privacy notice
California
privacy NOTICE
Effective Date: April 21, 2026
Last Updated on: April 21, 2026
This California Privacy Notice describes how Born on a Saturday LLC, a Pennsylvania limited liability company (“Company,” “we,” or “us”) collects and processes personal information about our consumers who reside in California. The California Consumer Privacy Act (“CCPA”) requires us to provide our California consumers with a privacy policy that contains a comprehensive description of our online and offline practices regarding our collection, use, sale, sharing, and retention of their personal information, along with a description of the rights they have regarding their personal information. Any terms defined in the CCPA have the same meaning when used in this policy.
This Privacy Policy does not apply to our collection and use of personal information from residents outside of California. Consumers residing in other locations should see our general privacy policy.
Personal Information Collected
We collect and use information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). Personal information does not include:
- Publicly available information, including from government records, through widely distributed media, or that the consumer made publicly available without restricting it to a specific audience.
- Lawfully obtained, truthful information that is a matter of public concern.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- Health or medical information covered by the Health Insurance Portability and Accountability Act (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data; or
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act.
The chart below identifies the categories of personal information we collected from our consumers within the last 12 months and the expected retention period.
CATEGORY
A. Identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”).
C. Protected classification characteristics under California or federal law (“Protected Classes”).
D. Commercial information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Inferences drawn from other personal information.
I. Sensitive personal information.
A. Identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”).
C. Protected classification characteristics under California or federal law (“Protected Classes”).
D. Commercial information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Inferences drawn from other personal information.
I. Sensitive personal information.
EXAMPLES
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
A name, signature, Social Security number, physical characteristics or description, photograph, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, membership in professional organizations, professional licenses and certifications, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, reproductive health decision-making, military and veteran status, or genetic information (including familial genetic information).
Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites.
Physical location or movements, such as your zip code, the time and physical location related to use of our internet website or mobile application, or other information about your location or locations you visited.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Further identified in the chart below.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
A name, signature, Social Security number, physical characteristics or description, photograph, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, membership in professional organizations, professional licenses and certifications, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, reproductive health decision-making, military and veteran status, or genetic information (including familial genetic information).
Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites.
Physical location or movements, such as your zip code, the time and physical location related to use of our internet website or mobile application, or other information about your location or locations you visited.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Further identified in the chart below.
RETENTION PERIOD
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
2 years
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
3 years after last client interaction
2 years
CATEGORY
A. Identifiers.
EXAMPLES
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
RETENTION PERIOD
3 years after last client interaction
A. Identifiers.
EXAMPLES
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”).
EXAMPLES
A name, signature, Social Security number, physical characteristics or description, photograph, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, membership in professional organizations, professional licenses and certifications, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
RETENTION PERIOD
3 years after last client interaction
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”).
EXAMPLES
A name, signature, Social Security number, physical characteristics or description, photograph, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, membership in professional organizations, professional licenses and certifications, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
C. Protected classification characteristics under California or federal law (“Protected Classes”).
EXAMPLES
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, reproductive health decision-making, military and veteran status, or genetic information (including familial genetic information).
RETENTION PERIOD
3 years after last client interaction
C. Protected classification characteristics under California or federal law (“Protected Classes”).
EXAMPLES
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, reproductive health decision-making, military and veteran status, or genetic information (including familial genetic information).
RETENTION PERIOD
3 years after last client interaction
CATEGORY
D. Commercial information.
EXAMPLES
Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
RETENTION PERIOD
3 years after last client interaction
D. Commercial information.
EXAMPLES
Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
E. Biometric information.
EXAMPLES
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
RETENTION PERIOD
3 years after last client interaction
E. Biometric information.
EXAMPLES
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
F. Internet or other similar network activity.
EXAMPLES
Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites.
RETENTION PERIOD
3 years after last client interaction
F. Internet or other similar network activity.
EXAMPLES
Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
G. Geolocation data.
EXAMPLES
Physical location or movements, such as your zip code, the time and physical location related to use of our internet website or mobile application, or other information about your location or locations you visited.
