Privacy Policy | Vertali Group

1. Introduction

Vertali Group ("Vertali," "we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website home.vertali.net (the "Site"), use our services, apply to join our creator network, or reside in our streamer houses.

We respect your privacy and are dedicated to handling your personal data responsibly and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Children's Online Privacy Protection Act (COPPA).

By accessing or using our Site and services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Site or services.

Important: This Privacy Policy applies to all visitors, users, applicants, creators, and others who access our Site or use our services ("you" or "your").

2. Information We Collect

We collect various types of information from and about users of our Site and services. The information we collect depends on how you interact with us and the choices you make.

2.1 Personal Information

We may collect the following categories of personal information that can be used to identify you:

Identity Information: Full legal name, date of birth, gender, government-issued identification numbers (where legally required)
Contact Information: Email address, phone number, residential address, mailing address, emergency contact details
Account Information: Username, password, account preferences, profile photographs
Demographic Information: Age, nationality, language preferences
Professional Information: Occupation, employer, work history, educational background, professional certifications
Biographical Information: Personal biography, interests, hobbies, and preferences

2.2 Creator and Streamer Information

For content creators, streamers, and talent applying to or participating in our programs, we collect:

Platform Information: Streaming platform usernames, channel URLs, platform-specific IDs
Audience Metrics: Follower counts, subscriber numbers, viewership statistics, engagement rates, audience demographics (as publicly available or voluntarily provided)
Content Information: Links to streaming channels, sample content URLs, content category preferences
Performance Data: Streaming schedules, historical performance metrics, growth trends
Monetization Data: Revenue share information, payment history, sponsorship details
Social Media Presence: Links to social media profiles across all platforms

2.3 Automatically Collected Information

When you visit our Site or use our services, we automatically collect certain information about your device and usage patterns:

Device Information: IP address, browser type and version, operating system, device type, device identifiers, mobile network information
Usage Information: Pages visited, time spent on pages, links clicked, features used, search queries, referral sources
Location Information: General geographic location based on IP address, GPS location (with your consent)
Log Data: Access times, dates, error logs, crash reports
Cookies and Similar Technologies: Information collected through cookies, web beacons, pixels, and similar tracking technologies (see Section 9 for details)

2.4 Financial Information

For payment processing, payroll, and financial transactions, we collect:

Payment Information: Bank account details, routing numbers, payment card information (processed securely through PCI-DSS compliant payment processors)
Tax Information: Social Security Number, Tax Identification Number, W-9 or W-8 forms, tax residency information
Transaction History: Payment records, invoice details, commission calculations

Note: We do not store complete payment card numbers on our servers. All payment processing is handled by third-party PCI-DSS compliant payment processors.

2.5 House Application and Residency Information

For applicants to and residents of our streamer houses, we collect:

Application Information: Application forms, essays, portfolio materials, references
Background Information: Background check results (where legally permitted and with appropriate consent)
Residency Details: Move-in/move-out dates, room assignments, lease agreements
House Rules Compliance: Incident reports, disciplinary records, compliance documentation
Preferences: Roommate preferences, dietary restrictions, accessibility needs

2.6 Communications and Correspondence

We collect and store:

Email correspondence and message history
Chat logs and support ticket communications
Phone call recordings (where legally permitted and with notice)
Video conference recordings (with prior consent)
Feedback, surveys, and testimonials

2.7 Third-Party Service Data

We may receive information about you from third-party sources, including:

Social media platforms (when you connect your accounts)
Analytics providers
Advertising networks
Background check services (with consent)
Publicly available sources and databases

3. How We Collect Information

3.1 Direct Submissions

We collect information that you provide directly to us, including when you:

Create an account or profile on our Site
Fill out application forms (creator applications, house applications, employment applications)
Complete contact forms or request information
Sign up for newsletters, updates, or marketing communications
Participate in surveys, contests, or promotions
Communicate with us via email, phone, chat, or video conference
Upload content, documents, or media
Execute contracts or agreements
Submit payment or billing information
Post comments or participate in community features

3.2 Automatic Collection Technologies

We and our service providers use various technologies to automatically collect information:

Cookies: Small data files stored on your device that help us recognize you and remember your preferences
Web Beacons/Pixels: Electronic images that help us count users who have visited certain pages or opened emails
Log Files: Server logs that track actions occurring on the Site
Analytics Tools: Third-party analytics services that help us understand Site usage
SDKs: Software development kits integrated into our mobile applications (if applicable)

