RayCDP Privacy Notice

RayCDP Privacy Notice

Last Modified: February 26, 2023

A. Introduction

1. Welcome

Welcome to the RayCDP Privacy Notice (“Privacy Notice”). RayCDP, Inc (“we”, “our,” “us”, “RayCDP”), provides a variety of marketing data, consumer analytics, and marketing technologies Software as a Service (“Services”). More information about our services can be found on our website.

We respect consumer privacy and believe that data protection is essential. A personalized experience, online and offline, can provide significant benefits to consumers if done properly. In accordance with these beliefs, RayCDP strives to create results for advertisers in innovative ways, without compromising consumers’ privacy. This Privacy Notice is created and maintained as part of our commitment to provide consumers with transparency and choice on how we process their personal data. We have taken steps to describe our data processing activities as clearly as possible and encourage you to read the entire Privacy Notice.

2. Scope of this Privacy Notice

This Privacy Notice describes how RayCDP collects, uses, discloses, and protects any personal data we process in connection with our Services. This Privacy Notice also explains the measures we take to safeguard your information and describes how you may contact us regarding our privacy practices. When we say “you” we are referring to individuals whose personal data may be used in our Services, which may include the person reading this Privacy Notice.

This Privacy Notice applies only to RayCDP’s processing of information about you in connection with its Services described below, as well as any other related services that refer or link to this Privacy Notice.

This Privacy Notice does not apply to the following activities:

• Employment or Contractors. This Privacy Notice does not cover our processing of personal data in connection with employment by RayCDP or contractors that do business with RayCDP. If you are an employee or former employee of RayCDP, please contact RayCDP, Inc. directly for more information.
• RayCDP’s Own Websites. If you are looking for information on how RayCDP collects and uses personal data in connection with visitors to our website (RayCDP.com), which includes our clients, prospective clients, business-to-business contacts, please click here to view our Website Privacy Policy.
• RayCDP Services Provided as a Processor (or Service Provider): Information collected, provided, and processed by RayCDP Clients. Please note that this Privacy Notice does not apply to services provided by RayCDP while acting strictly on behalf of a client as a processor (or service provider). If you have any questions about a particular company’s processing of your personal data, please contact that company directly. More information about this exception is detailed in section D below.

B. What personal data do we collect and process?

To provide our Services, we must collect, use and disclose some information about you. RayCDP collects personal data through a variety of means, through third party data partners, and from public sources.

The categories of personal data we process, and the sources we obtain the personal data from, is provided in more detail below:

1. Categories of personal data processed

• Contact information and other identifiers: e.g., name, email address, telephone number, IP address.
• Commercial or transactions information:e.g., records of personal property, goods or services purchased or considered, or other purchasing or consuming histories or tendencies.
• Demographic and statistical information: e.g., marital status or gender.
• Inferences:e.g., data attributes drawn or created from any of the information identified in this section reflecting the consumer’s preferences, characteristics, predispositions, behavior, attitudes, abilities, and aptitudes.
• Internet or other electronic network activity information:e.g., online interests, such as information about categories of consumer interests derived from online usage; and information on a consumer’s interaction with a website, application, or advertisement.
• Professional or employment-related information:e.g., business name, job title, or job history.
• Political and philosophical beliefs
• Racial/Ethnic Data

We do not collect mobile ad identifiers, device ID, browsing history, search history, sensitive personal data (such as social security numbers or driver’s license numbers), health data, precise geolocation (your location derived from a device within an area of 1,850 feet).

2. Sources of personal data processed

The categories of information identified above has been collected via various methods and sources:

Indirectly from you: We do not collect information using automated technologies, such as cookies, log files, pixels, tags, or other similar technologies.  We do require all such client websites provide you with appropriate notice of such collection.

Directly from You: We may also receive personal data from directly from you, such as when you inquire about our services.

Inferred from other data: We create new personal data attributes or derive a probability percentage (propensity) that a data attribute may be linked to you by using other personal data that we collect using propensity analysis and modeling.

Third Parties: We additionally collect information from you from various other companies. Such third parties can be categorized as follows:

Advertising Networks	Food & Beverage Companies
Advertising/Marketing Companies	Gift Product Companies
Affiliates not under the RayCDP brand	Health and Wellness Product and Service Companies
Apparel & Accessory Companies	Lifestyle & Interest Product Companies
Automotive Companies	Manufacturing Companies
Business Service/Agencies	Marketing Data Companies
Business to Business Companies	Not for Profit Organizations
Consumer Data Resellers	Operating Systems and Platforms
Consumer Services Companies	Public or Government Entities
Data Analytics Providers	Publishing Product Companies
Educational Institutions & Companies	Technology/Computer Software Companies
Electronics Companies	Travel, Leisure & Entertainment Companies
Financial Services Companies

Ray CDP does not collect information from the following categories: Energy & Utility Companies, Telecommunications, Internet Service Providers, or Social Networks.

