TELOS PRIVACY NOTICE

Last Updated: June 5, 2023

This Privacy Notice (the “Privacy Notice”) explains how Telos Corporation and its subsidiaries, including Telos Identity Management Solutions, LLC (“Telos,” “we,” “us,” or “our”) collects, uses, shares, and otherwise processes personal data in connection with providing our products and services, as well as our online services, electronic mail and related content, platform, and our websites or other websites owned, operated or controlled by us (collectively, the “Services”).  This Privacy Notice does not address our privacy practices relating to Telos job applicants, employees, and other personnel.  When we use the terms “you” and “your” in this Privacy Notice, we mean the individual accessing, using, or interested in the Services.

Customer Data

Data protection laws sometimes differentiate between “controllers” and “processors” of personal data.  A “controller” determines the purposes and means (or the why and the how) of processing personal data.  A “processor,” which is sometimes referred to as a “service provider,” processes personal data on behalf of a controller subject to contractual restrictions.

As part of our business relationship with our customers, we are often asked to receive, gather, store, analyze, or otherwise process information, which may include personal data, on behalf of our customers.  We refer to this type of information and personal data as “customer data.”  When we process customer data, we generally act as a processor. This means we process customer data on behalf of our customers subject to restrictions set forth in our contracts with them.

This Privacy Notice does not cover or address how we or our customers process customer data in connection with our role as our customers’ processor.  Instead, this Privacy Notice only covers our processing of personal data in our capacity as a controller.  In addition, we are generally not permitted to respond to individual requests relating to customer data.  As a result, we recommend referring to the privacy notice of the business or government organization with which you have a relationship for information on how they engage processors, like us, to process customer data on their behalf.

1. What is Personal Data?

When we use the term “personal data” in this Privacy Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a person or household.  It does not include aggregated or de-identified information that is maintained in a form that is not reasonably capable of being associated with or linked to a person.

1. How We Collect and Use Personal Data

Personal Data Collected from Individuals

The categories of personal data we collect, submitted to us by individuals through the Services, may include:

• Contact information, such as your name, phone number, email address, or mailing address, when you submit a request or communicate with us, such as through the contact forms on our Services.  We use this information to provide you with products or services that you request or in which you express interest, and to communicate with you such as to send email messages.

• Account information, including first and last name, company name, employer, job title, business email address, user ID and password, profile information, affiliations, account balances, payment and purchase history information, and any other information you provide to us.  We use this information to administer your account, provide you with the relevant service and information, communicate with you regarding your account and your use of the Services, and for customer support purposes.

• Inquiry Information, including information provided in custom messages sent through the forms or contact information provided on our Services.

• Demo, Event and Webinar Information, including contact information and any other information you provide to us in connection with a product or service demo, event or webinar.

• Payment Information.  If you sign up for one of our Services requiring payment, we collect the information provided in connection with such payment.  Please note that we typically use third party payment processors to process credit card payments made to us.  If you sign up for one of our Services requiring payment, we collect the information provided in connection with such payment.  For payments handled through the third-party payment processors we use to process credit card payments made to us, any personally identifiable financial information in connection with the payment, such as credit card numbers, will be provided directly by you to our third-party processor.  The payment processor’s use of your personal information is governed by their privacy notice.

• Business Representative Contact Information, including your name, company contact information (e.g., email, phone number, postal address), job title, and any other information you provide.

• Information Collected Through the Use of the Services, including any files, documents, videos, images, data, or information you choose to upload or transmit through your communications with us or your use of the Services (collectively, “User Content”).  For more information on how to withdraw your permission(s), please see the “Your Choices” section below.  User Content and any information contained in the User Content, including personal data you may have included, is collected and stored as part of the Services.  We use the User Content to provide you and our clients with the Services.

• Biometric Information, such as fingerprint and facial recognition data used to identify an individual.

• Testimonial and Feedback Information.  We may also collect feedback, testimonials, and ratings you provide relating to our products and services which may include your photos or other media.  We may make this information public.  We use this information to communicate with you, to conduct market research, to inform our marketing and advertising activities, and to improve and grow our business.

• Other information that you provide to us online, by phone or in person, and use this information to respond to your request, provide you the requested services, and to inform our marketing and advertising campaigns.  We ask that you do not send us unsolicited proprietary or other confidential information through our Services.

