Effective Date: December 20, 2024

1. Overview and Scope Your privacy is important to us. This Global Tel*Link Corporation d/b/a ViaPath Technologies (“ViaPath”) Privacy Statement (the “Privacy Statement”) applies to the personal information that ViaPath or one of our Affiliates collects and explains our information practices and your related choices with regard to such information. ViaPath affiliates include, but are not limited to, TouchPay Holdings, LLC d/b/a GTL Financial Services, DSI-ITI, Inc., Innertainment Delivery Systems, LLC d/b/a ViaPath Technologies, Public Communications Services, Inc. d/b/a ViaPath Technologies, Renovo Software, Inc. , and Value-Added Communications, Inc. d/b/a ViaPath Technologies (individually “Affiliate” and collectively “Affiliates”). Products and services provided by ViaPath or any Affiliate will be referred to in this Privacy Statement as the “Service” or “Services”. This Privacy Statement is part of, and is governed by our Terms of Use, which is available at https://www.viapath.com/terms-of-use/. For purposes of this Privacy Statement, “we”, “us” or “our” refers to ViaPath and any Affiliate where the Affiliate or its products or services are implicated. TouchPay Holdings, LLC d/b/a GTL Financial Services (“TouchPay”), a subsidiary of Global Tel*Link Corporation d/b/a ViaPath Technologies is the owner and operator of websites www.viapath.com, www.touchpayonline.com, www.connectnetwork.com, www.gettingout.com, and www.tpgovtpay.com (the “Site” or “Sites”). It is our policy to use the information we collect about you from the Service in a manner that is consistent with this Privacy Statement. Accordingly, this Privacy Statement advises you about the types of information we collect when you use the Service and how we may use that information. If you are a resident of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, or Virginia please see the section below titled, “Additional Privacy Information for Certain Jurisdictions,” which includes additional information about privacy rights you may have under your state’s privacy law. Not in scope. This Privacy Statement does not apply to the personal information that we collect about employees, contractors and other personnel related to their working relationship with us, or the personal information that we collect about applicants and candidates for a position with ViaPath. This Privacy Statement does not apply to publicly available information. We may also collect, generate, use and disclose aggregate, anonymous, and other non-identifiable data related to our Services, which is not personal information subject to this Privacy Statement.
2. Terms of Use This Privacy Statement is applicable as of the Effective Date posted above. This Privacy Statement is part of, and is governed by our Terms of Use, which is available at https://www.viapath.com/terms-of-use/. All capitalized terms that are used but not otherwise defined in this Privacy Statement have the definitions assigned to them in the Terms of Use.
3. Contacting ViaPath If you have any questions about the Privacy Statement or our use of the information we collect from you in connection with the Service, you may contact us by email at privacyrights@viapath.com or by postal mail at c/o Global Tel*Link Corporation d/b/a ViaPath Technologies, 3120 Fairview Park Drive, Suite 300, Falls Church, VA 22042, Attn: Legal Department. If you have any questions regarding the Service or your account, or if you would like to cancel your account, please contact our Customer Service team using the information supplied through the “Contact Us” link on our website.
4. Correcting/Updating Your Information If your name, email address, mailing address, telephone number, or other contact information that you provide to us changes, you may update, correct or omit the relevant information by contacting our Customer Service team through the “Contact Us” link on our website.
5. Service/Site Age Limits Must be over 18 The Service is not intended for visitors that are under eighteen (18) years of age. We do not knowingly solicit or collect information from individuals who are not at least eighteen (18) years old. Not Available for Use by Children We regret that the Service is not available to children under the age of thirteen (13). We will never knowingly collect contact information from children under the age of thirteen (13) without verifiable parental consent. If you are under the age of thirteen (13), please do not provide us with information of any kind whatsoever. If we become aware that a user is under the age of thirteen (13) and has submitted information to the Site without verifiable parental consent, we will remove his or her information from our files. We understand that children may not fully understand all of the provisions of this Privacy Statement or make informed decisions about the choices that are made available to adult users of the Site. We encourage parents and guardians to spend time with their children online and to be familiar with the websites they visit. If you are a parent or legal guardian and think that your child under 13 has given us their personal information you can email us at privacycentral@viapath.com and request this information be deleted. Please mark your request “Children’s Privacy Request.”
