Last Updated: July 1, 2024
Collective Hub, Inc. (“our,” “we” or “us”) is committed to protecting your privacy. This Privacy Policy describes how we collect, store, use and distribute information through our software, website, documentation, and related services (together, the “Services”). Capitalized terms not defined in this Privacy Policy have the meaning as set forth in the Terms of Service for the Services, which can be found here.
1. Consent
By using the Services, you consent to the use of your Personal Information as described in this Privacy Policy. You may not use the Services if you are not of legal age to form a binding contract (in many jurisdictions, this age is 18). Except as set forth in this Privacy Policy, your Personal Information will not be used for any other purpose without your consent. We do not collect Personal Information for the purpose of sale of such information in a way that identifies the individual, i.e. we don’t sell customer lists. You may withdraw your consent to our processing of your Personal Information at any time. However, withdrawing consent may result in your inability to continue using some or all of the Services.
2. Collection of Information
Personal Information
When registering for or using the Services, we may require or ask you to provide certain personally identifiable information (these are referred to below as your “Personal Account Information”). The Personal Account Information that we require you to provide in order to access the Services may include, but is not limited to, the following:
– Full Name
– Occupation/Profession
– Social Security Number
– Email Address
– Phone Number
– Personal Address
– Company Name
– Company Address
– Financial and billing information, such as billing name and address, and credit card number (“Billing Information”)
Your Personal Account Information and your Billing Information (together with Data, Diagnostic, Login, Usage and Analytics, and Generalized Geo-Location Information, as defined below, that may be used to identify, contact, or locate you individually) are collectively referred to as your “Personal Information.”
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send. Any use of your Personal Account Information for these limited marketing purposes will comply with applicable laws.
Data, Diagnostic & Login Information
You may be able to create, upload, publish, transmit, distribute, display, store or share information, data, text, graphics, video, messages or other materials using our Services (this is collectively referred to below as “Data”). Some of this Data may be stored and maintained on our servers. If you run into technical errors in the course of using the Services, we may request your permission to obtain a crash report along with certain logging information from your system documenting the error (“Diagnostic Information”). Such information may contain information regarding your Operating System version, hardware, browser version, and your email address, if provided. Additionally, certain login information may be maintained in a cookie stored locally on your personal computing device, i.e. not on a server, in order to streamline the login process (“Login Information”).
Usage and Analytics Information
As you use our Services, we may also collect information through the use of commonly-used information-gathering tools, such as cookies, log files, and Web beacons, each as further described below. These tools collect information about your interaction with our Services, including the resources that you access, pages viewed, how much time you spent on a page, and how you reached our website. We also log the details of your visits to our website and information generated in the course of using our website, such as mouse movements, clicks, page visits, text entered, how long you spent on a page, and other details of your actions on our website. Collectively, this information is referred to as “Usage and Analytics Information.”
Cookies
We use cookies to provide you with our Service, to personalize content and ads, and to provide you with the best experience possible on our website. For more information about our use of cookies, please see the section entitled “Cookie Policy” below.
Log Files
As is true of most websites, we gather certain information automatically to analyze trends in the aggregate and administer the Services. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use our websites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our website. This information is used to analyze overall trends, to help us improve the Services, to track and aggregate non-personal information, and to provide the Services. For example, we use IP addresses to monitor the regions from which customers and visitors navigate the Sites.
Web Beacons
We use web beacons alone or in conjunction with cookies to compile information about your usage of the Services and interaction with emails from us. Web beacons are electronic images or code embedded on our website that can recognize certain types of information on your computer, such as cookies, when you viewed a particular website or Service tied to the web beacon, and a description of a website or Service tied to the web beacon. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to one of our websites. We also use web beacons to operate and improve the Services and our email communications.
Geo-location
We do not use GPS technology to collect any information regarding your precise real-time geo-location while using the Services. However, we may use elements of your Usage and Analytics Information (such as your IP address) to determine your generalized location. This information is referred to as “Generalized Geo-Location Information.” Please be aware that some of our third party contractors may utilize applications that require location services. For additional information regarding our third party contractors, please see Section 13 below.