RETENTION PERIOD
3 years after last client interaction
G. Geolocation data.
EXAMPLES
Physical location or movements, such as your zip code, the time and physical location related to use of our internet website or mobile application, or other information about your location or locations you visited.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
H. Inferences drawn from other personal information.
EXAMPLES
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
RETENTION PERIOD
3 years after last client interaction
H. Inferences drawn from other personal information.
EXAMPLES
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
RETENTION PERIOD
3 years after last client interaction
CATEGORY
I. Sensitive personal information.
EXAMPLES
Further identified in the chart below.
RETENTION PERIOD
2 years
I. Sensitive personal information.
EXAMPLES
Further identified in the chart below.
RETENTION PERIOD
2 years
Sensitive Personal Information Categories Chart
Sensitive personal information is a subtype of personal information consisting of the specific information categories listed in the chart below. Importantly, the CCPA only treats this information as sensitive personal information when we collect or use it to infer characteristics about a consumer.
The chart below identifies which sensitive personal information categories, if any, we have collected from consumers to infer characteristics about them in the last 12 months.
Sensitive personal information is a subtype of personal information consisting of the specific information categories listed in the chart below. Importantly, the CCPA only treats this information as sensitive personal information when we collect or use it to infer characteristics about a consumer.
The chart below identifies which sensitive personal information categories, if any, we have collected from consumers to infer characteristics about them in the last 12 months.
SENSITIVE PERSONAL INFORMATION CATEGORY COLLECTED TO INFER CHARACTERISTICS
L.1. Government identifiers, such as your Social Security number (SSN), driver’s license, state identification card, or passport number.
L.2. Complete account access credentials, such as usernames, account logins, account numbers, or card numbers combined with required access/security code or password.
L.3. Citizenship or immigration status.
L.4. Health information.
L.5. Children’s personal information (under age 16).
L.1. Government identifiers, such as your Social Security number (SSN), driver’s license, state identification card, or passport number.
L.2. Complete account access credentials, such as usernames, account logins, account numbers, or card numbers combined with required access/security code or password.
L.3. Citizenship or immigration status.
L.4. Health information.
L.5. Children’s personal information (under age 16).
RETENTION PERIOD
2 years
2 years
2 years
2 years
2 years
2 years
2 years
2 years
2 years
2 years
RETENTION PERIOD
2 years
2 years
2 years
2 years
2 years
2 years
2 years
2 years
2 years
2 years
Sources of Personal Information
We obtain the categories of personal information listed above from the following categories of sources:
How We Use Personal Information
Personal Information Collection, Use, and Disclosure Purposes
We may use and disclose the personal information, including sensitive personal information, we collect to advance the Company’s business and commercial purposes, specifically to:
Sensitive Personal Information Use and Disclosure Purposes
We may use or disclose sensitive personal information for the following statutorily approved reasons (Permitted SPI Purposes):
We do not use or disclose sensitive personal information for purposes other than the Permitted SPI Purposes. For more on your right to limit these additional sensitive personal information use purposes, see Your Rights and Choices.
Additional Categories or Other Purposes
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. If required by law, we will also seek your consent before using your personal information for a new or unrelated purpose.
We may collect, process, and disclose aggregated or deidentified consumer information for any purpose, without restriction. When we collect, process, or disclose aggregated or deidentified consumer information, we will maintain and use it in deidentified form and will not to attempt to reidentify the information, except to determine whether our deidentification processes satisfies any applicable legal requirements.
Disclosing, Selling, or Sharing Personal Information
Business Purpose Disclosures
We may disclose the personal information we collect, including sensitive personal information, to service providers and contractors for the business purposes described in the Personal Information Collection, Use, and Disclosure Purposes section and in the table below, such as to support our business functions. For example, we may disclose information from your visits to the Company’s website to a cybersecurity consultant to help secure the website.
We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, prohibit using the disclosed information for any purpose except performing the contract, and meet the CCPA’s other contract requirements for engaging service providers or contractors.
The chart below identifies the personal information categories we disclosed to service providers or contractors for a business purpose over the preceding 12 months and the specific business or commercial purpose for disclosing that information.
Business Purposes Disclosure Recipient Category, Personal Information Category, and Purposes Chart
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you, such as from the forms or other information you provide to the Company.
- Indirectly from you, such as from your interactions with the Company’s websites, mobile applications, social media platforms, reward program participation or customer service programs.
