Updated: August 4, 2021
Ellis Technologies, Inc. (“Ellis”) respects your privacy. This section of this Agreement describes our privacy practices regarding Personal Information we collect from individuals for all the products and services offered by Ellis (including on our website (“Site”) and mobile application (“App”) (collectively, the “Services”)).
When you sign up for an account with Ellis, Ellis may collect and use your personal information on behalf of Blue Ridge Bank N.A. (Ellis’ “Bank Partner”) to facilitate the provision of banking services pursuant to The Blue Ridge Consumer Privacy Notice as applicable. Federal law requires our Bank Partner to provide notice to certain consumers to explain what personal information they collect, how they share it, and how consumers may limit our Bank Partner’s sharing of the information. The privacy practices of our Bank Partner are subject to their privacy notices and terms of service, which we strongly suggest you review. Ellis is not responsible for our Bank Partner’s information practices or privacy notices.
We obtain personal information about you in various ways, such as when you use our Services, communicate with us, or interact with our customer support representatives.
The types of personal information we may obtain about you include:
When you visit our Site, we may obtain certain information by automated means, such as cookies, web beacons, web server logs and other technologies. A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an internet tag, pixel tag or clear GIF, links web pages to web servers and cookies and may be used to transmit information collected through cookies back to a web server. The information we collect in this manner may include your device IP address, unique device identifier, web browser characteristics, device characteristics, operating system, language preferences, referring URLs, clickstream data, and dates and times of website visits.
When you use our App, we also may collect certain information by automated means, such as through device logs, server logs and other technologies. The information we collect in this manner may include the device type used, the mobile operating system, device identifiers and similar unique identifiers, device settings and configurations, IP addresses, battery and signal strength, usage statistics, referring emails and web addresses, dates and times of usage, actions taken on the App, and other information regarding use of the App. In addition, as indicated above, we may collect your device’s geolocation information. Your device’s operating platform may provide you with a notification when the App attempts to collect your precise geolocation. Please note that if you decline to allow the App to collect your precise geolocation, you may not be able to use all of the App’s features or the offers available through the App.
We may use these automated technologies on our Services to collect information about your equipment, browsing actions and usage patterns. These technologies help us (1) remember your information so you do not have to re-enter it; (2) track and understand how you use and interact with our Services, including our online forms, tools or content; (3) tailor the Services around your preferences; (4) measure the usability of our Services and the effectiveness of our communications; and (5) otherwise manage and enhance our products and services, and help ensure they are working properly.
Your browser may tell you how to be notified about certain types of automated collection technologies and how to restrict or disable them. Please note, however, that without these technologies, you may not be able to use all of the features of our Services. For mobile devices, you can manage how your device and browser share certain device data by adjusting the privacy and security settings on your mobile device.
We may disclose personal information that we collect in the following circumstances:
Additionally, we may share your personal information as required to comply with any subpoena, court order, similar legal process, including to respond to any government or regulatory request. To the extent permitted by law, we will notify you if we receive government requests about your data.
Finally, we may disclose anonymized, non-personal information about the Service and our users without restriction.
We do not and will not sell Personal Information.
We maintain administrative, technical, and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized access, destruction, loss, alteration, disclosure or use.
If you are a California resident, you may have certain rights with respect to Personal Information as set forth under California law and explained below.
California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits California residents to annually request, free of charge, information about the Personal Information (if any) disclosed to third parties for direct marketing purposes in the preceding calendar year. We do not share Personal Information with third parties for their own marketing purposes.
You can request the following information from us, with respect to the Personal Information that we have collected about you in the 12 months prior to our receipt of your request:
Upon request, we will delete the Personal Information we have collected about you that is covered by the CCPA, situations where the CCPA authorizes us to retain specific information, including when it is necessary for us to provide you with a good or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; or comply with or exercise rights provided by the law. The law also permits us to retain specific information for our exclusively internal use, but only in ways that are compatible with the context in which you provided the information to us or that are reasonably aligned with your expectations based on your relationship with us.