3.3 Third-Party Sources

We may obtain information about you from third parties, including:

Social Media Platforms: When you choose to connect your social media accounts or share content through social media features, we may receive information from those platforms in accordance with their privacy policies
Streaming Platforms: Public metrics and data from Twitch, YouTube, Kick, TikTok, and other platforms (with your authorization)
Service Providers: Payment processors, analytics providers, email service providers, and customer relationship management platforms
Business Partners: Brand partners, sponsors, and collaborators
Public Sources: Publicly available databases, social media profiles, and other public sources

3.4 API Integrations

For creators and streamers, we may collect information through API integrations with streaming platforms and social media services, subject to your authorization and the terms of service of those platforms.

4. How We Use Your Information

We use the information we collect for various business and operational purposes, including:

4.1 Service Provision

Providing, operating, and maintaining our Site and services
Processing and evaluating creator and house applications
Managing creator contracts, agreements, and relationships
Coordinating travel, lodging, and logistics for talent
Facilitating communication between creators, brands, and our team
Processing payments, commissions, and financial transactions
Managing house residencies and accommodations

4.2 Communication

Responding to your inquiries, requests, and support needs
Sending administrative information, such as changes to our terms, conditions, and policies
Providing updates about your application status, account, or services
Sending transactional emails and notifications
Facilitating internal communications within our creator network

4.3 Marketing and Promotional Activities

Sending newsletters, marketing communications, and promotional materials (with your consent where required)
Promoting our creators, events, and partnerships
Developing and displaying targeted advertising
Conducting market research and analyzing user preferences
Personalizing your experience and content recommendations

4.4 Analytics and Improvement

Analyzing usage patterns and trends to improve our Site and services
Monitoring and analyzing the effectiveness of our marketing campaigns
Developing new products, services, features, and functionality
Conducting research and statistical analysis
Testing, troubleshooting, and optimizing Site performance

4.5 Legal Compliance and Protection

Complying with applicable laws, regulations, and legal processes
Responding to lawful requests from public authorities
Enforcing our terms, conditions, and policies
Protecting our rights, privacy, safety, or property
Protecting the rights, privacy, safety, or property of our users or others
Preventing, detecting, and investigating fraud, security breaches, or other prohibited activities
Establishing, exercising, or defending legal claims

4.6 Business Operations

Managing our business operations and internal administration
Conducting audits and maintaining financial records
Evaluating and managing business risks
Planning and executing business transactions, including mergers, acquisitions, or sales

4.7 Consent-Based Uses

We may also use your information for any other purpose for which you provide consent.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal information based on the following legal grounds under the General Data Protection Regulation (GDPR):

5.1 Consent

We process your personal information based on your explicit consent, which you may withdraw at any time. This includes:

Sending marketing communications
Using cookies and similar tracking technologies (where consent is required)
Processing sensitive personal data (where applicable)
Sharing your information with third parties for their marketing purposes

5.2 Contractual Necessity

We process personal information necessary to perform our contract with you or to take steps at your request before entering into a contract, including:

Processing creator and house applications
Managing creator contracts and agreements
Providing requested services and support
Processing payments and commissions
Managing your account and profile

5.3 Legal Obligation

We process personal information to comply with our legal obligations, such as:

Tax reporting and compliance
Maintaining employment and immigration records
Responding to legal requests and court orders
Fulfilling regulatory requirements

5.4 Legitimate Interests

We process personal information based on our legitimate interests, provided these interests are not overridden by your rights and interests. Our legitimate interests include:

Operating, improving, and securing our Site and services
Analyzing usage patterns and trends
Preventing fraud and ensuring security
Defending our legal rights
Marketing our services to existing customers (where permitted by law)
Conducting business analytics and strategic planning

5.5 Vital Interests

In rare circumstances, we may process personal information to protect your vital interests or the vital interests of another person, such as in emergency situations involving health or safety.