6. Information We Collect Usage and Activity Information When you visit or use our Site we send one or more “cookies” or “web beacons” to your computer or other device. A cookie is a small file containing a string of characters that is sent to your computer or other device when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. We use cookies to improve the quality of our service, including for storing user preferences. By clicking the “Accept” button when our cookie message displays, you agree to be bound by the terms of this Privacy Statement. Web beacons are web page elements that can recognize certain types of information on your computer or mobile device such as cookies and the time and date of a page viewed. Information that may be collected by cookies and web beacons when you use the Site may include, without limitation:
   • the pages you visit within the Site;
   • the date and time of your visit to the Site;
   • the amount of time you spend using the Site;
   • the websites you visit before or after visiting the Site;
   • the Internet Protocol (IP) address used to connect your computer or mobile device to the Internet;
   • geolocation information;
   • your computer or mobile device and connection information such as your browser type and version, operating system and platform; and/or
   • your purchase history.
   You may be able to set your browser to reject cookies or to notify you when you are sent a cookie. You can also purchase and download software that will allow you to use the Service without providing the information gathered by cookies. You are welcome to use the Service if you use this type of software, but your experience while visiting the Service may not be optimal. If you create an account to use the Service other than through the Site (such as through our Customer Service Representatives), and if you do not agree with or consent to the terms of this Privacy Statement, you will have thirty (30) days from the date you create the account with us to cancel the account. If you decide that you want to cancel the account within this thirty (30) day period, please contact our Customer Service team using the information supplied through the “Contact Us” link on the Site. If you cancel your account within the applicable thirty (30) day period, we will provide you with a refund of any fees you have paid and have not used in connection with the Service at the time of cancellation. Identifiers/Contact Information We may collect information from you that can be used to personally identify and/or contact you. Contact information collected through the Service may include your name, telephone number, physical address, mailing address, billing address, or email address. In addition to contact information, we may collect other personal information from you that may be associated with your contact information, such as your birth date and your username and password. If you are using our Services to make payments, we are required to collect additional identification information, such as your driver’s license number and the last four numbers of your social security number. Payment Information If you are using our Services to make payments or to purchase products or services, we are required to collect certain financial information such as your credit card or other payment card information, the type of payment you are making, or information related to the purpose of the payment. We may need to run background checks on anyone involved in the transaction to satisfy our legal requirements. Voice, Image, and Recording When you use our Services to communicate with an incarcerated individual, ViaPath records and stores the communication, which may include your image and/or voice. By using the Services, you are expressly providing consent for ViaPath to collect your voice and image and to use them as described in this Privacy Statement and in accordance with the Terms of Use. ViaPath may also collect a copy of a government issued form of identification bearing your photograph. Social Media If you choose to connect your social media account to our Facebook and other social media outlets, certain personal information from your social media account will be shared with us, which may include personal information that is part of your profile or your friends’ profiles. You may revoke your consent to have the social media platform share information with us by changing your settings within such platform. Information About Incarcerated Individuals If you are a friend or family member of an incarcerated individual, we may also collect information from you about the identity of incarcerated individual(s) receiving funds from you, or who you communicate with, through the Service. If you provide this information, you represent and warrant that you have all necessary rights and authority to provide information about the applicable incarcerated individual(s) in connection with the Service and agree that you shall be solely liable in connection with your disclosure of any information regarding incarcerated individual(s) in connection with the Service. Communication and Correspondence If you send any personal communication or correspondence, by any means, to the Service, or to any of our employees, agents or representatives, the Service may collect additional information regarding that communication and include that information in our customer database. Location Information
   • Mobile Applications
   In addition, if you access the Service through one of our mobile applications, we may also be able to identify the location of your mobile device. You may choose not to share your location details with us by adjusting your mobile device’s location services settings, or otherwise declining to provide access to your location when prompted to do so. For instructions on changing the relevant settings, please contact your service provider or mobile device manufacturer. If you choose not to share your location details with us, you may be denied access to the mobile application.