Personal Data Automatically Collected

As is true of most digital platforms, we may collect certain personal data automatically when you visit our online services, including:

• Log File Data, including your internet protocol (IP) address, operating system, browser type, browser ID, date/time of visit, and pages visited.
• Analytics Data, including the electronic path you take to the Services, through the Services and when exiting the Services, as well as your usage and activity on the Services, such as the links and objects you view, click or otherwise interact with (also known as “Clickstream Data”).
• Location Data, including your general geographic location based on your IP address or more precise location when accessing our online services through a mobile device.

For more information on our use of automated data collection technologies, please see the “Cookies and Other Data Collection Technologies” section below.  For information about our and our third-party partners’ use of cookies and related technologies to collect information automatically, and the choices you have in relation to its collection, please visit the “Third Party Data Collection and Online Advertising” section below.

Personal Information from Third Parties

We also obtain personal information from third parties, which we often combine with personal information we collect either automatically or directly from an individual.

• Our Affiliates.  We may receive personal data from other companies and brands owned or controlled by Telos, and other companies owned by or under common ownership as Telos.
• Your Employer / Company.  If you engage in our Services through your employer or company, we may receive information from the company such as name and contact information.
• Clients.  If you engage in our Services through one of our clients, we may receive information from the client, including User Content.
• Other Users or Individuals who Interact with our Services.  We may receive your information from other users or other individuals who interact with our Services, including users who submit User Content to the Services that contains your information.
• Service Providers.  Our service providers that perform services solely on our behalf, such as our marketing providers and payment processors, collect personal information and often share some or all of this information with us.  The information may include contact information, demographic information, payment information, information about your communications and related activities, and User Content.  We may use this information to administer and facilitate our services and our marketing activities.
• Social Media.  When an individual interacts with our Services through various social media networks, such as when someone “Likes” us on Facebook or follows us or shares our content on Google, Facebook, LinkedIn, or other social networks, we may receive some information about individuals that they permit the social network to share with third parties.  The data we receive is dependent upon an individual’s privacy settings with the social network, and may include your profile information, profile picture, gender, username, user ID associated with your social media account, age range, language, country, and any other information you permit the social network to share with third parties.  We may use this information to operate, maintain, and provide to you the features and functionality of the Services, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.
• Other Sources.  In addition to third-party data providers, we may also collect personal information about individuals that we do not otherwise have from, for example, publicly available sources, or through transactions such as mergers and acquisitions.  We use this information to operate, maintain, and provide to you the features and functionality of the Services, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.

Other Uses of Personal Data

In addition to the above, we may use personal data in the following ways or for the following purposes:

• For marketing purposes;
• Review and respond to inquiries;
• To verify your identity;
• Operate, evaluate, and improve our business and product and service offerings;
• Administer and analyze our websites and effectiveness;
• Perform security logging and analysis;
• Handle and communicate orders, billing and payment, delivery of products and services;
• Comply with all legal and regulatory requirements;

• Process orders, request for further information, maintain records and to provide pre- and after-sales service;
• Pass to another organization to supply/deliver products or services you have purchased;
• Pass onto our partners in order to follow-up on any webinars and events to which you have registered or attended;
• Perform obligations arising from any contracts entered into by you and us;
• Perform security checks of information you provided to protect us from credit risk and fraudulent transactions;
• Assist third parties to perform certain activities, such as processing and sorting data, monitoring how customers use our site and issuing our emails for us;
• Seek your views or comments on the services we provide;
• Notify you of changes to our Services;
• Send you communications which you have requested and that may be of interest to you, including information about product updates, newsletters, events, webinars;
• Inform you of various promotions, goods and services that may be of interest to you, either by post, email, telephone, or such other means with marketing communications we deem relevant to you;
• Protect against and prevent fraud claims and other liabilities and to comply with or enforce applicable legal requirements, industry standards, and our policies and terms;
• Protect, exercise or defend our legal rights, or when we are required to do so by law that applies to us;
• Help maintain the safety, security and integrity of our property and Services, technology assets and business;
• Facilitate corporate business transactions, such as a merger, acquisition, joint venture, or financing or sale of company assets, or in the event of insolvency, bankruptcy or receivership;
• For any other purpose we may describe when you provide the information.

