ASSC PRIVACY NOTICE

Last Updated June 10, 2022

This is the Privacy Notice for https://cohost.org/, https://antisoftware.club/, and other websites and platforms we own or control (collectively, the "Site"), mobile applications, products, merchandise, other services, or any portion thereof (the "Services") provided by the Anti Software Software Club LLC and our affiliates ("ASSC," "us" or "we"). This Privacy Notice is governed by and part of our Terms of Use.

What Is This About?

At ASSC, we think we can do better than the status quo and that starts with respecting the humans that use our Services. We want you to understand how we collect and treat your information. Here is a summary of how we work to earn and keep your trust:

  • We collect that absolute minimum information from you that we need to give you access to the Services you want. If you give us more information than we need, we will keep it secure.

  • You can access and delete your information on your own at any time. If you need help managing your information you can email privacy@cohost.org.

  • We do not post ads or use your information for advertising purposes. Any ads or promotions you might see on or through our Services are from other Users telling you about their User Content.

  • We never sell your Personal Information or share it with others for advertising purposes.

  • We do not sell your Personal Information or share it with others for cross-contextual behavioral advertising.

  • We will update this posting if our practices change.

You should read this Privacy Notice in detail because knowledge is power. If you have questions about our privacy practices or would like to make a complaint, please contact us at privacy@cohost.org.

  1. Your Consent. By accessing or using our Services in any manner, you consent to the privacy practices described in this Privacy Notice. If you do not agree with this Privacy Notice, do not use the Services.

    Please note that this Privacy Notice DOES NOT apply to any information collected by third parties, including websites, platforms, or services provided by registered users and content creators on the Services ("Users"). We encourage you to familiarize yourself with third party privacy practices of any services you use.

  2. What is Personal Information? When we say, "Personal Information," we mean information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual consumer or household. Personal Information falls within these categories:

    • Identifiers (e.g., name, email address, address, telephone number, username);

    • Sensitive Personal Information (e.g., state identification number, financial information, health information, precise geolocation);

    • Protected classification information (e.g., race, citizenship, marital status, medical condition, sex, sexual orientation, veteran or military status);

    • Biometric information (e.g., image, keystrokes, behavioral or biological characteristics);

    • Internet or other similar activity (e.g., general location, browsing history, content interactions);

    • Employment-related information (e.g., current or past employment);

    • Non-public educational information, including information protected under the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99); and

    • Commercial information (e.g., products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies).

    Personal Information does not include:

    1. publicly available information
    2. aggregate information, meaning data about a group or category of services or users from which individual identities and other Personal Information has been removed; or
    3. deidentified information that cannot be easily linked back to the individual.

  3. How Do We Collect and Use Personal Information? ASSC aims to collect the absolute minimum Personal Information necessary to provide our Services to you. When we do collect Personal Information, we do so with your consent, to achieve a legitimate interest like improving the Services, or as required or permitted by law. As such, we only collect, use, retain, and disclose Personal Information as reasonably necessary and proportionate to provide our Services. We limit our privacy practices to what is compatible with the context of how we collect Personal Information or as permitted or required by law.

    During the preceding 12 months, we have collected our Users' and visitors' identifiers, commercial history, and internet activity, as well as any other Personal Information a User chooses to submit to the Services. This information is collected from a variety of sources, including:

    • Directly from you as a User or visitor when you access or use the Services. When you register as a User, we collect your email address, username, password, and date of birth if necessary for age verification. If you choose to provide it, we will collect your name and other information you wish to include in your User profile. If you include Personal Information in the User Content you post to the Services, whether for free or as paid or subscription User Content, we will have access to and may retain it. All payments are processed using a PCI-DSS payment processor, so we never access, use, or store your payment information for any purchases on the Services. If you contact ASSC by email or otherwise, we will collect any Personal Information you choose to include the message.

    • From your use of the Services. When you interact with our Services, we automatically collect data about your internet activity such as your IP address, internet service provider, browser, information, device data, date and time of access, and the content with which you interact. The Services will also collect your commercial history in the form of your User Content interactions, purchases, and subscriptions. We collect this information to achieve our legitimate interest of providing, managing, and improving the Services.