- From our service providers, such as third-party travel suppliers, customer service support providers, data analytics providers, data brokers and advertising networks.
- Other customers, such as from referral programs.
Personal Information Collection, Use, and Disclosure Purposes
We may use and disclose the personal information, including sensitive personal information, we collect to advance the Company’s business and commercial purposes, specifically to:
- Develop, offer, and provide you with our products and services.
- Meet our obligations and enforce our rights arising from any contracts with you, including for billing or collections, or to comply with legal requirements.
- Fulfil the purposes for which you provided your personal information or that were described to you at collection, and as the CCPA otherwise permits.
- Improve our products or services, marketing, or customer relationships and experiences.
- Notify you about changes to our products or services.
- Administer our systems and conduct internal operations, including for troubleshooting, data analysis, testing, research, statistical, and survey purposes.
- Enable your participation in our websites’ or mobile apps’ interactive, social media, or other similar features.
- Protect our Company, employees, or operations.
- Measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you.
- Make suggestions and recommendations to you and other consumers about our goods or services that may interest you or them.
- Manage your consumer relationship with us, including for:
- Online account creation, maintenance, and security; and
- Reaching you, when needed, about your account.
- Perform data analytics and benchmarking.
- Administer and maintain the Company’s systems and operations, including for safety purposes.
- Engage in corporate transactions requiring review of consumer records, such as for evaluating potential Company mergers and acquisitions.
- Comply with all applicable laws and regulations.
- Exercise or defend the legal rights of the Company and its employees, affiliates, customers, contractors, and agents.
- Respond to law enforcement requests and as required by applicable law or court order.
We may use or disclose sensitive personal information for the following statutorily approved reasons (Permitted SPI Purposes):
- Performing actions that are necessary for our consumer relationship and that an average consumer in a relationship with us would reasonably expect.
- Preventing, detecting, and investigating security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information.
- Defending against and prosecuting those responsible for malicious, deceptive, fraudulent, or illegal actions directed at the Company.
- Ensuring physical safety.
- Short-term, transient use, such as non-personalized advertising shown as part of your current interactions with us, where we do not:
- Disclose the sensitive personal information to another third party; or
- Use it to build a profile about you or otherwise alter your experience outside your current interaction with the Company.
- Services performed for the Company, including maintaining or servicing accounts, processing or fulfilling transactions, verifying consumer information, processing payments, or providing financing, analytic services, storage, or similar services for the Company.
- Activities required to:
- Verify or maintain the quality or safety of a product, service, or device that we own, manufacture, had manufactured, or control; or
- Improve, upgrade, or enhance the service or device that we own, manufacture, had manufactured, or controlled.
- Collecting or processing sensitive personal information that we do not use for the purpose of inferring characteristics about a consumer.
Additional Categories or Other Purposes
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. If required by law, we will also seek your consent before using your personal information for a new or unrelated purpose.
We may collect, process, and disclose aggregated or deidentified consumer information for any purpose, without restriction. When we collect, process, or disclose aggregated or deidentified consumer information, we will maintain and use it in deidentified form and will not to attempt to reidentify the information, except to determine whether our deidentification processes satisfies any applicable legal requirements.
Disclosing, Selling, or Sharing Personal Information
Business Purpose Disclosures
We may disclose the personal information we collect, including sensitive personal information, to service providers and contractors for the business purposes described in the Personal Information Collection, Use, and Disclosure Purposes section and in the table below, such as to support our business functions. For example, we may disclose information from your visits to the Company’s website to a cybersecurity consultant to help secure the website.
We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, prohibit using the disclosed information for any purpose except performing the contract, and meet the CCPA’s other contract requirements for engaging service providers or contractors.
The chart below identifies the personal information categories we disclosed to service providers or contractors for a business purpose over the preceding 12 months and the specific business or commercial purpose for disclosing that information.