   • When You Receive a Phone Call through the Service
   We collect the location of the phone you are using when you use the Service to help ensure accurate billing practices as well as for correctional facilities’ safety, security and investigative purposes. You will be advised through a prompt on calls placed from an incarcerated individual at a correctional facility to the phone you are using when you use the Service that your phone location information will be obtained. By accepting the call, you agree to have your phone location obtained for 60 minutes after you accept the call. Your location will not be obtained if you do not accept the call. The location information collected in connection with each call will only be stored for one year from the date of the call and then deleted from our records. If you would like to opt out of having your phone location information obtained for any time remaining between when you terminate your call with the incarcerated individual and the above referenced 60 minute period, please call 1-800-483-8314. Cellular Provider Information The Service is not a Cellular Provider application. If you use the Service, it may require your Cellular Provider to disclose your customer information, including mobile phone location information, to us or some other third party. By providing your consent through the opt-in process described below, you authorize your Cellular Provider to disclose your information to us and to third parties to enable the Service. Please review this Privacy Statement and our Terms of Use for more information about how the Service will collect, access, use or disclose your information. If you aren’t comfortable with the terms of this Privacy Statement or our Terms of Use, you should not use the Service. You acknowledge and agree that (1) your relationship with us is separate from your relationship with your Cellular Provider; (2) your Cellular Provider is not responsible for the Service; and (3) you will hold harmless your Cellular Provider and its subsidiaries, affiliates, officers, employees, agents, successors and assigns from any judgments, claims, actions, losses, liabilities or expenses arising from or attributable to the Service or our acts or omissions. Information Collected and Used by Third Parties If you visit the Site from a third-party website the third-party website may give you a unique code, cookie or graphic which will uniquely identify you. This will only happen if you link directly from a third-party website to the Site. Your activities on the Site while this type of code is active may be reported back to the third-party website. The presence of a third-party navigation bar at the top of any page on the Site is an indication that the third-party website may be able to see your activity on the Site. The Site may also include third-party advertising, links to other websites, and other content from third-party businesses. These third-party sites, businesses, and advertisers, may use web beacons and cookies to measure the effectiveness of their ads, personalize or optimize advertising content and to track users who click on the links made available through the Site. These third-parties may use persistent identifiers to track the actions of users online over time and across different websites or platforms to deliver targeted electronic advertisements to an individual user. We do not have access to or control over web beacons, cookies or persistent identifiers that these third parties may use. We are not responsible for the privacy practices or the content of these third-party websites. You are encouraged to review the privacy policies of the different websites you visit. For information about how tracking works for online advertising purposes you can visit http://www.aboutads.info/choices. Some third-party advertising companies may provide a mechanism to opt-out of their technology. For more information about the opt-out process, you may visit the Network Advertising Initiative website, available at http://www.networkadvertising.org/managing/opt_out.asp. We may also use analytics software service providers to gather and analyze anonymous information about users of the Site. These service providers may use cookies to collect information about your purchase history, the content you view, what websites you visit immediately prior to and after visiting the Site, and your system information. The information gathered by these service providers about your use of the Site may be transmitted to and stored by these service providers. If we use these service providers, the information collected about you by these service providers would allow us to analyze your use of the Site and the Service. The Site uses Google Analytics, including its Demographics and Interests Reports feature, which in addition to the types of information described above, provides a breakdown of visitors to the Site on an anonymous aggregate basis by age group, gender and interests. To learn more about how Google Analytics collects and uses information, and how you can control information sent to Google you can visit https://policies.google.com/privacy. Aggregate Information We may share information relating to users of the Service with affiliated or unaffiliated third parties on an anonymous, aggregate basis. While this information will not identify you personally, in some instances these third parties may be able to combine this aggregate information with other data they have about you, or that they receive from third parties, in a manner that allows them to identify you personally.
