Last modified: August 23, 2024

Introduction

This privacy policy (“Privacy Policy”) describes the collection of personal information by Anza Technology, Inc., (“Anza”, “Company,” “we,” “us”, “our”, or “ours”) from users (“you”, “your”) of our website at www.anza.xyz along with any other related websites on which a link to this Privacy Policy is displayed (our “Website” or “Websites”), and all services provided by us when you are a client or customer of ours (collectively, the “Service” or “Services”). This Privacy Policy describes our use and disclosure of such information. This Privacy Policy is incorporated by reference into our Website Terms of Use at https://www.anza.xyz/termsofuse (“Website Terms of Use”) or any other terms that you may have been provided and agreed to in which this Privacy Policy has been included by reference (collectively, the “Agreement”).  

This Privacy Policy also describes your rights as a data subject to inquire about the personal information that we process and describes certain rights that you, as the data subject, have regarding this information.

For the purposes of EU, United Kingdom, and Swiss data protection laws ("Data Protection Legislation"), Anza is a data controller (i.e., the company that is responsible for and controls the processing of your personal information). 

Please read this Privacy Policy carefully to understand our practices regarding your personal information and how we will use it. By acknowledging this Privacy Policy and accepting the Agreement, you agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy.

Contacting us

If you have any questions or comments about this Privacy Policy, please contact us using the following contact information:

Anza Technology, Inc.,
6977 Navajo Rd #1003
San Diego, CA 92119
legal@anza.xyz

If you are located in the European Union, and pursuant to Article 27 of the General Data Protection Regulation (GDPR), we have appointed the European Data Protection Office (EDPO) as our GDPR Representative in the EU. You can contact the EDPO regarding matters pertaining to the GDPR by using the EDPO’s online request form: https://edpo.com/gdpr-data-request/, or in writing to the EDPO Avenue Huart Hamoir 71, 1030 Brussels, Belgium.

If you are located in the UK, and pursuant to Article 27 of the UK GDPR, we have appointed EDPO UK Ltd as its UK GDPR representative. You can contact EDPO UK regarding matters pertaining to the UK GDPR by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/, or in writing to the EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom.

What information do we collect?

We use your personal information to carry out the obligations arising from providing and improving the Websites and Services. This section describes the types and categories of personal information we may collect and how we may use that information. 

Information you provide us directly

We collect personal information that you provide when you enter your information into online forms or otherwise use the Websites, and when you engage with us to use our Services. We use this personal information in a variety of ways, and this personal information includes the following:

• When you engage our Services, we may collect business information from you, such as your first and last name, e-mail address, mailing address, and the company name with which you are associated with. We may also collect financial information in order to facilitate payment for Services;

• If you sign up for our mailing lists, provide feedback, or otherwise communicate with us, we may collect contact and business information from you, such as your first and last name, e-mail address, mailing address, and the company name with which you are associated with;

• If you engage with us on social media, we may collect information associated with this interaction, including your name, social media identifiers, and any comments or user-generated content you may provide.

• If you apply for a job posting on our careers page, we may collect information necessary to process your application, including your name, address, contact information, and details regarding your education and prior employment. 

Automatically collected information

When you visit our Websites or otherwise interact with us, we automatically collect certain categories of personal information, including:

Device and Usage Information. We may collect information about how you access our Websites, including data about the device and network you use, such as your hardware model, operating system version, mobile network, IP address, unique device identifiers, browser type, and app version. 

Location Information. In accordance with your device permissions, we may collect information about the precise location of your device. You may stop the collection of precise location information at any time by adjusting your device settings.

Collection and processing of sensitive information

The Websites do not collect or process ‘sensitive information,’ which includes data describing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, data concerning a natural person’s sex life or sexual orientation. Through your use of the Websites and Services, you should avoid disclosing sensitive information, for example, when corresponding with us.

How do we use your personal information? 

We use the personal information we have collected for the following purposes:

• When you engage our Services, we may use your personal information to help us provide them, including communicating with you via email and other means, sharing documents and software code with you, and invoicing for our Services.

• When you visit our Websites, we may use your personal information to better understand your use of them and to help us improve the experience for future visitors;

• When you communicate with us using one of the methods described in this Privacy Policy, we may also keep a record of the time and date of any correspondence and organize this correspondence in one or more of an electronic filing system, an email system, or a customer relationship management system;

• We may also use the personal information you provide for direct marketing of our Services to you. We allow you to opt out of receiving marketing communications from us as described in the “Communication choices” section below. Even if you opt out, we may continue to send you administrative emails, including, for example, periodic updates to this Privacy Policy and security, support, and maintenance advisories;

• To prevent fraudulent use of our Websites and Services; 

• To prevent or take action against activities that are or may be in violation of the Agreement or any applicable law;

• For internal product development purposes to develop new products and services and to improve existing ones;

• To respond to your inquiries related to employment opportunities with us, or other general inquiries;

• Use your personal information for any other purpose described to you at the time the information was collected.