Business Purposes Disclosure Recipient Category, Personal Information Category, and Purposes Chart
CATEGORY OF BUSINESS PURPOSE DISCLOSURE RECIPIENTS
Customer Service Support Providers
Advertising networks
Customer Service Support Providers
Advertising networks
PERSONAL INFORMATION CATEGORIES DISCLOSED
A. Identifiers.
B. California Customer Records.
D. Commercial Information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Inferences.
A. Identifiers.
B. California Customer Records.
C. Protected Classes.
D. Commercial information.
E. Biometric information.
F. Internet or Network Activity.
G. Geolocation data.
H. Inferences.
A. Identifiers.
B. California Customer Records.
D. Commercial Information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Inferences.
A. Identifiers.
B. California Customer Records.
C. Protected Classes.
D. Commercial information.
E. Biometric information.
F. Internet or Network Activity.
G. Geolocation data.
H. Inferences.
BUSINESS PURPOSE DISCLOSURES
To support customers with using our products and services, including online account management and troubleshooting.
To deliver location-based advertising.
To support customers with using our products and services, including online account management and troubleshooting.
To deliver location-based advertising.
SENSITIVE PERSONAL INFORMATION CATEGORIES DISCLOSED
L.1. Government identifiers.
L.2. Complete account access credentials.
L.1. Government identifiers.
L.3. Citizenship or immigration status.
L.1. Government identifiers.
L.2. Complete account access credentials.
L.1. Government identifiers.
L.3. Citizenship or immigration status.
CATEGORY OF BUSINESS PURPOSE DISCLOSURE RECIPIENTS
Customer Service Support Providers
PERSONAL INFORMATION CATEGORIES DISCLOSED
A. Identifiers.
B. California Customer Records.
D. Commercial Information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Inferences.
SENSITIVE PERSONAL INFORMATION CATEGORIES DISCLOSED
L.1. Government identifiers.
L.2. Complete account access credentials.
BUSINESS PURPOSE DISCLOSURES
To support customers with using our products and services, including online account management and troubleshooting.
Customer Service Support Providers
PERSONAL INFORMATION CATEGORIES DISCLOSED
A. Identifiers.
B. California Customer Records.
D. Commercial Information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
H. Inferences.
SENSITIVE PERSONAL INFORMATION CATEGORIES DISCLOSED
L.1. Government identifiers.
L.2. Complete account access credentials.
BUSINESS PURPOSE DISCLOSURES
To support customers with using our products and services, including online account management and troubleshooting.
CATEGORY OF BUSINESS PURPOSE DISCLOSURE RECIPIENTS
Advertising networks
PERSONAL INFORMATION CATEGORIES DISCLOSED
A. Identifiers.
B. California Customer Records.
C. Protected Classes.
D. Commercial information.
E. Biometric information.
F. Internet or Network Activity.
G. Geolocation data.
H. Inferences.
SENSITIVE PERSONAL INFORMATION CATEGORIES DISCLOSED
L.1. Government identifiers.
L.3. Citizenship or immigration status.
BUSINESS PURPOSE DISCLOSURES
To deliver location-based advertising.
Advertising networks
PERSONAL INFORMATION CATEGORIES DISCLOSED
A. Identifiers.
B. California Customer Records.
C. Protected Classes.
D. Commercial information.
E. Biometric information.
F. Internet or Network Activity.
G. Geolocation data.
H. Inferences.
SENSITIVE PERSONAL INFORMATION CATEGORIES DISCLOSED
L.1. Government identifiers.
L.3. Citizenship or immigration status.
BUSINESS PURPOSE DISCLOSURES
To deliver location-based advertising.
Selling or Sharing Personal Information
We do not sell your personal information, including sensitive personal information, to third parties and have not sold it in the preceding 12 months. We do not share your personal information with third parties for cross-context behavioral advertising purposes and have not shared your personal information in the preceding 12 months.
Your Rights and Choices
If you are a California resident, the CCPA grants you the following rights regarding your personal information:
Right to Know and Data Portability Requests
You have the right to request that we disclose certain information to you about our collection and use of your personal information (the “right to know”), including the specific pieces of personal information we have collected about you (a “data portability request”). You may exercise your right to know twice in any 12-month period. Once we receive your request and confirm your identity (see How to Exercise Your Rights), we will disclose to you:
· The categories of:
For more on exercising this right, see Exercising the Rights to Know, Delete, or Correct.