C. Purposes of processing personal data

RayCDP collects and uses your personal data for the following purposes:

1. Interest-Based Advertising

This practice of customizing and providing online ads is often called interest-based advertising (“IBA”).  We do not provide third party interest based or personalized advertising across the Internet, including web browsers and mobile applications, in ways such as banner and video ads. At the request of our clients, we do help companies identify audiences for use in IBA across the internet.

Although we are not directly involved in the decision where ads are displayed, some of the online ads you are served may be based on the content of the webpage you’re visiting; others may be based on registration or other information you provide to our clients; and other ads may be customized based on predictions about your interests generated from your visits to websites. 

Some examples of our IBA activities include:

• Helping clients identify and target ads to online audiences based on common demographics and/or disclosed (actual or inferred) interests or preferences (e.g., consumers interested in winter apparel). When we do this, we handle information provided by our Clients (for instance, their own customer files).  

• At the request of our clients, we may work with companies that create “identity” graphs to locate users across various channels, such as connecting identities based on common identifiers supplied by our clients.

2. Data for Marketing & Analytics Purposes

RayCDP collects personal data from the sources identified above and infers personal data to create consumer databases. RayCDP’s consumer databases help companies get a full view of their customers and prospective customers to help them predict future buying behaviors and to help them build brand loyalty. RayCDP’s consumer databases enable marketers to connect with new and existing consumers in both digital and offline channels, such as direct mail and online advertisements. Additionally, RayCDP’s consumer database can be used by companies for analytics purposes to provide insights on trends in the marketplace or business intelligence related to the company’s industry.

Some examples of the use of our data for marketing and analytics services include (which may overlap with IBA activities, above):

• Providing marketing information to our clients, generally regarding their marketing, fundraising, customer service and engagement, and outreach activities.
• Providing information to companies about customers and prospective customers in order for the companies to provide better service, improved offerings, and promotions.
• Assisting in targeting and optimizing direct mail for customers and prospective customers.  We may assist clients’ email campaigns, display, mobile and social media marketing for customers.
• Creating trend reports and business intelligence to be used by companies in the development of new products or financial projections

3. Operating Our Services:

For example:

• Improving, testing, updating, and verifying our own data and data services.
• Developing new services.
• Operating, analyzing, improving, and securing our Services.
• We may aggregate, de-identify and/or anonymize any information collected so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We use Aggregate/De-Identified Information for internal research and analytic purposes.  We do not disclose such data with any other party, including advertisers, promotional partners, and sponsors.

4. Other Internal Purposes:

For example: internal research, internal operations, auditing, detecting security incidents, debugging, short-term and transient use, quality control, and legal compliance.

D. Processing of Personal Data as a Processor

When our clients provide RayCDP with information relating to their customers, prospective customers or other individuals, we use it on behalf of our clients as a processor (or service provider).

Our clients determine how to engage with their customers and thus act as the controller (or business) that determines the purposes and means of handling their customer data. Under these circumstances, consumers are ultimately subject to the privacy policy(ies) of our clients controlling their data, and consumers should read those policy(ies) carefully. We are not responsible for the privacy practices of our clients. Accordingly, this Privacy Notice and the rights acknowledged herein do not apply to personal data that is provided by our clients and that RayCDP handles on behalf of our clients.

While RayCDP strongly encourages its clients to adopt responsible approaches to its marketing practices, RayCDP is not responsible for the data practices of such clients.

E. Disclosure of Personal data

1. Disclosing to Third Parties.

As RayCDP’s formation occurred in 2023, no activity occurred in 2022.  We did not share, sell or disclose personal data for calendar year 2022. With the information we process, as identified above in section B.1., we intend to work with third party companies in the following categories:

Advertising Networks	Food & Beverage Companies
Advertising/Marketing Companies	Gift Product Companies
Affiliates not under the RayCDP brand	Health and Wellness Product and Service Companies
Apparel & Accessory Companies	Internet Service Providers
Automotive Companies	Lifestyle & Interest Product Companies
Business Service/Agencies	Manufacturing Companies
Business to Business Companies	Marketing Data Companies
Communication Services Companies	Not for Profit Organizations
Consumer Data Resellers	Operating Systems and Platforms
Consumer Packaged Goods Companies	Parenting Product Companies
Consumer Services Companies	Public or Government Entities
Data Analytics Providers	Publishing Product Companies
Educational Institutions & Companies	Social Networks
Electronics Companies	Technology/Computer Software Companies
Energy and Utility Companies	Telecommunications Companies
Financial Services Companies	Travel, Leisure & Entertainment Companies

2. Disclosing to Service Providers for a Business Purpose

We may disclose your personal data to our service providers that assist us with our business purposes. Our service providers are to only process your personal data in accordance with our instructions and only for the purpose listed below. The table below shows with whom we disclose your personal data for the specific business purpose(s).