2. Cookies and Other Data Collection Technologies

Cookies are small data files that are stored on your computer that allow us and our third-party partners and providers to collect certain information about your interactions with our email communications, websites and other online Services.  We and our third-party partners and providers may also use other, related technologies to collect this information, such as web beacons, pixels, embedded scripts, location-identifying technologies and logging technologies (collectively, “cookies”).

We and our third-party partners and providers may use cookies to automatically collect certain types of usage information when you visit or interact with our email communications, websites and other online Services. For example, we may collect log data about your device and its software, such as your IP address, operating system, browser type, date/time of your visit, and other similar information.  We may collect analytics data or use third-party analytics tools such as Google Analytics to help us measure usage and activity trends for our online Services and better understand our customer base.

Third-party partners and providers may also collect personal data about your online activities over time and across different websites when you use our websites and online Services.

We use or may use the data collected through cookies to:  (a) remember information so that you will not have to re-enter it during your visit or the next time you visit our websites and online Services; (b) provide and monitor the effectiveness of our websites and online Services; (c) monitor online usage and activities of our websites and online Services; (d) diagnose errors and problems with our websites and online Services; (e) otherwise plan for and enhance our online Services; and (f) facilitate the purposes identified in the “How We Collect and Use Personal Data” section above.  We and our advertising partners also use the information we collect through cookies to understand your browsing activities, including across unaffiliated third-party sites, so that we can deliver ads and information about products and services that may be of interest to you. 

Please note that we link some of the personal data we collect through cookies with the other personal data that we collect about you and for the purposes described above.

For more information about your choices regarding cookies, please see the “Your Choices” section below.  For more information on how we and our third-party providers collect and use cookies for online advertising, please see the “Third Party Data Collection and Online Advertising” section below.

3. Our Disclosure of Personal Data

We may disclose your personal data with or in connection with:

• Affiliates:  We may disclose personal data between and among Telos and its current and future parents, affiliates, subsidiaries, and other companies under common control or ownership.
• Our Clients:  If you interact with or engage in our Services through our clients, we may share your data with those clients.
• Business / Promotional Partners:  We may share information with third parties with whom we partner to provide contests and sweepstakes, or other joint promotional activities or co-branded services.
• Online Advertising Partners:  We may also share personal data with advertising networks or permit these partners to collect information from you directly on our websites to facilitate online advertising, such as search engines and social network advertising providers to serve targeted ads to you or to groups of other users who share similar traits, such as likely commercial interests and demographics, on third-party platforms.  For more information, including how to opt out of interest-based advertising, please see the “Your Choices” section below.
• Service Providers:  We may disclose personal data with third-party vendors, consultants and other service providers whom we engage to perform functions or services on our behalf and under our instructions in connection with the purposes and uses described in this Privacy Notice.
• Business Transactions or Reorganizations:  We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets.  We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction.  Personal data may also be disclosed in the event of insolvency, bankruptcy, or receivership, in compliance with applicable law.
• Legal Obligations and Rights:  We may disclose personal data to third parties, such as legal advisors and law enforcement:
  • in connection with the establishment, exercise, or defense of legal claims;
  • to comply with laws or to respond to lawful requests and legal process;
  • to protect the rights and property of Telos, our agents, customers, and others, including to enforce our agreements and policies;
  • to detect, suppress, or prevent fraud;
  • to reduce credit risk and collect debts owed to us;
  • to protect the health and safety of us, our customers, or any person; or
  • as otherwise required by applicable law.
• Your Consent or At Your Direction:  We may disclose personal data about you to certain other third parties with your consent or at your direction.

When you voluntarily make your personal data available for viewing by third parties online, such as a blog or public message board, your information can be viewed, collected and used by individuals and companies outside of Telos.  We are not responsible for any unauthorized third-party use of such information that is provided in a public forum.

4. Third Party Data Collection and Online Advertising

We participate in interest-based advertising and use third-party advertising companies to serve you targeted advertisements based on your browsing history.  We permit third-party online advertising networks, social media companies and other third-party services, to collect information about your use of our online Services over time so that they may play or display ads on the Services, on other websites, or services you may use, and on other devices you may use.  Typically, though not always, the information used for interest-based advertising is collected through tracking technologies, such as cookies, web beacons, embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”), which recognize the device you are using and collect information, including click stream information, browser type, time and date you visited the site, AdID, precise geolocation and other information.  We may share a common account identifier (such as a hashed email address or user ID) with our third-party advertising partners to help identify you across devices.  We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research.  We may also use services provided by third parties (such as social media platforms) to serve targeted ads to you and others on such platforms.  We may do this by providing a hashed version of your email address or other information to the platform provider.  See “Your Choices” below, to learn more about your choices with regard to interest-based advertising.

