleted your Personal Information in compliance with your request; we shall not comply with your request if, using commercially reasonable efforts, we are unable to authenticate your request without additional information from you unless you provide us the information necessary to authenticate your request; regarding your opt-out request, we may ask for additional information necessary to comply with such request, (e.g. information to identify you and your request); we may deny your request to opt-out if we have a good faith, reasonable and documented belief that your request is fraudulent, etc.).

Sensitive Personal Information

Under the OCPA, Personal Information is considered sensitive in the following cases:

Data revealing racial or ethnic background, national origin, religious beliefs, mental or physical condition or diagnosis, sexual orientation, status as transgender or non-binary, status as a victim of crime, or citizenship or immigration status.
Accurately identifies within a radius of 1750 feet a consumer’s present or past location, or the present or past location of a device that links or is linkable to a consumer by means of technology, including, but not limited to, a global positioning system that provides latitude and longitude coordinates.
Genetic or biometric data.
A child’s personal information.

In case we process Sensitive Personal Information, we will only carry out such processing if you have given us your consent to do so.

Use of Services by Children

Under the OCPA, a child is any individual who is under 13 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the OCPA, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child or on behalf of a child for whom the guardian has legal responsibility. Moreover, a guardian or conservator may exercise the rights described herein on behalf of a consumer that is subject to a guardianship, conservatorship, or other protective agreement.

In case we receive a request from a child’s parent and/or legal guardian, or a consumer’s guardian or conservator, we will analyze and reply to it within the legal terms granted by the OCPA.

Appendix X: Florida Digital Bill of Rights (“FDBR”)

Scope

If you are a resident of Florida and we process data about you that might be considered Personal Information under the FDBR, this Appendix shall apply, provided that the FDBR is in full force and effect.

Your Rights as a Data Subject

Right to Obtain a Copy of the Personal Information

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

Jointly with the right to opt-out of the processing, sale, or sharing of your Personal Information, you have the right to opt-out of the processing of your Personal Information for purposes of targeted advertising and profiling in furtherance of decisions that produce legal or similarly significant effects to you.

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested.

We shall answer your request within 45 days from the date we have received it. Please bear in mind that – in certain situations (e.g., the complexity of your request) – we may extend the term by 15 additional days. In case we need to extend the term, we will inform you within the original 45-day term, together with the reasons for the delay.

If the request is rejected, you will be informed of the reason for the rejection and the instructions to appeal the decision.

Appealing Our Decision

If you want to appeal our decision, you must send your appeal request to the following address: info@britacademics.co.uk with the subject line “Appeal to Denial of Request.” If you decide to appeal our decision, we will answer your appeal no later than 60 days from the date on which it was received, informing you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for the decision(s).

Free of Charge

We shall provide information or take action in response to your requests free of charge, twice per year, as long as such requests are not unfounded, excessive, or repetitive.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the FDBR (e.g. we shall not comply with your request if, after making reasonable commercial efforts, we cannot authenticate your request; we may charge you a reasonable fee to cover the costs of answering your request if you have submitted a third or subsequent request within a 12-month period, etc.).

Sensitive Personal Information

Under FDBR, Sensitive Data is considered one of the following:

Personal information revealing an individual’s racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status.
Genetic or biometric data processed for the purpose of uniquely identifying an individual.
Personal information collected from a known child.
Precise geolocation data.

In case we process Sensitive Data, we will only carry out such processing if you have given us your consent to do so.

Use of Services by Children

Under the FDBR, a child is any individual who is under 18 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the FDBR, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child. In case we receive a request from a child’s parent and/or legal guardian, we will both analyze and reply to it within the legal terms granted by the FDBR.

How Secure Is Your Personal Information

These measures are aimed at preventing, detecting, protecting against, or responding to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, or any illegal activity, preserving the integrity or security of systems, or investigating, reporting, or prosecuting those responsible for any of these actions.

Appendix XI: Montana Consumer Data Privacy Act (“MCDPA”)

Scope

If you are a resident of Montana and we process data about you that might be considered Personal Information under the MCDPA, this Appendix shall apply, provided that the MCDPA is in full force and effect.

Your Rights as a Data Subject

You have the rights indicated in Section 7 in accordance with the provisions of the MCDPA. You also have the following rights:

Right to Obtain a Copy of the Personal Information

Right to Opt-Out of the Processing of Personal Information for Purposes of Targeted Advertising and Profiling

Jointly with the right to opt-out of the processing, sale, or sharing of your Personal Information, you have the right to opt-out of the processing of your Personal Information for purposes of targeted advertising and profiling in furtherance of a decision that produces a legal or similarly significant effect to you.

How to Exercise Your Rights

We shall take all the appropriate measures to provide you with any information you have requested.

We shall answer your request within 45 days since we have received it. Please bear in mind that – in certain situations (e.g. the complexity of your request) – we may extend the term by 45 additional days. In case we need to extend the term, we will inform you within the original 45-day term, together with the reasons for the delay.

If the Request is Rejected

If the request is rejected, you will be informed of the reason for the rejection and the instructions to appeal the decision.

Appeal Process

If you want to appeal our decision, you must send your appeal request to the following address: info@britacademics.co.uk with the header “Appeal to Denial of Request.”

Free Information

We shall provide information in response to your requests free of charge, once per 12-month period, as long as such requests are not unfounded, excessive, technically infeasible, or repetitive.

Designating an Authorized Agent

You may designate another person to serve as your authorized agent and act on your behalf to opt out of the processing of your personal information for the purposes already specified. You may designate an authorized agent by way of a technology, including but not limited to an internet link or a browser setting, browser extension, or global device setting indicating a customer's intent to opt out of such processing.

Guardian or Conservator

The guardian or conservator of a consumer subject to a guardianship, conservatorship, or other protective arrangement may exercise the rights of the consumer on their behalf regarding the processing of personal information.

Restrictions to Your Rights

Please note that the exercise of your rights is subject to certain restrictions pursuant to the MCDPA (e.g. we shall not comply with your request if, after making reasonable commercial efforts, we cannot authenticate your request; we may charge you a reasonable fee to cover the costs of answering your request if you have submitted a second or subsequent request within a 12-month period, etc.).

Sensitive Personal Information

Under MCDPA, Sensitive Data is considered one of the following:

Data revealing racial or ethnic origin, religious beliefs, a mental or physical health condition or diagnosis, information about a person's sex life, sexual orientation, or citizenship or immigration status.
The processing of genetic or biometric data for the purpose of uniquely identifying an individual.
Personal information collected from a known child.
Precise geolocation data.

In case we process Sensitive Data, we will only carry out such processing if you have given us your consent to do so.

Use of Services by Children

Under the MCDPA, a child is any individual who is under 13 years old. The processing of Personal Information related to a child is lawful if it is done in accordance with the provisions set forth in the Children’s Online Privacy Protection Act (“COPPA”).

Please note that, under the MCDPA, the child’s parents and/or legal guardian may exercise the rights described above on behalf of the child. In case we receive a request from a child’s parent and/or legal guardian, we will both analyze and reply to it within the legal terms granted by the MCDPA.

How Secure Is Your Personal Information?

We design our systems with your security and privacy in mind. We are firmly committed to the security of your Personal Information. That’s why we implement administrative, technical, and physical data security practices to protect the confidentiality, integrity, and accessibility of your Personal Information. These measures are aimed at preventing, detecting, protecting against, or responding to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, or any illegal activity, preserving the integrity or security of systems, or investigating, reporting, or prosecuting those responsible for any of these actions.

In case of a security breach, we will notify you without undue delay, according to applicable state regulations.