Category of Personal Data	Categories of Service Providers	Business Purpose
Contact information and other identifiers Commercial or transactions information Demographic and statistical information Inferences Professional or employment-related information Political and philosophical beliefs Racial/Ethnic Data	Advertising Networks Advertising/Marketing Companies	Maintaining or servicing accounts Providing analytic services
Contact information and other identifiers Commercial or transactions information Demographic and statistical information Inferences Professional or employment-related information Political and philosophical beliefs Racial/Ethnic Data	Cloud data operations platform Cloud security provider Cloud storage providers	Providing storage on behalf of RayCDP Helping to ensure security and integrity

3. Disclosing for Other Purposes

We also may disclose any of the personal data we process for the following purposes:

Disclosing for Legal Purposes: In addition, we may disclose personal data with other parties in order to: (a) comply with legal process or a regulatory investigation (e.g. regulatory authorities’ investigation, subpoena, or court order); (b) enforce our Terms of Service, this Privacy Notice, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, spam/malware prevention, and similar purposes.

Disclosing In Event of a Corporate Transaction: We may also disclose personal data in the event of a major corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all our assets, or for purposes of due diligence connected with any such transaction.

Disclosing to Service Providers: We may disclose any personal data we collect with our service providers, which may include (for instance) providers involved in tech or customer support, operations, web or data hosting, billing, accounting, security, marketing, data management, validation, enhancement, or hygiene, or otherwise assisting us to provide, develop, maintain, and improve our services.

F. Automated Decision Making and Profiling

To the extent that our software involves automated decision making or profiling when processing your personal data, we take steps to ensure that any automated decision making or profiling practices are fair and not discriminatory. We use automated processes to derive inferences and create audiences for interest based advertising and other marketing purposes.

G. Retention of Personal Data

We keep personal data for as long as is necessary for the purposes described in this Privacy Notice, complying with legal and regulatory obligations, protecting our or other’s interests, and as otherwise permitted or required by law. When personal data is no longer necessary for or compatible with these purposes, it is removed from our systems or de-identified and archived in accordance with our internal retention policies. The criteria used to determine our retention periods include:

• The length of time we provide our services for the client;
• Whether there is a legal obligation to which we are subject.

H. Your Rights and Choices Regarding Your Personal data

You may have privacy rights based on the laws of your jurisdiction of residence, such as the states of California or Virginia or the provinces and country of Canada. This section describes how to exercise those rights and our process for handling those requests. You may also be permitted to designate an agent to make the following requests to exercise your rights where the law allows. We will take steps to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a power of attorney. All requests submitted by an agent must be made by calling us at (000) 000-0000. You may exercise any of the following rights by filling out and submitting a form from our Consumer Choice Portal or by calling (000) 000-0000.

1. Information from our clients

We acknowledge that you may have certain rights in connection with the personal data we process on behalf of our clients. If personal data about you has been processed by us as a processor (or as a service provider) on behalf of our client and you wish to exercise any of the rights described below, please provide the name of our client on whose behalf we processed your personal data. We will refer your request to that client and will support them to the extent required by applicable law in responding to your request.

2. Right to request access to and portability of your personal data

You may request, up to two times each year, access to categories and specific pieces of personal data about you that we collect. To make an access request please visit our Consumer Choice Portal or by calling us at (000) 000-0000. Once we receive your form, our identity verification service provider will confirm your identity with a series of test questions to be verified against the service provider’s data. We will provide your report of categories and specific pieces of Personal Data in a portable format. When we receive and verify your request, we will make best efforts to fulfill your request unless an exception applies.

3. Right to request correction of your personal data

If you believe we hold inaccurate Personal Data about you, you may request that we correct that Personal Data. We will delete your Personal Data upon receipt of your correction request. When we receive and verify your request, we will proceed to delete the data unless an exception applies. To make a correction or deletion request please visit our Consumer Choice Portal or by calling us at (000) 000-0000. Once we receive your form, our identity verification service provider will confirm your identity with a series of test questions to be verified against the service provider’s data.

4. Right to request deletion of your personal data

You may request that we delete any Personal Data that we obtained about you. However, we may retain Personal Data for certain important purposes, as set out by law. When we receive and verify your request to delete your Personal Data, we will proceed to delete the data unless an exception applies. To make a deletion request please visit our Consumer Choice Portal or by calling us at (000) 000-0000. Once we receive your form, our identity verification service provider will confirm your identity with a series of test questions to be verified against the service provider’s data.