3. Use of Information
We use the information we collect in the following ways:
Personal Account Information
We use your Personal Account Information to manage your account, to provide the Services, to maintain our customer/visitor lists, to respond to your inquiries or provide feedback, for identification and authentication purposes, for service improvement, and to address issues like malicious use of the Services. We may also use your name, profession, email and/or phone number for limited marketing purposes, namely, to contact you to further discuss your interest in the Services, to enable you to refer other members to Collective, and to send you information about us or our partners.
Billing Information
We use Billing Information to manage your account, to provide the Services, to check the financial qualifications of prospective customers and to collect payment for the Services.
Your Billing Information is passed directly to our third party payment processor, Stripe. Collective stores elements of your Billing Information, but does not store your credit card number, or have access to it once a payment is submitted. The use of this data is governed by Stripe’s privacy policy, which can be found at https://stripe.com/privacy. Stripe is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf.
Data, Diagnostic Information and Login Information
We use this information for the purpose of administering and improving our Services to you. We may also use this information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, and for other legitimate business purposes.
Usage and Analytics Information
We may use your Usage and Analytics Information to troubleshoot, improve and enhance the Services or for other development, diagnostic, security, and corrective purposes. We may also use this information in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, to enable more effective responses to support requests, to ensure compliance with customer subscription and service limitations, and to inform company research and development.
We use session replay technologies such as Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products and services. Website usage data is captured using first and third-party cookies and other tracking technologies for site optimization and fraud/security purposes. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
We may disclose such Usage and Analytics Information to other third parties so long as such information does not contain personally identifiable data and is presented in aggregate form.
Generalized Geo-Location Information
We may use this information for the purpose of administering and improving our Services to you, such as by providing you with relevant advertisements and promotions. We may also use your Generalized Geo-Location Information in an anonymized manner in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, and to increase the Services’ functionality and user-friendliness. If we plan to use your Personal Information in the future for any other purposes not identified above, we will only do so after informing you by updating this Privacy Policy. See further the section of this Privacy Policy entitled “Amendment of this Privacy Policy”.
4. Personalized Advertising
We use third party vendors such as Google Ads for personalized advertising to users who have visited our website or used our Services. Such third-party vendors may use cookies and/or device identifiers to gather information about you in order to serve our ads on sites across the internet based on your past visits to our website or use of our Services.
If you wish to opt out of Google’s use of cookies or device identifiers for personalized advertising, please visit Google’s Ads Settings. To opt out of other third-party vendor’s use of cookies, visit the Network Advertising Initiative opt-out page.
5. Do Not Track
Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. While we do not currently support Do Not Track signals, we treat the data of everyone who comes to our site in accordance with this Privacy Policy, whatever their Do Not Track status or preference.
6. Disclosures & Transfers
We have put in place contractual and other organizational safeguards with our agents and contractors (see further below) to protect a proper level of protection of your Personal Information (see further “Security” below). Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Information, to the United States and process it there.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
We will take reasonable steps designed to ensure that your data is treated securely and in accordance with this Privacy Policy.
From time to time we may employ third parties as contractors to help us provide and/or improve the Services. These third parties may have limited access to databases of user information or registered member information solely for the purpose of helping us to provide and/or improve the Services and they will be subject to contractual restrictions prohibiting them from using the information about our members for any other purpose. Such agents or third parties do not have any rights to use Personal Information beyond what is necessary to assist us. For additional information regarding our third party contractors, please see Section 13 below.
We may also disclose your Personal Information with your consent. However, mobile phone numbers and text messaging opt-in consent will not be shared with third parties or affiliates for marketing or promotional purposes. This information is exclusively used for communication directly related to our services and is not shared with any third parties.
7. Important Exceptions
We may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users of the Services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. We may disclose Personal Information when we believe in good faith that such disclosure is permitted or required by and in accordance with the law.
We may also disclose, transfer, sell or otherwise sell some or all of our business or assets, including your Personal Information, in connection with a corporate reorganization, a merger or amalgamation with another entity, a sale of all or a substantial portion of our assets or stock, including any due diligence exercise carried out in relation to the same, or in the event of bankruptcy or dissolution. We will provide you notice (which may be by email or notice on our website) upon consummation of any such change of control transaction and whether your Personal Information has become subject to a new Privacy Policy. We will also notify you of choices you may have regarding the information.