For California, Colorado, Connecticut, Nevada, Utah, and Virginia Residents:  To exercise your right to opt-out of the sale or sharing of personal data as it relates to the use of cookies and other tracking technologies for analytics and targeted ads, please see the “How to Exercise Your Privacy Rights” section of our U.S. Privacy Disclosures.

Social Media Widgets and Advertising.  The Services may include social media features, such as the Facebook Like button, Pinterest, Instagram, Twitter or other widgets.  These social media companies may recognize you and collect information about your visit to the Services, and they may set a cookie or employ other tracking technologies.  Your interactions with those features are governed by the privacy policies of those companies.

We display targeted advertising to you through social media platforms, such as LinkedIn and other social media forums.  These companies have interest-based advertising programs that allow us to direct advertisements to users who have shown interest in the Services while those users are on the social media platform, or to groups of other users who share similar traits, such as likely commercial interests and demographics.  We may share a unique identifier, such as a user ID or hashed email address, with these platform providers or they may collect information from our website visitors through a first-party pixel, in order to direct targeted advertising to you or to a custom audience on the social media platform.  These advertisements are governed by the privacy policies of those social media companies that provide them.  If you do not want to receive targeted ads on your social networks, you may be able to adjust your advertising preferences through your settings on those networks.  You may learn more about advertising preferences by clicking on the links provided below.  Please note that these links are provided for your convenience only and we do not control the content or features that may be available on these third-party services.

We may also utilize certain forms of display advertising and other advanced features through Google Analytics, such as Remarketing with Google Analytics, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting.  These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick advertising cookie) or other third-party cookies together to inform, optimize, and display ads based on your past visits to the Service.   You may control your advertising preferences or opt-out of certain Google advertising products by visiting the Google Ads Preferences Manager, currently available at https://google.com/ads/preferences, or by visiting the Network Advertising Initiative’s (NAI) online resources at http://www.networkadvertising.org/choices.   For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google’s site “How Google uses data when you use our partners’ sites or apps” located at  www.google.com/policies/privacy/partners/.  You can learn about Google Analytics’ currently available opt-outs, including the Google Analytics Browser Ad-On here https://tools.google.com/dlpage/gaoptout/.

5. Your Choices

Email Communications.  From time to time, we may send you emails regarding updates to our Services, notices about our organization, or information about products/services we offer (or promotional offers from third parties) that we think may be of interest to you, including emails on behalf of one of our clients. 

If you wish to unsubscribe from such emails, simply click the “unsubscribe link” provided at the bottom of the email communication.  Note that you cannot unsubscribe from certain services-related email communications (e.g., account verification, confirmations of transactions, technical or legal notices).

Modifying and Deleting your Information:  If you have an account with us, you may update your account information and adjust your account settings by logging into your account.  Please note that changes to your settings may require some time to take effect.

Access to Device Information.  You may control the Services’ access to your device information through the “Settings” app on your device.  For instance, you can withdraw permission for the Services to access your network devices and geolocation.

Cookies.  If you would prefer not to accept cookies, most browsers will allow you to:  (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies.  Please note that doing so may negatively impact your experience using our online Services, as some features and services on our online Services may not work properly.  Depending on your device and operating system, you may not be able to delete or block all cookies.  In addition, if you want to reject cookies across all your browsers and devices, you will need to do so on each browser on each device you actively use.  You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our email and performed certain functions with it.

Online Ads.  We support the self-regulatory principles for online behavioral advertising (Principles) published by the Digital Advertising Alliance (DAA).  This means that we allow you to exercise choice regarding the collection of information about your online activities over time and across third-party websites for online interest-based advertising purposes.  More information about these Principles can be found at www.aboutads.info.  If you want to opt out of receiving online interest-based advertisements on your internet browser from advertisers and third parties that participate in the DAA program and perform advertising-related services for us and our partners, please follow the instructions at www.aboutads.info/choices, or http://www.networkadvertising.org/choices/ to place an opt-out cookie on your device indicating that you do not want to receive interest-based advertisements.   Opt-out cookies only work on the internet browser and device they are downloaded onto.  If you want to opt out of interest-based advertisements across all your browsers and devices, you will need to opt out on each browser on each device you actively use.  If you delete cookies on your device generally, you will need to opt out again.   If you want to opt out of receiving online interest-based advertisements on mobile apps, please follow the instructions at http://www.aboutads.info/appchoices.

