BDI Privacy Policy

Privacy Commitment

Business Data, Inc. (“BDI”) is committed to privacy and we appreciate the confidence that you place in our company and the responsibilities it demands. Our objective will always remain the same -- to serve your needs with integrity throughout every interaction or service we may perform for you or your organization.

At the center of this commitment is our Privacy Policy describing the safeguards in place to protect the privacy of individuals that visit our website and use our services. This Privacy Policy describes our practices in connection with how we collect, store, use, and protect information about or relating to you.

About BDI

BDI is a national business-to-business service provider specializing in the creation and delivery of documents and marketing communications for Web Channels, Traditional Mail and Archive Solutions. Established in 1984, BDI serves a wide range of financial service institutions, health care companies, municipalities and other commercial organizations. Our mission is to match solutions to customer needs with an eye on future technology and service requirements. To learn more about BDI, please visit www.businessdatainc.com.

What We Collect and Use

BDI collects personal information from, and therefore this policy applies to:

• Individuals who visit our website; and
• Customers who contract or register to use BDI’s products, services and solutions (“Services”). We may collect information directly from you, your institution, or your authorized agent in the course of providing Services to you.
• • BDI has not and will not sell, share, or trade your personal information to third parties for any purpose, including for advertising, displaying ads, or other commercial marketing purposes.

Personal information refers to the following types of information we may obtain in the course of providing Services, including:

Website

BDI will collect no personal information about you when you visit our website unless you choose to provide that information to us. If you do nothing during your visit but browse through the website, read pages, or download information, we will gather and store certain information about your visit automatically. This information does not identify you personally. We may automatically collect and store the following information from your activity on our website www.businessdatainc.com and your use of applications on your desktop or mobile browsers:

• IP address, device and advertising identifiers;
• Browser type;
• Operating system;
• Internet Service Provider (“ISP”);
• Pages that you visit before and after visiting our website;
• The date and time of your visit
• Information about the links you click and pages you view on our website; and
• other standard server log information

We use this information to help make our site more useful to visitors -- to learn about the number of visitors to our site and the types of technology our visitors use.

If you choose to provide us with personal information -- as in an email to a website manager or someone else, or by filling out a form with your personal information and submitting it to us through our website -- we use that information to respond to your message and to help us get you the information you have requested. We do not collect personal information for any purpose other than to respond to you.

Cookies

We sometimes collect anonymous information from visits to our websites or use of our systems through various technologies such as cookies and clickstream data. A cookie is a small text file containing a user ID that is automatically placed on a computer or other device when visiting a website. Cookies record the pages visited and the actions taken on a website, but do not contain any personal information. Clickstream data is used to track movement within our domain and measure customer activity. From time to time, BDI may use this anonymous information to:

• Analyze trends and statistics to help provide better customer service;
• Personalize users’ experience and to allow us to deliver the type of content and service offerings in which you are most interested;
• Improve our website and systems in order to better serve you;
• Allow us to better service you in responding to customer service requests;
• Administer contests, promotions, surveys or other features; or
• Send periodic emails regarding BDI systems, products and services.

Most web browsers allow some control of cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit allaboutcookies.org.

Google Analytics

We use Google Analytics, which uses cookies to help us to gauge the number of people that visit businessdatainc.com and to analyze how they use it. The information generated by the cookies about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties when required to do so by law, or where such third parties process the information on Google's behalf. Google undertakes not to associate your IP address with any other data held by Google. To opt out of being tracked by Google Analytics across all websites, please visit tools.google.com.

Surveys

From time to time, our site may request information from users via a survey. Participation in these surveys is completely voluntary and the user therefore has a choice whether or not to disclose this information. Information requested may include contact information (such as name and address), and demographic information (such as zip code, age level, etc.). Survey information will be used only for purposes outlined in the survey itself.

Log Files

We use IP addresses to enforce ACLs, analyze trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This website may contain links to other sites. Please be aware that BDI is not responsible for the privacy practices of such sites. We encourage our users to be aware when they leave our site, and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies solely to information collected by this website.

Maintaining Safeguards

BDI uses a variety of safeguards, controls, and procedures to prevent unauthorized access to or use of personal information including, but not limited to:

• Maintaining administrative, technical, and physical safeguards to protect your personal information;
• Training personnel and restricting information access to persons with a need to know for providing the Services; and
• Imposing contractual commitments and procedures requiring service providers and business associates, if any, to adhere to privacy and security policies consistent with our own.

All reasonable measures are taken to ensure that your personal information is kept secure and we remain alert and prepared to adapt these measures to address evolving threats and vulnerabilities.

Limiting Disclosure

Personal information is retained and disclosed as necessary to serve our customers and provide Services, and otherwise only in accordance with applicable law. Personal information about our customers or their customers is not used or disclosed to any third parties except:

• As required in rendering the services you request;
• As required by law (e.g., subpoena or investigation);
• As may be appropriate to protect against fraud or illegal activity or as otherwise permitted by law; and
• If you elect to disclose, or specifically direct us to disclose any personal information to a third party.

As provided above, BDI will not sell, share, or trade your personal information to outside third parties.

Information Security and Quality

We safeguard the quality and integrity of your personal information by implementing a broad range of technical and organizational security measures, such as penetration and vulnerability testing, malware scanning, and intrusion detection. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.

In addition, all personal information you supply is encrypted at rest and transmitted via the latest TLS technology. When users submit personal information via the website, such information is protected online and offline.

Internet Security

Below is a high-level diagram of a BDI Web application.