5. Right to nondiscrimination.

We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.

6. Right to opt-out of the sale of your personal data.

If you would like to opt out of our use of your personal data for such purposes that are considered a “sale” under privacy laws, you may do so by visiting our Consumer Choice Portal or by calling us at (000) 000-0000. Please note that we do not knowingly sell the personal data of minors under 18 years of age without legally-required affirmative authorization.

Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal data that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of Personal Data for monetary consideration by the business to a third party for the third party to license or sell the Personal Data to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, you can make the opt-out request by visiting our Consumer Choice Portal, calling us at (000) 000-0000, emailing us at privacy@RayCDP.com, or mailing your request to: RayCDP, 939 Hollywood Blvd, Deltona, FL 32725, Attn: Privacy.

7. Right to withdraw your consent (Canadian residents)

If you are a Canadian resident, you request to withdraw your consent to our processing of your Personal Data. To do so, you may select deletion request by visiting the Consumer Choice Portal or by calling us at (000) 000-0000. Please note this may affect our ability to communicate with you and we may retain certain data points if permitted by law.

8. Appeal

Certain residents of the United States have the right to appeal our denial of your privacy rights request. Within 60 days of receiving our denial of your request, you may make an appeal by visiting our Consumer Choice Portal or by calling us at (000) 000-0000.

9. Annual Consumer Requests Reporting

RayCDP formed 2023 From January 1, 2022 to December 31, 2022, we maintained two distinct processes to facilitate requests pursuant to the CCPA from individuals in the United States.

Interest Based Advertising Activities. We facilitated requests made pursuant to our IBA Activities through our prior automated online process as follows:

	Requests to Know	Requests to Delete	Requests to Opt-Out of Sale
Number of requests received	0	0	0
Number of requests complied with in full	0	0	0
Number of requests complied with in part	0	0	0
Number of requests denied due to inability to verify consumer	0	0	0
Mean number of days we took to substantively respond to requests	0 days	0 days	0 days

Data used for Marketing & Analytics. We facilitated requests made pursuant to our Data Services through our Consumer Choice Portal or by calling our number (000) 000-0000 as follows:

	Requests to Know	Requests to Delete	Requests to Opt-Out of Sale
Number of requests received	0	0	0
Number of requests complied with in full	0	0	0
Number of requests complied with in part	0	0	0
Number of requests denied due to inability to verify consumer	0	0	0
Mean number of days we took to substantively respond to requests	0 days	0 day	0 day

10. General Rights Regarding Data Collection

10.1 RayCDP Interest-Based Advertising Opt-Out

RayCDP provides several methods to opt-out from our IBA activities. Visit our Consumer Choice Portal and choosing to opt-out. 

10.2 DAA AdChoices

The Digital Advertising Alliance (DAA) is an organization that works with digital advertising companies to develop and enforce responsible and privacy-friendly online advertising practices, including the development of the AdChoices program. Rather than opting out from RayCDP’s IBA activities directly, as indicated above, you may opt-out by using the DAA’s AdChoices tool. Canadian visitors may opt-out by using the DAAC’s AdChoices tool.

10.3 Do Not Track:

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.

I. Minors

We do not knowingly collect Personal Data (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) from children. If you are a parent or guardian and believe we have collected Personal Data in violation of COPPA, contact us at privacy@RayCDP.com. We will remove the Personal Data in accordance with COPPA.

J. Security and Data Integrity

RayCDP takes steps to help ensure that the data we possess is housed and transmitted securely. This may include various types of physical and electronic security, including firewall protections, encryption, hashing or truncation of data, and access controls to personal data. While neither we nor any platform can guarantee that electronic transmission and storage of data is completely secure, we employ efforts that are designed to ensure that this does not occur.

K. Notification of Changes

From time to time, we may update this Privacy Notice. Any changes to it will become effective when it is posted to our website. You can determine when this Notice was last revised by checking the “Last Modified” legend at the top of this Policy. Please check back periodically to learn of any changes to this Privacy Notice. If any changes to this Privacy Notice have included a material change to how we use or disclose any personal data collected prior the publishing of this Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

If you wish to save this text, please market the entire statement (e.g. with your mouse) and copy-paste by pushing ctrl-c.

L. Further Information

If you have any questions in relation to this Privacy Notice, have any questions regarding your rights and choices, or wish to learn more about RayCDP’s privacy practices, please email us at privacy@RayCDP.com. You may also send additional correspondence to:

RayCDP
939 Hollywood Blvd
Deltona, FL 32725
Attn: Privacy