When do we share personal information?

We may disclose information that we collect on the Website or Services to third parties if you consent to us doing so, as well as in the following circumstances:

• Service Providers. We may disclose personal information to third-party service providers (e.g., web hosting providers and other SaaS providers) that assist us in our work. We limit the personal information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such personal information;

• Business Transfers. Information about our users, including personal information, may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of company assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which personal information is transferred to one or more third parties as one of our business assets;

• To Protect our Interests. We also disclose personal information if we believe that doing so is legally required, or is in our interest to protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights or property of others, or otherwise to help protect the safety or security of our Website and our users;

• To Comply with the Law. We may also disclose personal information in response to lawful requests by public authorities.

Communication choices

If you receive marketing emails from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving marketing emails from us and any other promotional communications that we may send to you from time to time (e.g., by postal mail) by sending your request to us by email at legal@anza.xyz or by writing to us at the address given in the ‘Contacting Us’ section of this Privacy Policy.

Please be aware that if you opt out of receiving marketing emails from us, it may take up to ten business days for us to process your opt-out request, and you may receive marketing emails from us during that period. Additionally, even after you opt out of receiving marketing messages from us, you will continue to receive administrative and transactional messages from us regarding your use of the Websites and Services.

Rights to access

If you wish to access or amend any personal information we hold about you, you may contact us at legal@anza.xyz. If you request that we delete the personal information that we hold about you, we will do so within a reasonable period of time, but we may need to retain some of your personal information in order to satisfy our legal obligations or where we reasonably believe that we have a legitimate reason to do so.

Links to external sites

The Websites may contain links to other websites, products, or services that we do not own or operate. The Websites may also contain links to third-party websites, such as social networking services or candidate application tracking systems (ATS) that we may use. If you choose to visit or use any Third-Party Websites or products or services available on or through such Third-Party Websites, please be aware that this Policy will not apply to your activities or any information you disclose while using those Third-Party Websites or any products or services available on or through such Third-Party Websites. We are not responsible for the privacy practices of these Third-Party Websites or any products or services on or through them. Additionally, please be aware that the Website may contain links to websites and services that we operate but that are governed by different privacy policies. We encourage you to carefully review the privacy policies applicable to any website or service you visit before providing any personal information on them.

How long do we keep your personal information for?

Unless otherwise specifically stated elsewhere in this Privacy Policy, we will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. 

Aggregated and anonymized data that no longer identifies the user of the Websites is maintained for the purposes necessary to provide the Websites.

What is our policy on children?

Our Websites and Services are not directed to users under the age of 18, and we do not knowingly collect personal information from children under the age of 18 without obtaining parental consent. If we learn that we have collected personal information from a child under the age of 18 on our Websites and Services, we will delete that information as quickly as possible. If you believe that we may have collected any such personal information on our Websites and Services, please notify us at legal@anza.xyz. 

Additional disclosures for individuals in Europe

If you are located in the EU, the United Kingdom, or Switzerland, you have certain rights and protections under the law regarding the processing of your personal information, and this section applies to you.

Legal basis for processing in Europe

If you are a resident of the EU, the United Kingdom, or Switzerland, we need to inform you about the legal basis on which we collect and use your personal information.  In the EU, the United Kingdom, and Switzerland, the purposes for which we process your personal information are:

• Where we need to perform the contract we are about to enter into or have entered into with you for our Services;

• For the purposes of legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;

• When we have your consent to do so. When consent is the legal basis for our processing of your personal data, you may withdraw such consent at any time;  

• Where we need to comply with a legal or regulatory obligation.

The legal basis depends on the category of personal information being processed, and the purpose for that processing. The following list indicates each category of personal information we process, and the legal bases we rely on to do so. Where legitimate interest has been used as the legal basis for processing, the specific legitimate interest we use has been described. 

Please contact us if you need details about the specific legal basis we are relying on to process your personal information where one or more legal bases have been indicated.

• Contact information

  • Legal Basis for Processing: The performance of a contract and to take steps prior to entering into a contract; When we have your consent to do so; Where we need to comply with a legal or regulatory obligation.
• Online inquiries and correspondence
  • Legal Basis for Processing: When we have your consent to do so;
• Automatically collected information such as IP addresses
  • Legal Basis for Processing: Legitimate interest, namely better understanding your use of, and making improvements to, the Websites.
• Employee candidate information
  • Legal Basis for Processing: Legitimate interest, namely for considering your application for employment with us.