This diagram reveals that BDI's Web application has security safeguards at several strategic locations.

• Up to 256-bit TLS is used to encrypt any sensitive information transmitted to or received over the Internet. TLS makes spying a tremendously difficult task and alleviates identity spoofing, information disclosure, and data tampering.
• Data at Rest Encryption technology (AES-256 encryption standard) is used on all data storage. BDI utilizes technology that is FIPS certified and satisfies regulatory requirements for government agencies, banking, financial, healthcare and other G2000 enterprise customers who consider data security products and solutions.
• BDI utilizes firewalls to control access and protect sensitive information. Intrusion detection and prevention technology monitors all incoming and outgoing traffic and filters out any abnormal data requests. Internal network segmentation and application controls protect database servers from unauthorized access from within BDI's private network.
• Highly-sensitive data, such as IDs and passwords, are encrypted using a strong cryptographic routine before being stored in the database.

Regulations

To the best of BDI’s knowledge, this Privacy Policy and BDI’s Services comply with all applicable federal, state and local laws, statutes, rules, regulations and ordinances pertaining to data protection including, but not limited to, the Gramm-Leach-Bliley (GLB) Act of 1999 (15 U.S.C. §§ 6801-6809), including the Financial Privacy Rule (Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. §§ 6801–6809), the Safeguards Rule (Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. §§ 6801-6809), and the Pretexting Protection (Subtitle B: Fraudulent Access to Financial Information, codified at 15 U.S.C. §§ 6821–6827); the Fair Credit Reporting Act (FCRA) of 1996 as amended by the Fair and Accurate Credit Transactions Act of 2003 (15 U.S.C §1681); the General Data Protection Regulation (EU) 2016/679 (GDPR); The California Consumer Privacy Act (CCPA) of 2018 (AB375, Title 1.81.5), as amended by The California Privacy Rights Act of 2020 (CPRA); and the California Online Privacy Protect Act (CalOPPA). BDI’s compliance with privacy laws and regulations are audited regularly by BDI’s General Counsel and Data Protection Officer, its Security Council, and BDI consumers including their independent counsel and senior administrative staffs. Independent auditors further examine BDI federal and state regulatory compliance on an annual basis. Most updates are obtained through regulatory agency alerts, news feeds, legal reviews and security blogs and BDI regularly provides its customers with published announcements of new and upcoming regulatory changes with the goal of generating early awareness and dialogue.

California Consumer Privacy Policy

For California residents, this Privacy Policy is adopted in accordance with the CCPA and CalOPPA, and any terms defined in the CCPA and CalOPPA have the same meaning when used in this Privacy Policy.

The CCPA provides consumers with specific rights regarding their personal information. You have the right to request that a business subject to the CCPA disclose certain information to you about its collection and use of your personal information over the past 12 months. In addition, you have the right to ask such business to delete personal information collected from you, subject to certain exceptions. If the business sells personal information, you have a right to opt-out of that sale. Finally, a business cannot discriminate against you for exercising a CCPA right.

When offering the Services to our customers, BDI acts as a “service provider” under the CCPA. Accordingly, we only receive and collect consumer personal information as required to provide the Services on behalf of our customers. Individuals should direct any requests for access or deletion of their personal information under the CCPA to the organization with whom they have a direct relationship. BDI customers can submit CCPA related requests through ClientConnect.

For additional information on your rights and choices under the CCPA, or how to exercise those rights, please visit www.businessdatainc.com/ccpa.

Opting-Out/Correction/Updating Personal Information

Users who no longer wish to receive updates, participate in surveys, or have contact via email with BDI may opt-out of receiving these communications. Moreover, if your personal information changes, we will endeavor to provide a way to correct or update such personal information provided to us. This can be done by sending an email to: helpdesk@businessdatainc.com.

Do Not Track (“DNT”) Signals

Currently, standards regarding the DNT signals and appropriate responses are undefined. Accordingly, we do not respond to DNT signals.

Children’s Online Information Privacy

Our website is not intended for children under the age of 13. We do not knowingly collect, maintain, or use personally identifiable information from our website about children under the age of 13 without parental consent. For more information about the Children’s Online Privacy Protection Act (COPPA), visit the Federal Trade Commission website: www.ftc.gov.

Linking to Third-Party Websites

We may provide links to websites owned or operated by other companies ("third-party websites"). When you use a link online to visit a third-party website, you will be subject to that website’s privacy and security practices, which may differ from ours. You should familiarize yourself with the privacy policy, terms of use and security practices of the linked third-party website before providing any information on that website. We are not responsible for the third-party website’s use, collection, sale or sharing of your personal information.

Security

We use reasonable physical, electronic, and procedural safeguards that comply with federal standards to protect and limit access to personal information. Please note that information you send to us electronically may not be secure when transmitted. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.

Policy Updates

This Privacy Policy is current as of the date first set forth above; however, we reserve the right to make changes from time to time consistent with applicable privacy laws and principles. If we make changes, we will notify you by revising the date and, in some cases, we may provide you with additional notice, such as an email if you have an account linked to a valid email address, or another manner through the Services that we believe is reasonably likely to reach you.

Contact Us

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights, please do not hesitate to contact us at:

Attn: Privacy Policy
Business Data, Inc.
361 N. Oak St.
Inglewood, CA 90302
helpdesk@businessdatainc.com
Telephone: (310) 412-1290

We will acknowledge your inquiry and reply as soon as possible.

Thank you,

Business Data, Inc.