7. Purposes For Which We Collect, Use, and Process Your Personal Information We may use information described above for any of the following purposes:
   • to provide you with the service
   • to manage and service your account;
   • to contact you when necessary about your account or your use of our services;
   • to comply with regulatory requirements for the maintenance of records;
   • to send you by mail, phone, text or email, information and promotional materials about our products and services as well as our company in general;
   • to send you by mail, phone, text or email, information and promotional materials from our marketing partners and other third parties;
   • for purposes of targeted advertising;
   • to send you marketing and other emails;
   • to help diagnose problems with our server;
   • to administer our Site;
   • to conduct internal reviews of our Service;
   • to help us better understand how users access and use or Sites and Services, and for other research and analytical purposes, such as to understand customer and market needs, evaluate and improve our Services and business operations, and to develop services and features;
   • to carry out our obligations and enforce our rights arising from any contracts entered into and between us and a correctional facility, or controlling entity, where an individual that you may communicate with is detained;
   • to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
   • to verify your identity;
   • to protect the security or integrity of our Service; and
   • for any other business or marketing purposes that are not inconsistent with the terms of this Privacy Statement; and
   • for purposes not provided for in this privacy policy, but if we do, we will notify you (and, if necessary, obtain your consent) before using your personal information in this way
   We may also combine information we collect about you through the Service with other information about you that we receive from third party sources. By way of example and not limitation, we may use a change of address or other list service to ensure that our records for your account are accurate. Description of Customer Proprietary Network Information (“CPNI”) CPNI is proprietary information about you that includes (1) information on the quantity, technical configuration, type, destination, location, and amount of your use of ViaPath telecommunications services, that you make available to ViaPath solely by virtue of the carrier-customer relationship; and (2) information contained in the bills you receive concerning your telecommunications service. It does not include (1) your name, address, or phone number; (2) aggregated customer information that does not identify specific individuals; or (3) information about non-telecommunications service, such as Internet access. Under the CPNI rules adopted by the Federal Communications Commission (“FCC”), you have the right, and ViaPath has the duty, to protect the confidentiality of CPNI. ViaPath’s Use of CPNI Under FCC rules, ViaPath may use your CPNI without your prior approval for certain purposes. Specifically, ViaPath may use, disclose, or permit access to your CPNI without your consent, either directly or through its agents, for the purpose of (1) initiating, rendering, billing, and collecting for ViaPath Service; (2) protecting ViaPath’s right or property, or protecting ViaPath users and other telecommunications carriers from fraudulent, abusive, or unlawful use of, or subscription to, ViaPath services; (3) maintenance and repair; and (4) complying with the orders or subpoenas of a court of competent jurisdiction. Other uses require your approval, as described below. Required Customer Approval As a leader in the corrections industry, ViaPath is continually developing new innovations in the fields of technology, education, and intelligence. From time to time, ViaPath may use and share your individually identifiable CPNI among its affiliates and agents to inform you about communications-related products and services or special promotions. Use of your individually identifiable CPNI enhances ViaPath’s ability to offer products and services that are tailored to your needs. You have 30 days from the date of this notice to inform us (see “Contacting ViaPath” above) if you do not wish ViaPath to use your individually identifiable CPNI for this purpose. If you do not so inform us, ViaPath will assume you consent to this use of your individually identifiable CPNI. At any time after this 30-day period has elapsed, however, you have the right to disapprove this use, and limit or revoke access to your individually identifiable CPNI by contacting ViaPath. A denial of approval will not affect ViaPath’s provision of services to you. Your approval or denial of ViaPath’s use of your individually identifiable CPNI is valid until you affirmatively revoke or limit that approval or denial. ViaPath will never disclose your individually identifiable CPNI to unaffiliated third parties without your express, opt-in consent.