Europe privacy rights

If you are located in the EU, the United Kingdom, or Switzerland, you have the following Data Subject Access Rights with respect to your personal information that we hold:

• Right of access. You have the right to access the personal information that we hold about you;

• Right to rectification. You may have the right to require us to correct any inaccurate or incomplete personal information we hold about you;

• Right to erasure. In certain circumstances, you may have the right to the erasure of your personal information we hold about you (for example, where it is no longer necessary in relation to the purposes for which it was collected or processed);

• Right to restriction. You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where the accuracy of the personal information is contested by you for a period enabling us to verify the accuracy of that personal information);

• Right to portability. In some limited circumstances, you may have the right to portability, which allows you to move, copy, or transfer personal information from one organization to another;

• Right to object. You have a right to object to us processing your personal information when the processing is based on legitimate interests, and also to stop us from sending you direct marketing;

• Rights in relation to automated decision-making and profiling. You have the right not to be subject to a decision that affects you based solely on automated processing. We do not perform any automated decision-making or profiling.

If you wish to exercise one of these rights, please contact us using the information in the ‘Contacting us’ section of this Privacy Policy.

Where do we store and process your personal information?

• International Transfers: Our servers and data centers are located in the United States (US). If you choose to use the Websites and Services from outside the US, then you should know that you are transferring your personal information outside of your region and into the U.S. for storage and processing. We may also transfer your personal information from the US to other countries or regions in connection with the storage and processing of data, fulfilling your requests, and operating the Websites and Services. You should know that each region can have its own privacy and data security laws, some of which may be less stringent as compared to those of your own region. If you are located in the EEA, the United Kingdom (UK), or Switzerland, then the countries we may transfer your data to, including the US, may not have data protection laws as comprehensive as those in your own country. To ensure your personal information is protected, and that we comply with the applicable Data Protection Legislation, we have implemented the following measures:

  • Standard Contractual Clauses. We use the Standard Contractual Clauses (SCCs) for transfers of personal information to us, and also for transfer of personal information to third-party service providers. These clauses require the recipients to protect the personal information they receive in accordance with European data protection laws and regulations. Details of our use of SCCs can be provided upon request.

  • Derogations. In certain circumstances, we may transfer personal information based on the derogations contained in Article 49 of the General Data Protection Regulation (GDPR).

  • Supplementary Measures. In addition to the SCCs, we may use contractual, technical, and organizational measures to further protect your personal information.

  • Adequacy Decisions. Where applicable, we may rely on adequacy decisions provided by the European Commission under Article 45 of the GDPR to transfer your personal information outside of the EU, the UK, or Switzerland.

 Jurisdiction and Enforcement

• For European Union residents, you also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

• For UK residents, you also have the right to lodge a complaint to the UK Information Commissioner's Office at: https://ico.org.uk/.

• For Swiss residents, you also have the right to lodge a complaint to the Swiss Federal Data Protection and Information Commissioner (FDPIC) at: https://www.edoeb.admin.ch/edoeb/en/home.html.

California Privacy Notice

This section describes how we collect, use, and share the personal information of California residents in our capacity as a “business” under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”) and the rights these users may have with respect to their personal information.

For purposes of this section, the term “personal information” has the meaning given in the CCPA and does not include information exempted from the scope of the CCPA.  This section does not apply to our collection, use, and sharing of personal information of our job applicants and employees.

Categories of personal information we collect and disclose: In the preceding 12 months, we have collected the following categories of personal information, as defined by the CCPA, and referencing the categories described in the ‘What information do we collect’ section of this Privacy Policy. The list below also describes the categories of third parties to whom we may disclose this information to for business purposes. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below.

Contact information

• Identifiers: Information that identifies you, including your first name, last name, and email address.

  • Legal Basis for Processing: Business communication and collaboration tools, hosting service providers, data storage service providers, sales and marketing tools, finance and accounting tools.

• Personal information described in subdivision (e) of Section 1798.80: Your first and last name.
  • Legal Basis for Processing: Business communication and collaboration tools, hosting service providers, data storage service providers, sales and marketing tools, finance and accounting tools.
• Commercial information: Records of products and services purchased.
  • Legal Basis for Processing: Finance and accounting tools, sales and marketing tools.
• Internet or other electronic network activity information: Including, but not limited to, interaction and activity with our Websites and Services, interaction with ads, and information on your devices, including operating system versions, browser type, app versions, your IP address, and your interaction with emails we may send you.
  • Legal Basis for Processing: Sales and marketing tools, hosting service providers, product infrastructure tools.
• Geolocation data: In accordance with your device permissions, we may collect your precise location.
  • Legal Basis for Processing: Sales and marketing tools, hosting service providers.
• Professional or employment-related information: Information about the company you work for.
  • Legal Basis for Processing: Business communication and collaboration tools, finance and accounting tools,  sales and marketing tools, hosting service providers, candidate applicant tracking systems.

