California Do Not Track Disclosure
Currently, Ate Up With Motor does not respond to Do Not Track browser settings.
Information-Sharing Disclosures (Shine the Light Law)
California Civil Code § 1798.83 et seq. (the “Shine the Light” law) gives California residents who have established business relationships with certain businesses the right to request information about those businesses’ disclosure of the customer’s personal information to third parties for direct marketing purposes.
The law defines “direct marketing purposes” as “the use of personal information to solicit or induce a purchase, rental, lease, or exchange of products, goods, property, or services directly to individuals by means of the mail, telephone, or electronic mail for their personal, family, or household purposes.” An “established business relationship” is defined as “a relationship formed by a voluntary, two-way communication between a business and a customer” that is either ongoing or was established with a purchase or other transaction within the past 18 months.
Under the Shine the Light law, if you are a California resident and have an established business relationship with a business subject to the law’s requirements, you may request, once per calendar year, an Information-Sharing Disclosure that details:
- What categories of personal information about you, if any, that business shared with third parties for direct marketing purposes in the preceding calendar year, and
- The names/identities and addresses of such third parties.
(The law does not require the business to reveal which specific pieces of information may have been shared, only the categories of information, as defined by the applicable statutes.)
Although we believe we are exempt from the requirements of this law, since we have fewer than 20 employees, we will nonetheless make every reasonable effort to provide you with such a disclosure within 30 days of our receipt of your request. To submit a request, please contact us through one of the methods described in “Controllers, Questions, and How to Reach Us” below.
California Privacy and Data Protection Rights
Starting January 1, 2020, California’s data protection laws, including the California Consumer Privacy Act of 2018 (CCPA), give California residents additional rights with respect to their personal data, including rights similar to those provided by European General Data Protection Regulation (GDPR) rules. The rights the CCPA provides California residents include:
- The Right to Know and the Right to Access: You have the right to request access — free of charge, up to two times in a given 12-month period, and (where possible) in “a readily usable format” — to:
- The categories and/or specific pieces of personal information we have collected about you in the preceding 12 months, and
- The categories of business and/or commercial purposes for which we collected and used the information, and
- The categories of sources from which we collected that information, and
- The categories of personal information about you that we have shared with third parties for business or commercial purposes in the past 12 months, and
- The categories of third parties with whom personal information was shared.
- The Right to Delete: You have the right to request the deletion of your personal information.
- The Right to Opt Out of the sale of your personal information.
- The right to not be discriminated against or penalized for exercising these rights.
- The right to make a complaint to a state government supervisory authority.
- The right to take private legal action in the event of a data breach that exposes your personal information to theft or unauthorized access.
These rights are subject to certain exemptions, exceptions, and restrictions provided by the law and/or its associated regulations. You need not be physically present in California to exercise these rights provided that you have a current California residence. You may designate an authorized agent to act on your behalf in exercising these rights.
While we believe Ate Up With Motor does not technically meet any of the applicability thresholds specified by this California law, we are committed to providing visitors with as many privacy choices as we reasonably can.
You can exercise your California privacy rights through the Do Not Sell My Personal Information page or by contacting us through one of the methods described in “Controllers, Questions, and How to Reach Us” below.
Applicable law and/or regulations may stipulate the maximum time allowed for acknowledging and/or responding to your request. There is no charge for for making a request.
In order to better safeguard your privacy and the privacy of others, we may be required to verify your identity before processing certain requests pertaining to your personal information. We may be unable to fulfill your request if we cannot verify your identity to the degree of certainty applicable law and/or regulations require. Also, please note that in addition to any exceptions and exemptions applicable law and/or regulations may provide to the rights provided by the CCPA (particularly with regard to the deletion of your personal information), we may be unable to delete certain information (e.g., our web host’s server and error logs) for technical reasons.
Except as otherwise required by law, privacy-related requests pertaining to children under 18 should be submitted by a parent, legal guardian, or other authorized adult representative.