• For California, Colorado, Connecticut, Nevada, Utah, and Virginia Residents:  Unless you have exercised your Right to Opt Out (as described in the “How to Exercise Your Privacy Rights” section of our U.S. Privacy Disclosures), we may “sell” or “share” your personal data to third parties for targeted or cross-context behavioral advertising purposes.  The third parties to whom we may sell or share personal data may use such information for their own purposes in accordance with their own privacy statements, which may include reselling or sharing this information to additional third parties.  To exercise your right to opt-out of the sale or sharing of personal data as it relates to the use of cookies and other tracking technologies for analytics and targeted ads, please see the “How to Exercise Your Privacy Rights” section of our U.S. Privacy Disclosures.

6. Region-Specific Disclosures

Depending on your country, region, or state of residence, certain rights may apply to you.  Please refer below for disclosures that may be applicable to you:

• If you are a resident of California, Colorado, Connecticut, Nevada, Utah or Virginia in the United States, please click here for additional U.S. state-specific privacy disclosures.

7. Links to Third-Party Websites and Services

For your convenience, our Services may provide links to third-party websites or services that we do not own or operate.  We are not responsible for the practices employed by any websites or services linked to or from the Services, including the information or content contained within them.  Your browsing and interaction on any other website or service are subject to the applicable third party’s rules and policies, not ours.  If you are using a third-party website or service, you do so at your own risk.  We encourage you to review the privacy policies of any site or service before providing any personal information.

8. Updates to this Privacy Notice

This Privacy Notice may be updated periodically.  We will post the updated version on our sites and indicate at the top of the notice when it was most recently updated.  It is your responsibility to review this Privacy Notice periodically.

9. Children’s Data

We do not knowingly solicit information from children and we do not knowingly market the site or our Services to children.  No one age 16 or under should submit any personal data to us and/or the sites.  If we become aware that a person submitting personal data to us through any part of the sites is a child, the information will be deleted promptly.  If a parent discovers and notifies us that we have inadvertently received information on their child before we have discovered and deleted it, then we will honor any requests that the information be deleted.

10. How to Contact Us

If you have any questions or comments about this Privacy Notice or any issue relating to how we collect, use, or disclose personal data, or if you would like us to update information we have about you or your preferences, you may contact us:

By e-mail at:      privacy.officer@telos.com

By phone at:      (703) 724-3756

(800) 283-0105 (Toll Free)

In writing at:      Telos Corporation
Attention:  Privacy Officer
19886 Ashburn Road

Ashburn, VA 20147

ADDITIONAL U.S. STATE PRIVACY DISCLOSURES

Last Updated: June 5, 2023

For residents of the States of California, Colorado, Connecticut, Nevada, Utah and Virginia:  These Additional U.S. State Privacy Disclosures (“U.S. Privacy Disclosures”) supplement the information contained in our Privacy Notice by providing additional information about our personal data processing practices relating to individual residents of these States.  For a detailed description of how we collect, use, disclose, and otherwise process personal data in connection with our Services, please visit our Privacy Notice.  Unless otherwise expressly stated, all terms defined in our Privacy Notice retain the same meaning in these U.S. Privacy Disclosures.

Personal Data Disclosures

We collect various categories and types of personal data from a variety of sources and for a variety of purposes.  We also disclose personal data to a number of recipients.  Please review the How We Collect and Use Personal Data and Our Disclosure of Personal Data sections of our Privacy Notice to learn more.  While we do not “sell” personal data in the traditional sense, we do, however, sell or share personal data for the purpose of displaying advertisements that are selected based on personal data obtained or inferred over time from an individual’s activities across businesses or distinctly-branded websites, applications, or other services (otherwise known as “targeted advertising” or “cross-context behavioral advertising”).  Please see the “Your Privacy Rights” section below to learn more about your privacy choices with respect to such advertising technologies.