Right to Delete and Right to Correct
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions and limitations (the “right to delete”). Once we receive your request and confirm your identity, we will delete your personal information from our systems unless an exception allows us to retain it. We will also notify our service providers, contractors, and other recipients to take appropriate action.
You also have the right to request correction of personal information we maintain about you that you believe is inaccurate (the “right to correct”). We may require you to provide documentation, if needed, to confirm your identity and support your claim that the information is inaccurate. Unless an exception applies, we will correct personal information that our review determines is inaccurate and notify our service providers, contractors, and other recipients to take appropriate action.
For more on exercising these rights, see Exercising the Rights to Know, Delete, or Correct.
Right to Limit Sensitive Personal Information Use and Disclosure to Permitted SPI Purposes
You have a right to ask businesses that use or disclose your sensitive personal information to limit those actions to just the CCPA’s Permitted SPI Purposes (the “right to limit”). Once we receive your valid request, we will limit the use and disclosure of your sensitive personal information to the Permitted SPI Purposes. For more on exercising this right, see Exercising the Right to Limit or Opt-Out.
For more on the Permitted SPI Purposes, see Sensitive Personal Information Use and Disclosure Purposes.
Personal Information Sales or Sharing Opt-Out and Opt-In Rights
You have the right to request that businesses stop sharing your personal information at any time (the “right to opt-out”), including through a user-enabled opt-out preference signal. Similarly, the CCPA prohibits businesses from selling or sharing the personal information of consumers it actually knows are under 16 years old without first obtaining consent from consumers who are between 13 and 15 years old or the consumer’s parent or guardian for consumers under age 13 (the “right to opt-in”).
As we do not sell or share consumers’ personal data, we do not currently provide these consumer rights.
ADMT Rights
When a business uses automated decision-making technology (ADMT) to make significant decisions about you, you may have rights to:
ADMTs are technologies that process personal information and use computation to execute a decision and either replace or substantially replace human decision-making, resulting in decisions made without human involvement. Decisions are significant when they result in the provision or denial of financial or lending services, housing, education enrollment or opportunities, employment or independent contracting opportunities or compensation, or healthcare services. Advertising is not a significant decision.
We do not currently use ADMT to make significant decisions about consumers, so we do not provide ADMT access, opt-out, or appeal rights.
Right to Non-Discrimination
You have the right not to be discriminated or retaliated against for exercising any of your privacy rights under the CCPA.
How to Exercise Your Rights
Exercising the Rights to Know, Delete, or Correct
To exercise the right to know (including data portability), delete, or correct described above, please submit a verifiable request to us by either:
Please describe your request with sufficient detail so we can properly understand, evaluate, and respond to it. You or your authorized agent may only submit a request to know, including for data portability, twice in a 12-month period.
Exercising the Right to Limit or Opt-Out
You can submit your request to limit or opt-out through:
You can also submit your request to opt-out of personal information sales and sharing through an opt-out preference signal.
Verification Process and Authorized Agents
Only you, or someone legally authorized to act on your behalf, may make a request to know, delete, or correct related to your personal information. If your minor child is our consumer, you may also make a verifiable request on their behalf. To designate an authorized agent, contact privacy@bornonasaturday.com. We may request specific information from you or your authorized representative to confirm your or their identity before we can process your right to know, delete, or correct your personal information.
We cannot respond to your request to know, delete, or correct if we cannot verify your identity or authority to make the request and confirm the personal information relating to you. We will only use personal information provided in the request to verify the requestor’s identity or authority to make the request.
For requests to limit or opt-out, we ask for the information necessary to complete the request, which may include, for example, the consumer’s name, email address, or account username.
Responding to Your Requests to Know, Delete, or Correct
We will confirm receipt of your request within ten business days. If you do not receive confirmation within the ten-day timeframe, please contact privacy@bornonasaturday.com.
We endeavor to substantively respond to a verifiable request within 45 days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response to your verified email address. Our substantive response will tell you whether or not we have complied with your request. If we cannot comply with your request in whole or in part, we will explain the reason, subject to any legal or regulatory restrictions. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, deleted, or made your personal information anonymous in compliance with our record retention policies and obligations.