Do Not Sell My Personal Information
If you are a California resident and would like to exercise your right to opt out of the sale of your personal information, or any of your other rights under the California Consumer Privacy Act (CCPA), such as the right to access or delete your personal information, please visit our Do Not Sell My Personal Information page.
CCPA Information Collection and Sharing Notice
The California Consumer Protection Act of 2018 (CCPA) also requires certain businesses to disclose the categories of information that the business has collected about individuals or households during the preceding 12 months; that the business disclosed for business purposes during the preceding 12 months; and that the business disclosed for commercial purposes during the preceding 12 months. These disclosures must be updated at least once a year.
As noted above, we believe we do not meet any of the CCPA’s applicability thresholds, but for the avoidance of doubt, we make the disclosures listed below.
Categories of Personal Information Collected
The following list summarizes the categories of personal information we have collected about individuals or households, both through or in connection with this website and its related services and in the larger context of our business as a professional writer/editor.
Please note that we do not necessarily collect all of these categories of personal information about every individual, or even most individuals. While we collect certain information from all site visitors (e.g., IP addresses, user agent information), the categories listed below also encompass the range of information we gather in connection with the articles and other content we create and/or edit, which is far more extensive than we customarily gather about site visitors. These categories include information (a) that certain people volunteer to us (e.g., in a comment or other communication), whether about themselves or someone else; (b) that we only collect from/about certain people for some specific reason(s); and/or (c) that we infer or surmise from other data (e.g., inferring an approximate geographical location based on an area code or email domain).
During the past 12 months, we have collected the following categories of personal information in the course of our business:
- Identifiers, such as:
- IP addresses
- Names, pseudonyms/aliases, and/or user names/account names
- Email addresses
- Telephone numbers
- Postal mailing addresses and/or street addresses
- Social Security Numbers, taxpayer ID numbers, and/or other government-issued identification information
- Device and/or other online identifiers
- Commercial information, such as:
- Records of financial transactions with us, including, where applicable, transaction ID numbers, tax-related information, and check/bank account information (we do NOT collect any bank account or credit card information in connection with PayPal® transactions)
- Details about cars and/or other vehicles an individual has owned, rented, or otherwise driven, and/or that they have indicated that they want to buy, rent, or drive
- Information about art, books, other publications, films, videos, and/or other media an individual or household has read, watched, or otherwise consumed (or desires/intends to consume)
- Information about other property or services an individual or household owns or uses (e.g., Internet service providers, mobile carriers, mobile devices, and/or operating systems, which are often revealed in IP address and/or user agent information), has owned or used, and/or desires/intends to purchase or use
- Property records (e.g., who owns or has owned a particular building or other real property)
- Information about other financial transactions
- Opinions, critical judgments, tastes, and/or preferences, expressed or implied, regarding cars and/or other vehicles; art, books, other publications, films, videos, and/or other media; and/or other products, goods, or services
- Characteristics of protected classifications, such as:
- Ages and/or dates of birth
- Races or ethnicities
- Religions or religious affiliations
- Sexual orientations
- Marital/relationship status and/or information about spouses/partners
- Information about children, other family members, and/or family history/ancestry
- Health status information (e.g., health conditions, treatments or therapies received)
- Internet or other online activity information, such as:
- Domain names and/or websites/URLs (e.g., personal blogs, social media pages/profiles/feeds)
- User agent information
- Web browsing activity and/or history
- Search history
- Errors and/or suspicious activity on this website
- Other information about an individual’s online interactions
- Geolocation data (such as a location based on an IP address)
- Audio, electronic, visual, or similar information, such as photographs, videos, audio recordings, and/or other media in which recognizable individuals or likenesses are visible and/or their voice(s) audible
- Professional or employment-related information, such as:
- Current and/or past employer(s)
- Job title(s) or position(s)
- Business ownership/registration information (e.g., whether an individual has some ownership interest in and/or is an officer of a corporation or other business entity)
- Military service information
- Other group or organization membership and/or affiliation information