    In addition to the specific uses above, we might also use your Personal Information to:

    1. provide, maintain, and improve the Services;
    2. personalize the user experience and provide customer service;
    3. send you support and administrative messages;
    4. monitor your compliance with any of your agreements with us;
    5. detect, investigate, and prevent fraudulent transactions and other illegal activities and protect our or others' rights and property;
    6. protect your privacy, enforce this Privacy Notice, and comply with applicable laws, regulations, legal processes or court orders;
    7. if we believe it is necessary, to identify, contact, or bring legal action against persons who may be causing injury to you, to us, or to others; or
    8. fulfill any other purpose to which you consent.

  4. Cookies. Cookies are small text files downloaded and stored on your device when you visit or use an online platform. ASSC uses one first-party cookie on the Services to manage User sessions. This cookie is strictly necessary to the function of the Services. On your device, you can set your browser or device to refuse all or some cookies or to alert you when cookies are being sent. You can also install third-party plugins to control cookie behavior. You may see a cookie consent notice on our Services that provides the option to accept or reject different types of cookies. You may adjust your cookie selections at any time, and we will display the cookie consent notice to you periodically. If you refuse or disable cookies or block the use of other tracking technologies, some parts of the Services may be inaccessible or not function properly.

  5. Children's Privacy. You must be 16 or older to use our Services. ASSC does not knowingly collect Personal Information from children under 16. If we discover that a child under 16 has provided us with Personal Information, we will delete the information from our systems. If you believe we might have any information collected online from a child under 16, or if you become aware of any unauthorized submission of information to us, please contact us at privacy@cohost.org.

  6. How Long Do We Keep Information? Just as we only collect the minimum Personal Information, we only keep it as long as necessary. This means we only keep your User account information while your account is active, and we keep it safe with hashing and other safeguards. Cookie data is kept for various periods depending on its function, sometimes for 24 hours but in some cases up to 24 months. When we are done with Personal Information we will securely and permanently delete it.

    You decide what Personal Information is included in your User Content and how long it stays on the Services, but if another User accesses your User Content they might download or make a copy of it for their personal use as permitted by the User Content License.

  7. Who Can Access Your Personal Information? We only disclose your Personal Information to others for specific purposes. In the last 12 months, we have disclosed all categories of Personal Information that we collected for a business purpose to these recipients:

    • Our Service Providers. If we use service providers (e.g., data analyst companies, payment processors, email and data hosting providers) we may need to give them access to your Personal Information to perform their contractual obligations to us. Our service providers are required under contract to protect your Personal Information, and we require all service providers to maintain confidentiality standards that are commercially reasonable to ensure the security of your Personal Information.

    • Cookie information recipients, subject to their respective privacy notices.

    • Law enforcement or other government agencies as permitted or required by law.

    • Other Third Parties, as permitted by applicable law, for example: if we go through a business transition (e.g., merger, acquisition, or sale of a portion of our assets); to comply with a legal requirement or a court order; when we believe it is appropriate in order to take action regarding illegal activities or prevent fraud or harm to any person; to exercise or defend our legal claims; or for any other reason with your consent.

    • Aggregated/Deidentified Information. If we use Personal Information to generate aggregated or deidentified data, then it is no longer Personal Information and we might disclose that data to third parties for our own purposes.

  8. Your Choices and Controls. We believe you should always have the ability to readily control the Personal Information we collect and hold about you. If you have questions or need help, please email us at privacy@cohost.org.

    • Your Account. You can sign into your account to access, change, or delete your Personal Information at any time. If you require assistance to access or make certain changes, please contact privacy@cohost.org.

    • Our Emails. If you provide us with your email address, we might use it to contact you about the Services or other stuff we think interests you. We will only send you these communications in ways that are compatible with your privacy choices. To opt-out, change your preferences via the links provided in the emails or contact privacy@cohost.org.

    • Device Settings. You can control the data we collect about you by adjusting your device settings.

    • Texting. If you provide us with your wireless number, you consent to ASSC sending you text messages. The number and frequency of our texts depend on your circumstances and requests. You can unsubscribe from text messages by replying STOP or UNSUBSCRIBE to any of these text messages. Messaging and data charges may apply to any text message you receive or send. Please contact your wireless carrier if you have questions about messaging or data charges.