6. Information Sharing and Disclosure

We may share your personal information in the following circumstances:

6.1 Service Providers

We share information with trusted third-party service providers who perform services on our behalf, including:

Technology Providers: Hosting providers, cloud storage services, content delivery networks
Payment Processors: Companies that process payments and financial transactions
Communication Services: Email service providers, SMS providers, customer support platforms
Analytics Providers: Companies that help us analyze Site usage and user behavior
Marketing Services: Advertising networks, marketing automation platforms, CRM systems
Professional Services: Legal advisors, accountants, auditors, insurance providers
Background Check Providers: Companies that conduct background checks (with appropriate consent)

All service providers are contractually obligated to protect your information and use it only for the purposes for which we disclose it to them.

6.2 Business Partners

We may share information with business partners, including:

Brand Partners and Sponsors: Information necessary to facilitate sponsorships, brand deals, and collaborations (with your consent)
Streaming Platforms: Information required for API integrations and platform partnerships
Event Organizers: Information necessary for event participation and logistics
Other Creator Houses and Organizations: For collaborative opportunities (with your consent)

6.3 Affiliated Entities

We may share information with our subsidiaries, affiliates, and related entities for operational, administrative, and business purposes.

6.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:

Compliance with legal obligations, court orders, or subpoenas
Cooperation with law enforcement agencies
Protection of national security
Enforcement of our rights or defense against legal claims

6.5 Business Transfers

In connection with any merger, acquisition, reorganization, sale of assets, or other business transaction, your personal information may be transferred to the acquiring entity. We will notify you of any such change in ownership or control of your personal information.

6.6 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

6.7 Aggregated and Anonymized Data

We may share aggregated or anonymized information that does not identify you personally for research, marketing, analytics, and other purposes.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

7.1 Retention Periods

Our retention periods vary depending on the type of information and the purpose for which we process it:

Account Information: Retained for the duration of your relationship with us plus 3 years after account closure, unless longer retention is required by law
Contract and Transaction Records: Retained for 7 years to comply with tax and accounting obligations
Marketing Data: Retained until you withdraw consent or opt out of marketing communications
Application Data: Retained for 2 years from the date of application (for unsuccessful applicants)
Communications: Retained for 3 years from the date of communication
Log Files and Analytics: Retained for 13 months
Legal Records: Retained as required by applicable statutes of limitations

7.2 Deletion and Anonymization

When your personal information is no longer required, we will securely delete or anonymize it in accordance with our data retention policies. In some cases, we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice.

7.3 Archive Policies

Certain information may be transferred to secure archives for compliance, legal, or business purposes. Archived data is subject to strict access controls and is only accessed when necessary for legitimate business or legal purposes.

7.4 Exceptions to Deletion

We may retain certain information even after a deletion request if:

Retention is required by law or legal process
Retention is necessary to resolve disputes or enforce our agreements
The information is necessary for security, fraud prevention, or safety purposes
The information cannot be removed from backups or archives due to technical limitations

8. Your Rights

Depending on your location and applicable data protection laws, you may have certain rights regarding your personal information.

8.1 Right to Access

You have the right to request access to the personal information we hold about you. Upon request, we will provide you with a copy of your personal information in a structured, commonly used, and machine-readable format.

8.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you. You may also update certain information directly through your account settings.

8.3 Right to Erasure (Right to be Forgotten)

You have the right to request the deletion of your personal information in certain circumstances, including when:

The information is no longer necessary for the purposes for which it was collected
You withdraw your consent and there is no other legal basis for processing
You object to processing and there are no overriding legitimate grounds
The information has been unlawfully processed
The information must be deleted to comply with a legal obligation

8.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal information in certain circumstances, including when:

You contest the accuracy of the information (for a period enabling us to verify its accuracy)
The processing is unlawful, but you oppose deletion and request restriction instead
We no longer need the information, but you require it for legal claims
You have objected to processing pending verification of whether our legitimate grounds override yours

8.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit that information to another controller without hindrance, where the processing is based on consent or contract and is carried out by automated means.

8.6 Right to Object

You have the right to object to the processing of your personal information:

Based on legitimate interests, unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms
For direct marketing purposes, including profiling related to such marketing

8.7 Rights Regarding Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such processing:

Is necessary for entering into or performing a contract
Is authorized by law
Is based on your explicit consent

8.8 Right to Withdraw Consent

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

8.9 How to Exercise Your Rights

To exercise any of these rights, please contact us using the contact information provided in Section 16. We will respond to your request within the timeframes required by applicable law (typically within 30 days for GDPR requests and 45 days for CCPA requests).