- Publishing histories/bibliographies/discographies/filmographies/portfolios/CVs/development credits/patent records for writers, artists, designers, performers, developers, engineers, scientists, and other professionals
- Authorship, other credits, and/or rights holder information for artwork, books, films, software, photographs, other media, other published works or designs, and/or other intellectual property such as trademarks and/or patents
- Education information (e.g., schools attended, degrees and/or credentials earned)
- Other financial information (e.g., whether someone has (or had) loans and/or has declared bankruptcy, or the net worth of a public figure)
- Information about specific vehicles, such as:
- License plate numbers, vehicle identification numbers, and/or related information (e.g., vehicle registration dates)
- Other identifying details (e.g., year, make, model, body style, color, equipment, features, distinguishing markings)
- Other types of personal information (including, but not limited to, additional categories of information defined in the California Customer Records statute, California Civil Code § 1798.80(e)), such as:
- Signatures, physical and/or digital
- Other physical characteristics or descriptions of individuals (e.g., height, weight, hair color)
- Health insurance information (e.g., whether or not individuals are insured and with which insurance carrier(s) — we do NOT collect policy numbers or similar data, and most of the insurance-related data we do receive is in aggregated form)
- Legal information (e.g., if an individual has been accused of or charged with a crime and/or involved in a civil lawsuit)
- Political affiliations and/or activity
- Information about other household members (e.g., roommates, pets)
- Encryption public keys and similar security data
- Other potentially identifying information in electronic files and/or associated metadata
- Other data that could potentially be deemed personal information, but that does not easily fit into any of the above-listed categories
- Inferences we make.
The fact that we collected and/or inferred certain information does not necessarily mean that we still retain it, or that we have any practical way to associate the different categories of information we may have collected about a given individual or household (e.g., to connect a visitor’s name with an IP address in the server logs and/or a face visible in the background of a photograph).
Personal information we collect about you or your household comes from one or more of the following categories of sources:
- You, whether directly through your communications with us, through other public disclosures you’ve made (e.g., social media posts), or through your use of this website and/or its related services
- Our employees, independent contractors, agents, and/or business partners (as applicable)
- Our vendors and/or service providers
- Other visitors/users, whether directly or indirectly
- Published and/or publicly available sources (e.g., books, articles, films, videos television programs, radio programs, podcasts, other audio recordings, social media, online databases, public records)
- Photographers, videographers, and/or illustrators
- Subject matter experts (e.g., historians, biographers), archivists, librarians, observers, eyewitnesses, and/or other knowledgeable parties
- Clients or employers for whom we provide (or have provided) writing/editing services.
- Functionality: We use the information so that this website (and/or its related services), or certain specific functions thereof, can work properly. For example (but without limitation), none of the pages or content on this website will load if the web server doesn’t have a valid IP address to which to transmit the necessary data.
- Providing a service: We use the information to provide some service or perform some action you ask (or have asked) us to perform. For example (but without limitation), we probably couldn’t send you a physical document without your mailing or delivery address.
- Completing a transaction: We use the information to conduct or complete financial transactions with you, such as a contribution made through the payment button.
- Fulfilling a contractual obligation: We use the information to meet the requirements of some contract or legal agreement, whether with you or a third party.
- Legal compliance or audit: We use the information to ensure our compliance with applicable laws or regulations, and/or so that we can demonstrate our compliance to an auditor or investigator if needed.
- Research and publishing: We use the information as part of the research involved in creating and publishing our content (e.g., our automotive articles and/or associated images), our other writing/editing work, and/or other creative endeavors, and/or to help us decide what content to create and/or publish. For example (but without limitation), data about which past articles have been most popular helps us decide what content to publish in the future.
- Security, troubleshooting, quality control, and technical improvement: We use the information to help us protect this website (and/or its related services), its data, its users, and us from malicious activity; troubleshoot and resolve technical problems; and/or improve the quality and functionality of the site and/or its related services.
- Advertising and other commercial purposes: We use the information to promote or advertise our content or services, sell advertising on this website, monetize the site and its content in other ways, and/or achieve some other commercial purpose(s).