    • Do Not Track. Do Not Track signals are signals sent through a browser informing us that you do not want to be tracked. Currently, our systems do not recognize browser "do-not-track" requests. If this changes in the future, we will update this Privacy Notice.

    • Privacy Requests. Some countries and states have privacy laws that entitle you to contact us with specific requests over your Personal Information. To exercise your rights, express concerns, lodge a complaint, or obtain additional information about the use of your Personal Information, please send us a privacy request to privacy@cohost.org. We do not charge a fee to process or respond to a verifiable request unless we have legal grounds to do so. In that case, we will tell you the cost estimate and why we are charging the fee before completing your request. We may be unable to fulfill some or all of your request, for example, if your request falls within a statutory exception or if fulfilling your request would prevent us from complying with a statutory or contractual obligation.

  9. Your Privacy Rights. Depending on where you live, your Personal Information may be protected under certain privacy laws. This section provides the notices required under the European Union's General Data Protection Regulations ("GDPR"), Canada's Personal Information Protection and Electronic Documents Act ("PIPEDA"), and the California Consumer Privacy Act of 2018 ("CCPA"), and offers informational notices to residents of Virginia, as well as the predominant consumer privacy laws applicable to individuals who use our Services around the world. Please note that certain privacy laws may not apply to ASSC or the Services.

    Depending on where you live, your rights over your Personal Information may include some or all of these:

    • Right to know how we collect and process your Personal Information. We have set the required notices in this Privacy Notice. We may provide you with additional notices about other ways we process your Personal Information, such as by sending you a notice via email or by other means of communication.

    • Right to expect us to collect, use or disclose Personal Information responsibly and not for any other purpose other than which you consented. We set your expectations in this Privacy Notice, and we collect legally required consent at various stages of our interactions with you. If we collect or use your Personal Information based on your consent, we will also notify you of any changes and will request your further consent as required by law. You may withdraw your consent at any time with reasonable notice by contacting privacy@cohost.org.

    • Right to access your Personal Information. You can request to access your Personal Information. Upon request, we will provide you with a copy of your Personal Information, along with details about the types of Personal Information we process, why we process it, and any third parties we work with to collect Personal Information on our behalf. We may have one or more legally valid reasons to refuse your request in whole or in part, for example in order to protect the rights of other individuals. If you are a resident of the State of California, your request is limited to specific pieces of Personal Information we have collected about you over the past 12 months, and we only have to respond to two such requests within a 12-month period.

    • Right to accuracy, and the right to correct your Personal Information. If you become aware that the Personal Information that we hold about you is incorrect, or if your situation changes (e.g., change of address), please inform us and we will update our records.

    • Right to data portability. In some cases, we are required to provide your Personal Information to another organization at your request and in a structured, commonly used machine-readable format, so that the other organization can read and use it.

    • Right to deletion or erasure (a.k.a. the "right to be forgotten"). Upon your request, and in certain circumstances and where we are required to do so by law, we are required to delete your Personal Information. This right is not absolute, and we may be entitled to retain and process your Personal Information despite your request. If you make this request, we balance certain legal, contractual, and business interests against your right to request the deletion of your Personal Information.

    • Right to restrict processing of your Personal Information. You may have the right to request that we restrict the processing of your Personal Information if

      1. the data is inaccurate,
      2. the processing is unlawful,
      3. we no longer need the Personal Information, or
      4. you exercise your right to object. Your right to restrict may be limited to Personal Information that is sensitive in nature, or that is sold or shared for certain purposes.

    • Right to object to certain processing of your Personal Information. You may have the right to request, under certain circumstances and where we are required to do so by law, that we will limit our processing of your Personal Information as you request.

    • No selling or sharing Personal Information. We do not sell your Personal Information or share your Personal Information with third parties for cross-contextual behavioral advertising purposes. If this changes in the future, we will update this Privacy Notice and provide you with a method to opt-out.