Sensitive Information

The following personal data elements we collect may be classified as “sensitive” under certain privacy laws (“sensitive information”):

• Account name and password;
• Credit/debit card number plus expiration date and security code (CVV);
• Biometric data;
• Precise geolocation data.

As described in our Privacy Notice, we use account name and password, as well as payment card information to provide certain of our products and services.  We also use precise geolocation data to provide our Services with geolocation capabilities.

We do not sell sensitive information, and we do not process or otherwise share sensitive information for the purpose of targeted advertising.

Deidentified Information

We may at times receive, or process personal data to create, deidentified information that can no longer reasonably be used to infer information about, or otherwise be linked to, a particular individual or household.  Where we maintain deidentified information, we will maintain and use the information in deidentified form and not attempt to reidentify the information except as required or permitted by law.

Your Privacy Rights

Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to exercise some or all of the following rights:

How to Exercise Your Privacy Rights

To Exercise Your Privacy Rights

Please submit a request by:

• Filling out our online form; or
• Calling (800) 283-0105.

We will need to verify your identity and confirm you are a resident of a state that offers the request right(s) before processing your request.  In order to verify your identity, we will generally either require the successful login to your account or the matching of sufficient information you provide us to the information we maintain about you in our systems.  As a result, we require requests to include name, email address, and state of residency.  Although we try to limit the personal data collected in connection with a request to exercise any of the above rights, certain requests may require us to obtain additional personal data from you.  In certain circumstances, we may decline a request, particularly where we are unable to verify your identity or locate your information in our systems, or where you are not a resident of one of the eligible states.

To Exercise the Right to Opt Out of the Selling or Sharing of Personal Data for Targeted Advertising Purposes

Unless you have exercised your Right to Opt Out, we may “sell” or “share” your personal data to third parties for targeted or cross-context behavioral advertising purposes.  The third parties to whom we sell or share personal data may use such information for their own purposes in accordance with their own privacy statements, which may include reselling or sharing this information to additional third parties.

You do not need to create an account with us to exercise your Right to Opt Out.  However, we may ask you to provide additional personal data so that we can properly identify you in our dataset and to track compliance with your opt out request.  We will only use personal data provided in an opt out request to review and comply with the request.  If you chose not to provide this information, we may only be able to process your request to the extent we are able to identify you in our data systems.

To exercise your right to opt-out as it relates to the use of cookies and other tracking technologies for analytics and targeted ads, click here.

Authorized Agents

In certain circumstances, you are permitted to use an authorized agent to submit requests on your behalf through the designated methods set forth above where we can verify the authorized agent’s authority to act on your behalf.  In order to verify the authorized agent’s authority, we generally require evidence of either (i) a valid power of attorney or (ii) a signed letter containing your name and contact information, the name and contact information of the authorized agent, and a statement of authorization for the request. Depending on the evidence provided and your state of residency, we may still need to separately reach out to you to confirm the authorized agent has permission to act on your behalf and to verify your identity in connection with the request.

Appealing Privacy Rights Decisions

Depending on your state of residency, you may be able to appeal a decision we have made in connection with your privacy rights request.  All appeal requests should be submitted by emailing us at privacy.officer@telos.com with the subject line, “Privacy Request Appeal.”

Minors Under Age 16

We do not sell personal data of consumers we know to be less than 16 years of age unless they have opted in (“Right to Opt In”).  Please contact us at privacy.officer@telos.com to inform us if you, or your minor child, are under the age of 16.

California-Specific Disclosures

The following disclosures only apply to residents of the State of California.

Personal Data Collection

In the last 12 months, we may have collected the following categories of personal data:

• Identifiers, such as name, email address, telephone number, address, zip code, account username and password, or other similar identifiers.
• California Customer Records (Cal. Civ. Code § 1798.80(e)), such as credit/debit card information, bank account information or other payment information if you engage with one of our clients.
• Commercial Information, such information about products or services purchased or considered, whether you used a particular coupon code or promotion, and information about your use of the Services.
• Internet/Network Information, such as your browsing history, log and analytics data, search history and information regarding your interaction with our website.
• Geolocation Data, such as information about your physical location collected from geolocation features on your device, including your IP address and GPS (e.g., latitude and/or longitude).
• Biometric Information, such as fingerprint data used to identify an individual.
• Sensory Information, such as pictures you provide or upload in connection with the Services, and the content and audio recordings of phone calls between you and Telos and/or you and our service providers, that we record where permitted by law.
• Professional/Employment Information, such as job title, department, employer or business.
• Other Personal Data, such as information and content you post to the Services and other information you submit to us, including inquiry and communication information when you contact us and User Content.
• Inferences, including information generated from your use of the Services reflecting predictions about your interests and preferences.