In many cases, information we collect may have several purposes or possible purposes. Obviously, not every individual piece of information in a particular category will necessarily be used or even useful for a given purpose.
Information Shared for Business or Commercial Purposes
The CCPA defines sharing information “for business purposes” as disclosing personal information about individuals or households to third parties such as service providers or independent contractors for any of the following purposes:
- Auditing interactions with consumers
- Certain short-term uses
- Performing services
- Internal research for tech development
- Quality and safety maintenance and verification.
A disclosure of personal information is considered to be “for commercial purposes” if it serves to “advance a person’s commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction,” with the exception of “engaging in speech that state or federal courts have recognized as noncommercial speech, including political speech and journalism.”
- Our employees, independent contractors, agents, and/or business partners, if any.
- Service providers and/or vendors we use in connection with this website, our other professional activities, and/or the management of our business.
- Any government agency, investigator, auditor, court, arbiter, or other official entity that requires or compels us to disclose personal information related to our business.
- Any individual or entity with whom we communicate and/or collaborate in the process of researching and developing our content, writing/editing work, and/or other creative endeavors.
- Editors, publishers, clients, employers, and/or other third parties for whom we provide writing/editing services and/or to whom we may license, sell, or otherwise offer our content and/or other creative work.
- Individuals or entities who help us promote and/or sell (or otherwise offer for commercial advantage) our content, writing/editing services, and/or other creative endeavors.
- The public, through the publication, performance, broadcast, other dissemination, and/or public discussion of our content and/or other creative work; our sharing, discussing, and/or otherwise disseminating information that is already publicly available (e.g., in news articles, published works, and/or public records); and/or, as applicable, our publication of your comments, any images and/or other media you submit to us, and/or your other communications with us.
The CCPA’s definitions are so expansive that almost any disclosure or transmission of virtually any piece of information about any individual or household — even information that was already publicly available — could potentially be considered sharing of personal information for business or commercial purposes if it takes place in any business-related context.
Much if not all of the personal information we collect or access in the course of our business may be processed by one or more third parties. For example (but without limitation):
- For obvious reasons, it is impossible for us to call, text, email, or mail any individual or household without disclosing a certain amount of the recipient’s personal information to third parties. For example, making a phone call or sending a text message requires communicating the recipient’s telephone number to the applicable telephone companies or mobile carriers.
- Our web host, DreamHost®, owns the web servers on which this website runs as well as the mail servers for our associated email addresses. Therefore, DreamHost has full administrative access to most files, messages, and data processed by or stored on those servers. (This is in addition to any information we deliberately share with DreamHost for purposes such as troubleshooting or security.)
- If in the course of our business we access any website or online resource that is not encrypted (i.e., via an HTTP rather than HTTPS connection), any data we access on that site or resource is visible to our Internet service provider and potentially also other third parties. Even if a website or online resource IS encrypted, our Internet service provider and other third parties (such as our DNS (domain name system) server and the website or resource’s certificate authority and embedded content providers) can generally see that we have connected to that site or resource, as can that site/resource’s certificate authority and embedded content providers, if any. If we use a proxy server or VPN, the VPN or proxy server can also see our connections and any unencrypted data we access.
- Most payments we receive are processed by our bank(s) (or other applicable financial institution(s) and the applicable payment processor, if any (e.g., PayPal®). Those payments and any related tax documents must also be disclosed to several different tax agencies, and may be discussed with our tax preparer and/or other financial or legal professionals for administrative and compliance purposes.
Any or all of the above would likely be considered disclosures for business purposes by the CCPA’s definitions.
Actions like the following could also be deemed sharing information “for business purposes” if we do so in some business-related context:
- Looking up someone’s name in a search engine, library catalog, or other database.
- Entering someone’s address into a mapping or navigation service to look up driving directions, or meeting with someone face to face while our phone’s geolocation services are turned on.
- Using an automated translation service to translate text containing any names or other personal information.