8.10 Verification

We may need to verify your identity before fulfilling your request to ensure the security of your personal information. We may ask you to provide additional information to confirm your identity.

8.11 Right to Lodge a Complaint

If you believe our processing of your personal information violates applicable data protection laws, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of the alleged infringement.

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.

9.2 Types of Cookies We Use

Category	Purpose	Duration
Strictly Necessary	Essential for the operation of our Site. Enable you to log in, navigate the Site, and use essential features.	Session to 1 year
Functional	Enable enhanced functionality and personalization, such as remembering your preferences and settings.	1 year
Analytics/Performance	Help us understand how visitors interact with our Site by collecting and reporting information anonymously.	Up to 2 years
Targeting/Advertising	Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.	Up to 2 years
Social Media	Enable sharing of content on social media platforms and may be used by those platforms to track your browsing.	Varies by platform

9.3 Specific Cookies We Use

Session Cookies: Temporary cookies that expire when you close your browser
Persistent Cookies: Remain on your device for a set period or until you delete them
First-Party Cookies: Set by our Site
Third-Party Cookies: Set by our partners and service providers

9.4 Third-Party Cookies

We may allow third parties to place cookies on your device for the following purposes:

Google Analytics: For website analytics and usage tracking
Social Media Platforms: Facebook, Twitter, Instagram, TikTok for social sharing and advertising
Advertising Networks: For targeted advertising and campaign measurement
Payment Processors: For secure payment processing

9.5 Cookie Consent

When you first visit our Site, you will be presented with a cookie banner requesting your consent to the use of non-essential cookies. You can:

Accept all cookies
Reject non-essential cookies
Customize your cookie preferences

You can change your cookie preferences at any time by clicking on the "Cookie Settings" link in the footer of our Site.

9.6 How to Manage Cookies

Most web browsers allow you to control cookies through their settings. You can typically:

View cookies stored on your device
Delete individual cookies or all cookies
Block cookies from particular sites
Block all cookies
Block third-party cookies while accepting first-party cookies

Please note that disabling cookies may affect the functionality of our Site and prevent you from accessing certain features.

9.7 Do Not Track Signals

Some browsers have "Do Not Track" features that allow you to tell websites not to track you. We currently do not respond to Do Not Track signals due to lack of standardized industry practices. However, you can opt out of targeted advertising through the mechanisms described above.

9.8 Other Tracking Technologies

In addition to cookies, we may use:

Web Beacons: Small graphic images that help us monitor Site usage
Pixels: Code snippets that allow us to track conversions and retarget visitors
Local Storage: Browser-based storage for caching data and preferences
Device Fingerprinting: Techniques to identify devices based on configuration settings

10. International Data Transfers

Vertali Group is based in the United States. If you are accessing our Site or services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers are located.

10.1 Transfer Mechanisms

When we transfer personal information from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States or other countries, we implement appropriate safeguards to ensure your data receives an adequate level of protection:

10.2 Standard Contractual Clauses

We use Standard Contractual Clauses (SCCs) approved by the European Commission for transfers of personal information to countries that have not been deemed to provide an adequate level of data protection. These contractual commitments ensure that the recipient of your personal information provides protections equivalent to those required under GDPR.

10.3 Adequacy Decisions

Where applicable, we may transfer personal information to countries that have been recognized by the European Commission as providing an adequate level of data protection.

10.4 Other Transfer Mechanisms

We may also rely on other legally recognized transfer mechanisms, including:

Your explicit consent to the transfer
The necessity of the transfer for the performance of a contract with you
The necessity of the transfer for the establishment, exercise, or defense of legal claims
Binding Corporate Rules (if applicable)

10.5 Data Localization

In certain jurisdictions, we may store and process data locally to comply with data localization requirements. Please contact us for specific information about data storage locations.

11. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction.