8. Security
The security of your Personal Information is important to us. Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have and continue to implement commercially reasonable technical and organizational measures designed to ensure a level of security reasonably appropriate to the risk to those whose Personal Information we process. We also use commercially reasonable technical, administrative, and physical safeguards designed to preserve the integrity and security of the Personal Information that you provide to us. We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
You are also responsible for helping to protect the security of your Personal Information. For instance, never give out your password, and safeguard your user name, password and personal credentials when you are using the Services, so that other people will not have access to your Personal Information. Furthermore, you are responsible for maintaining the security of any personal computing device on which you utilize the Services.
If we learn of a security breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may also post a notice on our website if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
9. Sharing Information with Third Parties
You may be able to direct that Personal Information be shared with third parties through use of the Services. We will not permit any such transfer without your express opt-in consent. The privacy policies of these third parties are not under our control and may differ from ours. The use of any information that you may provide to any third parties will be governed by the privacy policy of such third party or by your independent agreement with such third party, as the case may be. Furthermore, such third parties may store the transferred Personal Information in a location with privacy and other laws different than those that apply to us. If you have any doubts about the privacy of the information you are providing to a third party, we recommend that you contact that third party directly for more information or to review its privacy policy.
10. Retention
We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, de-identified data, or account recovery. All retained Personal Information will remain subject to the terms of this Privacy Policy. Please note that if you request that your Personal Information be removed from our databases, it may not be possible to completely delete all of your Personal Information due to technological, legal, or contractual constraints.
We will retain copies of the records you have supplied to us along with work papers for your engagement for a minimum period of seven years from the original due date of the applicable return. Please notify us within this period if you need copies of any of these materials. After seven years, work papers and engagement files will be destroyed. Your original records will be returned to you at the end of this engagement. Working papers and files that we or the Service Provider maintain are not a substitute for your original records, and you should arrange for secure storage of the originals.
11. Amendment of this Privacy Policy
We reserve the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy in the future, we may post or provide appropriate notice. Any non-material change (such as clarifications) to this Privacy Policy will become effective on the date the change is posted, and any material changes will become effective on the date the change is emailed to your listed email address. Unless stated otherwise, our current Privacy Policy applies to all Personal Information that we have about you and your account. The date on which the latest update was made is indicated at the top of this document. We recommend that you print a copy of this Privacy Policy for your reference and revisit this policy from time to time to ensure you are aware of any changes. Your continued use of the Services signifies your acceptance of any changes.
If applicable law requires your opt-in consent to any particular amendment to this Privacy Policy, the amendment will not apply to your Personal Information until we receive such consent from you. To the extent we cannot provide some or all of the Services without your consent to such amendment to the Privacy Policy, your decision not to consent may result in our having to limit your ability to use certain aspects of the Services.
12. Access and Accuracy; Correcting Personal Information
You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected with respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.
We will make every reasonable effort to keep your Personal Information accurate and up-to-date, and we will provide you with mechanisms to correct, amend, delete, or limit the use of your Personal Information. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you the best possible service.
In certain circumstances, you have the right:
– To access and receive a copy of the Personal Information we hold about you
– To rectify any Personal Information held about you that is inaccurate
– To request the deletion of Personal Information held about you
You have the right to data portability for the information you provide to us. You can request to obtain a copy of your Personal Information in a commonly used electronic format so that you can manage and move it.
Please note that we may ask you to verify your identity before responding to such requests. Please also note that should you request some information deleted, we may need to request this information again to continue providing services. Please note that we will require each individual to request their own information, even in the cases of spouses.
13. Service Providers
We may employ third-party companies and individuals to facilitate our Services (“Service Providers”), to provide the Services on our behalf, to perform Service-related services or to assist us in analyzing how our Services is used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Gusto. Our Services integrate with Gusto, Inc. (“Gusto”) software to sync and store payroll information. By enabling and utilizing our Gusto embedded payroll service, you consent to have your Personal Information sent data to Gusto in order to access those Services. Data transferred to Gusto is transferred, stored, and processed by Gusto and subject to Gusto’s terms.