Any disclosures we provide will cover information for the 12-month period preceding the request’s receipt date. We will consider requests to provide longer disclosure periods that do not extend past January 1, 2022, unless providing the longer timeframe would be impossible or involves disproportionate effort.
For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Response and Timing on Rights to Limit or Opt-Out
In response to your request to limit or opt-out, we will process your request, as soon as feasibly possible, but no later than 15 business days from the date we receive the request. We will only use personal information provided from your request to comply with the request.
We will send a confirmation email to the email address associated with your request (or the email address you provide when submitting your request) stating that your opt-out has been processed and describing any changes made to how we handle your personal information.
Once you make a request to limit or opt-out, we will wait at least 12 months before asking you to reauthorize the use or disclosure of your sensitive personal information for purposes other than the Permitted SPI Purposes. However, you may change your mind and opt back in at any time by contacting us at privacy@bornonasaturday.com.
How We Protect Your Personal Data
We use commercially reasonable administrative, physical, and technical measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, email, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us through these communications channels. Any transmission of personal data is at your own risk.
The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access.
Privacy Policy Changes
We reserve the right to update this Privacy Policy at any time. If we make any material changes to this Privacy Policy, we will update the policy’s effective date and post the updated policy here.
Contact Information
If you have any questions or comments about this policy, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Email: privacy@bornonasaturday.com
If you need to access this Privacy Policy in an alternative format due to a disability, please contact privacy@bornonasaturday.com.
We do not sell your personal information, including sensitive personal information, to third parties and have not sold it in the preceding 12 months. We do not share your personal information with third parties for cross-context behavioral advertising purposes and have not shared your personal information in the preceding 12 months.
Your Rights and Choices
If you are a California resident, the CCPA grants you the following rights regarding your personal information:
Right to Know and Data Portability Requests
You have the right to request that we disclose certain information to you about our collection and use of your personal information (the “right to know”), including the specific pieces of personal information we have collected about you (a “data portability request”). You may exercise your right to know twice in any 12-month period. Once we receive your request and confirm your identity (see How to Exercise Your Rights), we will disclose to you:
· The categories of:
- Personal information we collected about you; and
- Sources from which we collected your personal information.
- The business or commercial purpose for collecting your personal information and, if applicable, selling or sharing your personal information.
- If applicable, the categories of persons, including third parties, to whom we disclosed your personal information, including separate disclosures identifying the categories of your personal information that we:
- Disclosed for a business purpose to each category of persons; and
- Sold or shared to each category of third parties.
- When your right to know submission includes a data portability request, a copy of your personal information, subject to any permitted redactions.
Right to Delete and Right to Correct
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions and limitations (the “right to delete”). Once we receive your request and confirm your identity, we will delete your personal information from our systems unless an exception allows us to retain it. We will also notify our service providers, contractors, and other recipients to take appropriate action.
You also have the right to request correction of personal information we maintain about you that you believe is inaccurate (the “right to correct”). We may require you to provide documentation, if needed, to confirm your identity and support your claim that the information is inaccurate. Unless an exception applies, we will correct personal information that our review determines is inaccurate and notify our service providers, contractors, and other recipients to take appropriate action.
For more on exercising these rights, see Exercising the Rights to Know, Delete, or Correct.
Right to Limit Sensitive Personal Information Use and Disclosure to Permitted SPI Purposes
You have a right to ask businesses that use or disclose your sensitive personal information to limit those actions to just the CCPA’s Permitted SPI Purposes (the “right to limit”). Once we receive your valid request, we will limit the use and disclosure of your sensitive personal information to the Permitted SPI Purposes. For more on exercising this right, see Exercising the Right to Limit or Opt-Out.
For more on the Permitted SPI Purposes, see Sensitive Personal Information Use and Disclosure Purposes.
Personal Information Sales or Sharing Opt-Out and Opt-In Rights
You have the right to request that businesses stop sharing your personal information at any time (the “right to opt-out”), including through a user-enabled opt-out preference signal. Similarly, the CCPA prohibits businesses from selling or sharing the personal information of consumers it actually knows are under 16 years old without first obtaining consent from consumers who are between 13 and 15 years old or the consumer’s parent or guardian for consumers under age 13 (the “right to opt-in”).