11.1 Security Measures

Our security measures include:

Encryption: We use industry-standard encryption protocols (TLS 1.3 or higher) to protect data in transit. Sensitive data at rest is encrypted using AES-256 encryption
Access Controls: Strict access controls limit who can access personal information based on job function and need-to-know principles
Authentication: Multi-factor authentication (MFA) is required for administrative access to systems containing personal information
Network Security: Firewalls, intrusion detection systems, and network segmentation protect against unauthorized access
Regular Security Assessments: We conduct vulnerability scans, penetration testing, and security audits
Employee Training: Regular security awareness training for all employees handling personal information
Secure Development: Security-by-design principles in our software development lifecycle
Physical Security: Physical access controls for facilities housing servers and data

11.2 Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected individuals without undue delay and, where feasible, within 72 hours of becoming aware of the breach (for GDPR-covered data)
Notify relevant supervisory authorities as required by law
Provide clear and meaningful information about the breach, including the nature of the incident, the categories of data affected, and the likely consequences
Describe the measures we have taken or propose to take to address the breach
Provide contact information for further inquiries

11.3 Data Minimization

We collect and retain only the personal information that is necessary for the purposes outlined in this Privacy Policy. We regularly review our data holdings and delete or anonymize information that is no longer needed.

11.4 Third-Party Security

We require all service providers who process personal information on our behalf to implement appropriate security measures and to comply with contractual obligations regarding data protection.

11.5 Your Security Responsibilities

We encourage you to take steps to protect your personal information, including:

Using strong, unique passwords for your accounts
Enabling two-factor authentication where available
Keeping your login credentials confidential
Being cautious of phishing attempts and suspicious communications
Logging out of your account when using shared devices
Keeping your devices and software up to date

Important: No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

12. Children's Privacy

Vertali Group is committed to protecting the privacy of children. Our Site and services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13.

12.1 Age Restrictions

You must be at least 18 years old to create an account, apply for residency in our streamer houses, or enter into contracts with us
Individuals between the ages of 13 and 18 may only use our Site and services with the involvement and consent of a parent or legal guardian
Our services are not designed for, marketed to, or intended for children under 13

12.2 Parental Consent

For certain features that may be accessible to minors 13-17 years of age, we require verifiable parental consent before collecting personal information. Parents or legal guardians have the right to:

Review the personal information we have collected from their child
Request deletion of their child's personal information
Refuse further collection or use of their child's personal information
Provide consent to the collection and use of their child's personal information

12.3 Discovery of Underage Users

If we learn that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to:

Delete that information as quickly as possible
Terminate the child's account (if applicable)
Notify the parent or guardian (if contact information is available)

12.4 Reporting Underage Use

If you believe we might have any information from or about a child under 13, please contact us immediately at privacy@vertali.net or using the contact information in Section 16.

12.5 Teen Safety

For users between 13 and 17 years of age, we implement additional safeguards:

Restricted data collection and use
Enhanced privacy settings by default
No targeted advertising based on personal information
Prohibition on sharing information with third parties for marketing purposes

13. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). This section supplements the information provided elsewhere in this Privacy Policy.

13.1 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information from California residents:

13.2 Categories of Sources

We collect personal information from the following categories of sources:

Directly from you (forms, applications, communications)
Automatically through your use of our Site (cookies, analytics)
Third-party sources (social media platforms, streaming platforms, business partners)
Publicly available sources

13.3 Business or Commercial Purposes

We use personal information for the business and commercial purposes described in Section 4 of this Privacy Policy.

13.4 Categories of Third Parties Shared With

We may share your personal information with the categories of third parties described in Section 6 of this Privacy Policy.

13.5 California Consumer Rights

As a California resident, you have the following rights:

Right to Know

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, including:

The categories of personal information we collected about you
The categories of sources for the personal information
Our business or commercial purpose for collecting that personal information
The categories of third parties with whom we share that personal information
The specific pieces of personal information we collected about you

Right to Delete

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions.

Right to Correct

You have the right to request that we correct inaccurate personal information that we maintain about you.

Right to Opt-Out of Sale or Sharing

We do not "sell" personal information as that term is traditionally understood. However, we may "share" personal information with third parties for cross-context behavioral advertising purposes. You have the right to opt out of such sharing.

Right to Limit Use of Sensitive Personal Information

You have the right to request that we limit our use and disclosure of sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer.

Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. This means we will not:

Deny you goods or services
Charge you different prices or rates for goods or services
Provide you a different level or quality of goods or services
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services

13.6 Exercising Your California Rights

To exercise your rights under the CCPA/CPRA, please submit a verifiable consumer request to us by:

Emailing us at privacy@vertali.net
Calling us at (850) 555-0199
Completing the web form available on our Site

13.7 Verifiable Consumer Requests

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To verify your identity, we may ask you to provide information that matches our records. You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

13.8 Response Timing and Format

We endeavor to respond to verifiable consumer requests within 45 days of receipt. If we require more time, we will inform you of the reason and extension period in writing. We will deliver our response by mail or electronically, at your option.