Hurdlr. Collective uses Hurdlr, Inc. (“Hurdlr”) to provide our Services. By using the Services, you agree to your Personal Information being transferred, stored, and processed by Hurdlr in accordance with the Hurdlr Privacy Policy.
Ambassador. Collective uses Ambassador to facilitate member referrals, including payment of referral fees. Data transferred to Ambassador is governed by their privacy policy. To opt out of our referral program and request deletion of your information from Ambassador, notify us at [email protected].
For information about other Service Providers engaged by Collective, please contact us.
14. Cookie Policy
What are cookies?
Cookies are small text files containing a string of characters that can be placed on your computer or mobile device that uniquely identify your browser or device.
What are cookies used for?
Cookies allow a site or services to know if your computer or device has visited that site or service before. Cookies can then be used to help understand how the site or service is being used, help you navigate between pages efficiently, help remember your preferences, and generally improve your browsing experience. Cookies can also help ensure marketing you see online is more relevant to you and your interests.
What types of cookies do we use?
There are generally four categories of cookies: “Strictly Necessary,” “Performance,” “Functionality,” and “Targeting.” We routinely use all four categories of cookies on the Service. You can find out more about each cookie category below.
1. Strictly Necessary Cookies. These cookies are essential, as they enable you to move around the Service and use its features, such as accessing logged in or secure areas. Because these cookies are essential, they cannot be disabled.
2. Performance Cookies. These cookies collect information about how you have used the Service, for example, information related to the unique username you have provided, so that less strain is placed on our backend infrastructure. These cookies may also be used to allow us to know that you have logged in so that we can serve you fresher content than a user who has never logged in. We also use cookies to track aggregate Service usage in an anonymized fashion and experiment with new features and changes on the Service. The information collected is used to improve how the Service works.
3. Functionality Cookies. These cookies allow us to remember how you’re logged in, whether you chose to no longer see advertisements, when you logged in or out, and the state or history of Service tools you’ve used. These cookies also allow us to tailor the Service to provide enhanced features and content for you and to remember how you’ve customized the Service in other ways. The information these cookies collect are anonymous, and they are not used to track your browsing activity on other sites or services.
4. Targeting Cookies. Us, our advertising partners or other third party partners may use these types of cookies to deliver advertising that is relevant to your interests. These cookies can remember that your device has visited a site or service, and may also be able to track your device’s browsing activity on other sites or services other than ours. This information may be shared with organizations outside of ours, such as advertisers and/or advertising networks to deliver the advertising, and to help measure the effectiveness of an advertising campaign, or other business partners for the purpose of providing aggregate Service usage statistics and aggregate Service testing.
How long will cookies stay on my device?
The length of time a cookie will stay on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you close your browser. Persistent cookies stay on your computer or mobile device until they expire or are deleted.
How to control your cookie settings.
If you do not want cookies to be dropped on your device, you can adjust the setting of your Internet browser to reject the setting of all or some cookies and to alert you when a cookie is placed on your device. For further information about how to do so, please refer to your browser ‘help’ / ‘tool’ or ‘edit’ section or see www.allaboutcookies.org. Please note that if you use your browser settings to block all cookies (including strictly necessary Cookies) you may not be able to access or use all or parts or functionalities of our Services.
If you want to remove previously-stored cookies, you can manually delete the cookies at any time. However, this will not prevent the Services from placing further cookies on your device unless and until you adjust your Internet browser setting as described above.
For more information on the use of targeting/advertising cookies, please see www.aboutads.info/choices.
15. Contact Us
You can help by keeping us informed of any changes such as a change of email address or telephone number. If you would like to access your information, if you have any questions, comments or suggestions or if you find any errors in our information about you, please contact us at collective.com/contact.
If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and if it is justified, we will take appropriate measures.
16. Important information for California residents
This section applies only to California residents. It describes how we collect, use and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the California Privacy Rights Act of 2020 (CPRA) but does not include information exempted from the scope of the CPRA.
Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.
Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
– The categories of Personal Information that we have collected.
– The categories of sources from which we collected Personal Information.
– The business or commercial purpose for collecting and/or selling Personal Information.
– The categories of third parties with whom we share Personal Information.
– Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.Whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.
Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
Limiting Use of Sensitive Information. You can ask us to limit the use of sensitive information to only fulfill a specified purpose, i.e. to provide the ordered services. Sensitive information categories further described below.
Deletion. You can ask us to delete the Personal Information that we have collected from you.
Correction. You can ask us to rectify any inaccurate information we maintain about you.
Opt-in. If we know that you are younger than 16 years old, we will ask for your permission (or if you are younger than 13 years old, your parent’s or guardian’s permission) to sell your Personal Information before we do so.
Nondiscrimination. You are entitled to exercise the rights described above free from discrimination in the form of legally prohibited increases in the price or decreases in the quality of our Service.
HOW TO EXERCISE YOUR RIGHTS
You may exercise your California privacy rights described above as follows:
Right to information, access and deletion. You can request to exercise your information, access and deletion rights by visiting www.collective.com/contact or emailing [email protected].
We reserve the right to confirm your California residence to process your requests and will need to confirm your identity to process your requests to exercise your information, access or deletion rights. As part of this process, government identification may be required. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
Personal information that we collect, use and share
The chart below summarizes how we collect, use and share Personal Information by reference to the categories specified in the CPRA, and describes our practices during the 12 months preceding the effective date of this Privacy Policy.
Categories in the chart refer to the categories described above in the general section of this Privacy Policy.
We have not sold your personal information in the preceding 12 months.
Category of Personal information (PI) | PI we may collect | Source of PI | Purpose for collection | Third parties to whom we “disclose” PI |
Identifiers | Contact data, Identity data | You, Public resources, Business partners | Service delivery, R&D, marketing, compliance and automations | Service providers, professional advisors, authorities, business transferees |
Sensitive Personal Information | SSN, geo-location | You, Automatic collection | Service delivery , compliance and automations | Service providers, professional advisors, authorities, business transferees |
Commercial Information | Contact data, identity data, transaction data, communication, marketing data | You | Service delivery, R&D, marketing, compliance & operations | Service providers, professional advisors, authorities, business transferees |
Financial Information | Financial data | You | Service delivery, compliance & operations | Service providers, advertising partners, professional advisors, authorities, business transferees |
Online Identifiers | Device data, identity data | Automatic collection | Service delivery, R&D, marketing, compliance & operations | Service providers, advertising partners, professional advisors, authorities, business transferees |
Internet or Network Information | Device data, online activity data | Automatic collection | Service delivery, Research & development | Service providers, advertising partners, professional advisors, authorities, business transferees |
Inferences | May be derived from your device data, online activity data | Automatic collection | Service delivery, R&D, marketing, compliance & operations | Service providers, advertising partners, professional advisors, authorities, business transferees |
Professional or Employment Information | You | Service delivery, Research & development, marketing | Service providers, advertising partners, professional advisors, authorities, business transferees | |
Protected Classification Characteristics | Marital status, dependency information | You | Service delivery, marketing | Service providers, advertising partners, professional advisors, authorities, business transferees |
GLOSSARY
Commercial Information: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Financial Information: Bank account number, debit or credit card numbers, insurance policy number, and other financial information.
Identifiers: Real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
Inferences: The derivation of information, data, assumptions, or conclusions from any other category of Personal Information to create a profile about a person reflecting the person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.
Internet or Network Information: Browsing history, search history, and information regarding a person’s interaction with an internet website, application, or advertisement.
Online Identifiers: This term is not defined in the CPRA, but likely includes any information that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device.
Professional or Employment Information: This term is not defined in the CPRA, but likely includes any information relating to a person’s current, past or prospective employment or professional experience (e.g., job history, performance evaluations).
Protected Classification Characteristics: As defined under California law: age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Sensitive Personal Information: Personal information that reveals a person’s (a) Social Security or other state identification number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) mail, email, or text message content directed to third parties; and (f) genetic data.