As we do not sell or share consumers’ personal data, we do not currently provide these consumer rights.
ADMT Rights
When a business uses automated decision-making technology (ADMT) to make significant decisions about you, you may have rights to:
- Obtain certain information about how the business uses ADMT, that is specific to you (the “ADMT access right”).
- Opt-out of the ADMT use (the “ADMT opt-out right”) unless the business provides you with a method to appeal the decision to a human reviewer with the authority to overturn the decision (the “ADMT appeal right”) or another exception applies.
We do not currently use ADMT to make significant decisions about consumers, so we do not provide ADMT access, opt-out, or appeal rights.
Right to Non-Discrimination
You have the right not to be discriminated or retaliated against for exercising any of your privacy rights under the CCPA.
How to Exercise Your Rights
Exercising the Rights to Know, Delete, or Correct
To exercise the right to know (including data portability), delete, or correct described above, please submit a verifiable request to us by either:
- Emailing us at privacy@bornonasaturday.com.
- Visiting www.bornonasaturday.com
Exercising the Right to Limit or Opt-Out
You can submit your request to limit or opt-out through:
- Emailing privacy@bornonasaturday.com.
Verification Process and Authorized Agents
Only you, or someone legally authorized to act on your behalf, may make a request to know, delete, or correct related to your personal information. If your minor child is our consumer, you may also make a verifiable request on their behalf. To designate an authorized agent, contact privacy@bornonasaturday.com. We may request specific information from you or your authorized representative to confirm your or their identity before we can process your right to know, delete, or correct your personal information.
We cannot respond to your request to know, delete, or correct if we cannot verify your identity or authority to make the request and confirm the personal information relating to you. We will only use personal information provided in the request to verify the requestor’s identity or authority to make the request.
For requests to limit or opt-out, we ask for the information necessary to complete the request, which may include, for example, the consumer’s name, email address, or account username.
Responding to Your Requests to Know, Delete, or Correct
We will confirm receipt of your request within ten business days. If you do not receive confirmation within the ten-day timeframe, please contact privacy@bornonasaturday.com.
We endeavor to substantively respond to a verifiable request within 45 days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response to your verified email address. Our substantive response will tell you whether or not we have complied with your request. If we cannot comply with your request in whole or in part, we will explain the reason, subject to any legal or regulatory restrictions. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, deleted, or made your personal information anonymous in compliance with our record retention policies and obligations.
Any disclosures we provide will cover information for the 12-month period preceding the request’s receipt date. We will consider requests to provide longer disclosure periods that do not extend past January 1, 2022, unless providing the longer timeframe would be impossible or involves disproportionate effort.
For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Response and Timing on Rights to Limit or Opt-Out
In response to your request to limit or opt-out, we will process your request, as soon as feasibly possible, but no later than 15 business days from the date we receive the request. We will only use personal information provided from your request to comply with the request.
We will send a confirmation email to the email address associated with your request (or the email address you provide when submitting your request) stating that your opt-out has been processed and describing any changes made to how we handle your personal information.
Once you make a request to limit or opt-out, we will wait at least 12 months before asking you to reauthorize the use or disclosure of your sensitive personal information for purposes other than the Permitted SPI Purposes. However, you may change your mind and opt back in at any time by contacting us at privacy@bornonasaturday.com.
How We Protect Your Personal Data
We use commercially reasonable administrative, physical, and technical measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, email, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us through these communications channels. Any transmission of personal data is at your own risk.
The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access.
Privacy Policy Changes
We reserve the right to update this Privacy Policy at any time. If we make any material changes to this Privacy Policy, we will update the policy’s effective date and post the updated policy here.
Contact Information
If you have any questions or comments about this policy, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Email: privacy@bornonasaturday.com
If you need to access this Privacy Policy in an alternative format due to a disability, please contact privacy@bornonasaturday.com.
Saturday
see you
WEBSITE DESIGN BY STUDIO WEST DESIGN CO.
QUICK LINKS
PRIVACY POLICY
TERMS + CONDITIONS
WEBSITE DESIGN BY STUDIO WEST DESIGN CO.
SOCIALS
INSTAGRAM
SUBSTACK
PINTEREST
INQUIRE
hello@bornonasaturday.com