13.9 Do Not Sell or Share My Personal Information

California residents have the right to opt out of the "sale" or "sharing" of their personal information. To exercise this right, please:

Click the "Do Not Sell or Share My Personal Information" link in the footer of our Site
Email us at privacy@vertali.net with the subject line "Opt-Out Request"
Use the Global Privacy Control (GPC) signal in your browser (if supported)

13.10 Shine the Light Law

Under California's "Shine the Light" law (Civil Code Section 1798.83), California residents who have an established business relationship with us may request information about our disclosure of personal information to third parties for direct marketing purposes during the preceding calendar year.

To make such a request, please send an email to privacy@vertali.net with "Shine the Light Request" in the subject line.

14. European Data Protection Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have specific rights under the General Data Protection Regulation (GDPR) or equivalent local data protection laws.

14.1 Data Controller Information

Data Controller:

Vertali Group
101 N Monroe St Suite 800
Tallahassee, FL 32301
United States
Email: privacy@vertali.net

14.2 Data Protection Officer

While we are not currently required to appoint a Data Protection Officer under GDPR, we have designated a privacy team responsible for overseeing compliance with data protection laws. You can contact our privacy team at:

Email: privacy@vertali.net
Postal Address: Vertali Group, Attn: Privacy Team, 101 N Monroe St Suite 800, Tallahassee, FL 32301, USA

14.3 Your GDPR Rights

Your rights under GDPR are outlined in Section 8 of this Privacy Policy. To exercise these rights:

Submit a request via email to privacy@vertali.net
Contact us using the information provided in Section 16
Use any self-service tools available in your account settings

14.4 Right to Lodge a Complaint

If you are located in the EEA and believe that our processing of your personal information violates GDPR, you have the right to lodge a complaint with your local supervisory authority. A list of supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

14.5 Legal Basis for Processing (Recap)

The legal bases for our processing activities are detailed in Section 5 of this Privacy Policy. If you have questions about the specific legal basis applicable to our processing of your personal information, please contact us.

14.6 Representative in the EU

If required under GDPR Article 27, we have appointed a representative in the European Union. Contact details are available upon request by emailing privacy@vertali.net.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons.

15.1 Notification of Changes

When we make material changes to this Privacy Policy, we will:

Post the updated Privacy Policy on this page with a revised "Last Updated" date
Update the effective date at the top of this Privacy Policy
Notify you via email or through a prominent notice on our Site before the changes become effective (for material changes)
Obtain renewed consent where required by applicable law

15.2 Continued Use

Your continued use of our Site and services after we post any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

15.3 Previous Versions

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. If you would like to review previous versions of this Privacy Policy, please contact us at privacy@vertali.net.

15.4 Material Changes

Material changes that may require specific notification include:

Changes to the categories of personal information we collect
Changes to how we use or share personal information
Changes to your rights under the Privacy Policy
Changes regarding international data transfers

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the information below.

16.1 Privacy Team Contact

Privacy Team

Email: privacy@vertali.net
Phone: (850) 555-0199
Hours: Monday - Friday, 9:00 AM - 5:00 PM EST

16.2 Mailing Address

Vertali Group
Attn: Privacy Department
101 N Monroe St Suite 800
Tallahassee, FL 32301
United States

16.3 Response Timeframes

We are committed to responding to your privacy-related inquiries in a timely manner:

General Inquiries: Within 5 business days
Data Subject Access Requests (GDPR): Within 30 days (may be extended by 2 months for complex requests)
California Consumer Privacy Requests (CCPA): Within 45 days (may be extended by 45 days with notification)
Data Breach Notifications: Within 72 hours of discovery where required by law

16.4 Accessibility

If you need this Privacy Policy in an alternative format due to a disability, please contact us at privacy@vertali.net or call (850) 555-0199, and we will provide the information in a suitable format.

16.5 Verification of Identity

To protect your privacy and security, we may need to verify your identity before responding to certain requests. We will only use information provided for verification purposes.

16.6 Appeals

If we decline to take action on your request, you have the right to appeal our decision. To appeal, please send an email to privacy@vertali.net with "Appeal Request" in the subject line, and include a description of your original request and the reason for your appeal.