Purposes for our collection of your information: We may use your personal information for the purposes described in the “How do we use your personal information” section of this Privacy Policy and for the following business purposes specified in the CCPA: 

• Performing activities on behalf of the business, including providing the Websites and Services, providing customer support, processing or fulfilling orders and transactions, verifying customer information, processing payments, internal business analytics, and providing similar services on behalf of the business;

• Helping to ensure the security and integrity of our Websites and Services;

• Debugging to identify and repair errors that impair the functionality of our Websites and Services;

• Performing marketing activities that do not include cross-context behavioral advertising;

• Undertaking internal research for internal product development; and

• Undertaking activities to verify or maintain the quality or safety of our Websites and Services.

We do not collect or process sensitive personal information for purposes of inferring characteristics about consumers, and/or for purposes subject to the right to limit under the CCPA. 

Sales and Sharing:  Under the CCPA, “sales” and “sharing” are broadly defined, respectively, and include disclosing or making available personal information in exchange for monetary or other valuable consideration, or for purposes of cross-context behavioral advertising. We have not sold or shared your personal information in the preceding 12 months.

Retention: Unless otherwise specifically stated elsewhere in this Privacy Policy, we will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Aggregated and anonymized information that no longer identifies the user of the Services is maintained for the purposes necessary to provide the Websites and Services, and will not attempt to re-identify this information unless permitted by applicable law. 

California Consumer Privacy Rights.  If you reside in California, you may have the following rights: 

• Right to Know:  You can request the following information about how we have collected and used your Personal Information during the past 12 months:

  • The categories of personal information that we have collected;

  • The categories of sources from which we collected personal information;

  • The business or commercial purpose for collecting and/or selling personal Information;

  • The categories of third parties with which we share personal information;

  • The categories of personal information that we sold or disclosed for a business purpose;

  • The categories of third parties to whom the personal information was sold or disclosed for a business purpose.

• Right to Access: You can request a copy of the personal information that we have collected about you during the past 12 months.

• Right to Correction: You can ask us to correct inaccurate personal information that we have collected about you.

• Right to Delete: You can ask us to delete the personal information that we have collected from you.

• Right to Opt-Out of Sale or Sharing of Personal Information: Although you may have a right to opt out of certain processing of your personal information for targeted advertising purposes, profiling/automated decision-making, or the other sales of personal information, we have not engaged in such activities in the past 12 months

• Right to Nondiscrimination: You are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA. 

We do not currently offer any financial incentive programs.

You may exercise these rights by contacting legal@anza.xyz.  Please note the above rights are not absolute, and we may be entitled to refuse requests in whole or in part where applicable. We will respond to verifiable requests from consumers or authorized agents as required by law.  

When you submit a request to exercise your California Consumer Privacy Rights, we will take steps to verify your request by matching the request with the information in our records. Additional information may be required in some cases to verify a request or where necessary to process your request. 

If you designate an authorized agent to make a request on your behalf for which verification is required, we may (1) require you to provide the authorized agent’s written permission to do so, and (2) require you to verify your own identity directly with us. We will not respond to your data rights request until we are able to verify your identity or confirm the validity of an authorized agent request. 

Do not track

California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn’t an industry or legal standard for recognizing or honoring DNT signals, we don’t respond to them at this time. We await the result of work by the privacy community and industry to determine when such a response is appropriate and what form it should take. 

California Shine the Light

A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California Customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes, subject to certain exceptions, as defined in California Civil Code Sec. 1798.83. We do not share Personal Information with third parties for the third parties’ direct marketing purposes.  

How do we secure your personal information?

To help protect your data, we use commercially reasonable steps to protect the data that we collect, including your personal information. The reasonable steps include protecting this data against accidental loss, unauthorized use, disclosure, and restricting access to personal information by our staff. The Websites are hosted by a third-party hosting company that we have determined maintains adequate security controls and utilizes TLS encryption for all internet communication with the Websites. We also require all staff that administer the Websites and develop the Services to follow industry-standard controls.

We use various 3rd party processors to enable us to provide the Websites and Services, and as part of our vendor due-diligence, we review the security controls these processors have in place and ensure they meet industry standards appropriate for the type of data we collect.

You should keep in mind, however, that the Websites and Services utilizes software, hardware, and networks, which from time to time require maintenance and experience problems beyond our control. Note that no data transmission over the public internet or encryption method can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.

Updates to this Policy

We may occasionally update this Privacy Policy. When we do, we will also revise the ‘last updated’ date at the beginning of the Policy. Your continued use of our Websites and Services after such changes will be subject to the then-current Privacy Policy. If we change this Policy in a manner that is material, we will use reasonable efforts to notify you via the contact methods you have provided of the change prior to applying the change to any personal information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and disclose personal information.