When we collect and process Personal Information on our clients, we act as their “service provider,” as that term is defined in the CCPA. We do not disclose, use, or retain any of the Personal Information we collect when collecting or processing Personal Information on behalf of our clients for any purpose other than the specific purpose of performing the services specified in our contracts with our clients. This means that the Company does not own the Personal Information we collect on behalf of our clients.
To exercise any of the rights above, or to ask a question, you may contact us using the contact information provided on our Sites.
For requests for access or deletion, we will first acknowledge receipt of your request within 10 days of receipt of your request. We provide a substantive response to your request as soon as we can, generally within 45 days from when we receive your request, although we may be allowed to take longer to process your request in certain jurisdictions or under certain circumstances. If we expect your request is going to take us longer than normal to fulfill, we will let you know.
If we are unable to verify your identity with the degree of certainty required based on the type of information or action you are requesting, we will not be able to respond to the request. We will notify you to explain the basis of the denial.
You may designate an agent to submit requests on your behalf. The agent can be a natural person or a business entity that is registered with the California Secretary of State.
If you would like to designate an agent to act on your behalf, you and the agent will need to comply with our agent verification process. You will be required to verify your identity by providing us with certain Personal Information as described above, depending on whether you hold an account with us or not and the nature of the information you require, which we will endeavor to match the information submitted to information we maintain about you. Additionally, we will require that you provide us with written confirmation that you have authorized the agent to act on your behalf, and the scope of that authorization. The agent will be required to provide us with proof of the agency relationship, which may be a declaration attesting to the agent’s identity and authorization by you to act on their behalf, signed under penalty of perjury. If the agent is a business entity, it will also need to submit evidence that it is registered and in good standing with the California Secretary of State. Information to identify and verify your agent can be submitted through the same mechanism and at the same time that you submit information to verify your identity.
Please note that this subsection does not apply when an agent is authorized to act on your behalf pursuant to a valid power of attorney. Any such requests will be processed in accordance with California law pertaining to powers of attorney.
There may be some types of Personal Information that can be associated with a household (a group of people living together in a single dwelling). Requests for access or deletion of household Personal Information must be made by each member of the household. We will verify each member of the household using the verification criteria explained above.
If we are unable to verify the identity of each household member with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of our denial.
Our Services are designed for a general audience and are not directed to children. In connection with the Services, we do not knowingly solicit or collect personal information from children under the age of 13 without parental consent.
From time to time, we may advertise certain third party services through our Sites which we feel will be helpful or relevant to you (collectively, “Third Party Services”).
When you click on a link for a Third Party Service, your web browser will be redirected to the third party provider of the Third Party Service that you selected. Third party providers may have privacy policies that are different from this Agreement, and you should read carefully the privacy policies of those vendors prior to releasing any of your information to them, financial or otherwise.
Third Party Services may also require you to agree to certain terms and conditions of use (collectively, “Third Party Conditions”) before using or accessing those services. Often, Third Party Conditions describe and govern how third party providers use your Personal Information, so you should read carefully all Third Party Conditions prior to releasing any of your information to such third party sites.
We do not endorse, warrant, or guarantee the nature, scope, quantity, availability, or quality of any Third Party Services. We make you aware of such services solely for your convenience. If you have any questions, comments, or concerns about any Third Party Service, you are instructed to contact the vendor offering the service.
“Do Not Track” (“DNT”) is a preference you can set in your web browser to let the websites you visit know that you do not want them collecting information about you. At this time, this Site does not respond to DNT or similar signals.
We reserve the right to amend, alter, or otherwise change this Agreement in our sole and absolute discretion. When we make changes to this Agreement, we will amend the “Updated” date at the top of this page, and such modified or amended version of this Privacy Statement shall be effective as to you and your information as of that revision date. We encourage you to review this Agreement periodically to be informed about how we are protecting your information.
When contacting the Privacy Officer please be sure to provide your name, your physical address, your email address, your phone number (if you wish to be contacted by telephone), and a description of the question or issue that you wish to have resolved.
If you are located in the United Kingdom or European Economic Area (“EEA”) and believe we have not adequately resolved any issues, you may contact the Supervisory Authority concerned.