    • Limited use and disclosure of sensitive Personal Information. We do not use or disclose sensitive Personal Information for the purpose of inferring characteristics about any consumer. If this ever changes in the future, we will update this Privacy Notice and provide you with methods to limit use and disclosure of Sensitive Personal Information.

    • Right to nondiscrimination. We will not discriminate against you for exercising any of your privacy rights. If you are a resident of the State of California, we will not

      1. deny you goods or services,
      2. charge you different prices or rates for goods or services,
      3. provide you a different level or quality of goods or services,
      4. retaliate against you as an employee, applicant for employment, or independent contractor for exercising your privacy rights; or
      5. suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services because you exercised a right permitted by law.

    • Right to not be subject to Automated Decision-Making ("ADM"). We do not use automated decision-making or profiling as part of the Services. If this changes in the future, we will update this Privacy Notice and provide you with an option to exercise your privacy rights related to Personal Information processed using ADM.

    • Right to disclosure of certain information about our collection and use of your Personal Information over the past 12 months. If you are a resident of the State of California, you may request that we disclose

      1. the categories of Personal Information we have collected about you;
      2. the categories of sources for the Personal Information we have collected about you;
      3. our business purpose for collecting or selling that Personal Information; and
      4. the categories of third parties with whom we disclose that Personal Information.

      Additionally, if a business sells or shares Personal Information, the consumer may request two separate lists stating

      1. sales, identifying the Personal Information categories that each category of recipient purchased; and
      2. disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained. We are only required to respond to two disclosure requests within a 12-month period.

    • Right to disclosure of marketing information. If you are a resident of the State of California, note that California's Shine the Light Act (Civil Code sections 1798.83-1798.84) entitles California Consumers to request certain disclosures regarding Personal Information sharing with affiliates and/or third parties for marketing purposes.

    You can exercise these rights as they apply to you based on where you reside by sending a request to privacy@cohost.org. Our response to your request will be subject to any exceptions and limitations that may apply.

  10. U.S. Owned and Operated. ASSC is owned and operated in the United States. If you are a non-US resident or if you use our Services from outside of the United States, you acknowledge that Personal Information we collect about you may be transferred to our servers in the United States and maintained there. This may require the transfer of your Personal Information out of your country of origin with laws governing data collection and use that may differ from or be more restrictive than U.S. law, or may result in governments, courts, law enforcement or regulatory agencies having access to or obtaining disclosure of your Personal Information pursuant to the laws of the applicable foreign jurisdiction. ASSC is committed to transferring Personal Information using a lawful data transfer mechanism, and we and our service providers will take reasonable steps to ensure the safety and security of your Personal Information and privacy. By allowing us to collect Personal Information about you, you consent to this Privacy Notice and the transfer and processing of your Personal Information as described in this paragraph, and you waive any and all remedies that you may have based on the laws of your jurisdiction.

  11. Data Security. ASSC uses reasonable and appropriate technical, organizational, and physical security measures to help protect your Personal Information from unauthorized or illegal access, destruction, use, modification, or disclosure. Our personnel responsible for handling user inquiries are informed of applicable privacy law requirements. All information you provide to us is encrypted during transmission and stored on our secure servers. Any payment transactions are processed on a PCI-compliant third-party application.

    Please note, however, that no transmission of data over the internet is 100% secure. We cannot guarantee that unauthorized third parties will not defeat our security measures or use your Personal Information for improper purposes. It is your responsibility to keep your account secure from unauthorized access. We are not responsible for any lost, stolen, or compromised passwords, or any unauthorized activity on your account. We also have no control over any Business Subscriber or other third party's security measures or practices, and we make no representations or guarantees that your Personal Information is secure once transmitted or stored on their systems.

  12. Third Party Platforms. The Services may include links to websites or platforms owned or controlled by other Users or other third parties. If you submit Personal Information to any of those platforms, your information is governed by their privacy practices, not ours. You should carefully review the privacy policy of any website you visit.

  13. Updates. We may periodically update this Privacy Notice. If we make any material changes, we will notify you through the Services or by updating this posting. The date that this Privacy Notice was last revised is identified at the top of the page. Your continued use of the Services after the effective date will be subject to the new Privacy Notice. You are responsible for periodically checking this Privacy Notice for changes.