For more information about our collection of personal data, the sources of personal data, and how we use this information, please see the How We Collect and Use Personal Data section of our Privacy Notice.

Disclosure of Personal Data

As described in the Our Disclosure of Personal Data section of our Privacy Notice, we disclose personal data with a variety of third parties for business purposes or we may sell or share your personal data to third parties for targeted advertising purposes, subject to your right to opt out of selling or sharing (see the “Your Privacy Rights” section above).

In the previous 12 months, with the exception of sensitive data, we have sold or shared for targeted advertising purposes all of the categories of personal data we collect, explained above, to third parties.

Data Retention

We retain personal data only for as long as is reasonably necessary to fulfill the purpose for which it was collected.  However, if necessary, we may retain personal data for longer periods of time, until set retention periods and deadlines expire, for instance where we are required to do so in accordance with legal, tax and accounting requirements set by a legislature, regulator or other government authority.

To determine the appropriate duration of the retention of personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of personal data and if we can attain our objectives by other means, as well as our legal, regulatory, tax, accounting and other applicable obligations.

Therefore, we retain personal data for as long as the individual continues to use our Services for the purposes explained in the How We Collect and Use Personal Data section in our Privacy Notice.  When an individual discontinues the use of our Services, we will retain their personal data for as long as necessary to comply with our legal obligations, to resolve disputes and defend claims, as well as, for any additional purpose based on the choices they have made, such as to receive marketing communications.  In particular, we will retain call recordings, the personal data supplied when joining our Services, including complaints, claims (for insurance products) and any other personal data supplied during the duration of an individual’s contract with us for the Services until the statutory limitation periods have expired, when this is necessary for the establishment, exercise or defense of legal claims.

Once retention of the personal data is no longer necessary for the purposes outlined above, we will either delete or deidentify the personal data or, if this is not possible (for example, because personal data has been stored in backup archives), then we will securely store the personal data and isolate it from further processing until deletion or deidentification is possible.

Notice of Financial Incentives

We may offer various programs, promotions and other financial incentives that may result in differences in our prices or services offered to consumers.  For example:

• Discounts, coupons or other access to exclusive content, research, and insights for customers who sign up to receive our or our clients’ marketing emails or text messages;
• Discounts, coupons or other benefits in connection with a contest or sweepstakes or similar promotion;
• Rewards or coupons when you refer a friend to use our Services or our clients’ services;
• Loyalty programs, where you earn rewards based upon your past purchases with us; or
• Discounts, coupons, cash back, and other special offers for shopping with our partners or clients.

To obtain access to certain of these programs and other offerings, we may collect and retain personal information, such as name, contact information, professional information, account information, and transaction information.  We may sell or share personal information with our business and marketing partners who may use this information to send you promotional communications and targeted advertising.

We will offer these programs if we have determined that the value of these programs and other incentives are reasonably related to the value of the personal data we receive and otherwise process in connection with these programs and offerings, based on our reasonable but sole determination.  We estimate the value of the personal data we receive and otherwise process in connection with these programs and offerings by considering the expense we incur in collecting and processing the personal data, as well as the expenses related to facilitating the program or offering.

The material aspects of any financial incentive will be explained and described in its program terms or in the details of the incentive offer. Participating in any financial incentive program is entirely optional and participants may withdraw from the program at any time.  To opt-out of the program and forgo any ongoing incentives, please follow the instructions in the program’s terms and conditions or contact us using the contact information below.  Participating individuals may also opt out of receiving marketing communications by following the instructions set forth in the “Your Choices” section of our Privacy Notice.

Updates to These U.S. Privacy Disclosures

We will update these U.S. Privacy Disclosures from time to time.  When we make changes to these U.S. Privacy Disclosures, we will change the “Last Updated” date at the beginning of these U.S. Privacy Disclosures.  All changes shall be effective from the date of publication unless otherwise provided in the notification.

Contact Us

If you have any questions or requests in connection with these U.S. Privacy Disclosures or other privacy-related matters, please send an email to privacy.officer@telos.com.