- Printing a document containing names or other personal information using a commercial print service or a printer controlled by a third party (e.g., printing a copy of a news article we read at the public library).
- Performing a WHOIS lookup on an IP address from the website’s security or error logs, or allowing our firewall or other security software to perform such lookups.
- Storing or transmitting any electronic file containing personal information using any cloud storage service or other online storage system.
- Sharing links to a news article or online post that contains names or other personal information.
- Describing an unusual or distinctive vehicle we saw on the street or in some other public setting.
- Discussing the life and career of a well-known public figure with other writers, historians, enthusiasts, or subject matter experts, whether or not the information discussed is already publicly available.
- Publishing or submitting for publication any content that contains any personal information such as names, photographs, videos, or biographical information. (Even publishing a bibliography with authors’ names might count.)
(These are just a few examples, not an exhaustive list.)
Because the proprietor of this website is a professional writer/editor and much (though not all) of the information we collect in connection with our business is intended for publication — whether on this website or elsewhere — a variety of activities we routinely undertake in connection with our work could potentially be deemed “commercial” as defined by the CCPA, even if our actual content is deemed “noncommercial speech.” (For writers, photographers, and other creative professionals, the distinction between “commercial” activity and engaging in “noncommercial speech” as an integral part of one’s business is a complicated, muddy legal question mark.) Examples could include:
- Licensing, selling, or otherwise offering our articles or other content for money or other valuable consideration (including offering the content on this website, which is supported by advertising and user contributions) if that content incorporates any names or other personal information about individuals or households.
- Advertising, promoting, or marketing our content, or published works incorporating our content, if that content contains any names or personal information or if such information is referenced in the promotion or marketing.
- Proposing or pitching articles, books, or any other content containing names or other personal information to editors, agents, or publishers.
- Sharing, exchanging, or discussing with clients, coauthors, or collaborators any personal information pertaining to articles, books, or other content we are creating and/or editing for commercial advantage.
- Arranging for people featured and/or quoted in our content to receive complimentary copies of our published work or be notified of its publication or commercial availability.
Even if disclosures like these are NOT deemed to be “for commercial purposes” by the CCPA’s definitions, they are certainly “for business purposes.”
From time to time, we may also facilitate other types of commercial transactions, whether directly or indirectly, such as:
- By putting into contact (with their mutual consent) parties who have expressed interest in some transaction with one another. For example:
- If a visitor asks about licensing a photo or other content on Ate Up With Motor that is owned by someone else, we might ask the applicable rights holder if they’re comfortable with our putting them in touch with the interested party.
- If a site visitor expresses interest in purchasing an item another visitor has indicated a desire to sell, we might assist the two parties in contacting one another.
- By recommending that a professional contact or acquaintance be hired for a job, assignment, or commission, or chosen as a vendor or service provider.
- By endorsing (explicitly or by implication) some author, artist, service provider, or vendor, and/or their products or services.
By the CCPA’s definitions, disclosing any personal information in such circumstances might be deemed sharing information “for commercial purposes” whether or not any transaction is actually completed, whether or not we are a party to that transaction, and whether or not we receive any compensation or consideration in connection with it.
Put simply, by the law’s extremely broad definitions, any or all of the categories of personal information we collect in the course of our business could be deemed to be shared for business and/or commercial purposes, whether or not we “sell” personal information in the way most people understand that term.
If you have general questions about our data-sharing practices (i.e., questions about our typical practices rather than about the personal data of any specific individual or household), feel free to contact us using one of the methods shown under “Controllers, Questions, and How to Reach Us” below. If you are a California resident and would like to exercise your rights under the California Consumer Privacy Act (CCPA), such as the right to access or delete your personal information or opt out of the sale of your personal information, please visit our Do Not Sell My Personal Information page.
Controllers, Questions, and How to Reach Us
The controller for processing personal information is Aaron Severson dba Ate Up With Motor, 11100 National Bl. #3, Los Angeles, CA 90064.