8. How We Share Your Information We may share the information we collect in connection with the Service with the following recipients: Correctional Facilities and Law Enforcement We may share contact information you provide, or location information we collect from your computer or mobile device, with correctional facilities or other law enforcement personnel upon their request. We may also share information concerning any payment transaction completed through the Service including, without limitation, your image as captured when you use a payment services kiosk and the identities of the parties contributing and receiving payment under the transaction and the amount of the payment, with correctional facilities or other law enforcement personnel upon their request. Because safety and security are ViaPath’s top priority, you may not opt out of the sharing of your communications with Law Enforcement, and all data associated with your communications. If you do not consent to the collection, use and disclosure of this type of data, please do not use the sites or services. Service Providers We may share your information with our service providers, vendors, suppliers and other services providers who provide services to us or on our behalf, such as operating and supporting the Service, analyzing data, performing marketing or consulting services, assisting us with the preparation and mailing of our business and marketing communications, and with service processing and fulfillment functions. For example, we may disclose your billing information to payment processors when you add money to your account or conduct other financial transactions through the Service. Our Affiliates We may share some or all of your information with our parent company, subsidiaries and corporate affiliates, joint ventures, or other companies under common control with us. We will require these entities to comply with the terms of this Privacy Statement with regard to their use of your information. Transfer or Assignment in Connection with Business Transfers or Bankruptcy In the event of a merger, acquisition, bankruptcy or other sale of all or a portion of our assets, any user information owned or controlled by us may be one of the assets transferred to third parties. We reserve the right, as part of this type of transaction, to transfer or assign your information and other information we have collected from users of the Service to third parties. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred user information will be subject to this Privacy Statement. However, any information you submit or that is collected after this type of transfer may be subject to a new privacy policy adopted by the successor entity. Government Agencies, Judicial and Quasi-Judicial Bodies, Regulators, and Other Public Bodies and Third Parties To the extent permitted by law, we may disclose your information to government agencies, judicial and quasi-judicial bodies, regulators, other public bodies, or third parties if: (a) required to do so by law, or in response to subpoenas, court orders, and/or other lawful requests by regulators; (b) we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, to protect our property or other rights or those of other users of the service, third parties or the public at large; or (c) we believe that you have abused the Service by using it to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws or in violation of our Terms of Use. You should be aware that, following disclosure to any third party, your information may be accessible by others to the extent permitted or required by applicable law.
9. Do Not Track Requests Your Internet browser may allow you to adjust your browser settings so that “do not track” requests are sent to the websites that you visit. However, we will not disable tracking technology that may be active on the Site in response to any “do not track” requests that we receive from your browser.
10. Do Not Sell ViaPath does not sell personally identifying information about the users of our Services to any third parties in exchange for monetary compensation.
11. How We Protect Your Information ViaPath complies with all required PCI standards (https://www.pcisecuritystandards.org) regarding our treatment of payment card data. Additionally, we have implemented commercially reasonable measures designed to secure your personal information from unauthorized access, use, alteration and disclosure. However, the transmission of information via the internet is not completely secure. We cannot guarantee the security of your personal information transmitted via our sites or services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the sites or services.
12. Security of Information We seek to use industry standard physical, technical and administrative security measures designed to protect your personally identifiable information. However, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us in accordance with the “Contacting ViaPath” section above. Please note that emails you send to us through our Service are not encrypted, and we strongly advise you not to communicate any confidential information in your emails to us.
13. Use of Information Outside of Your Country of Residence The sites and services are directed to users located in the United States. If you are located outside of the United States and choose to use the sites or services or provide your information to us, you should be aware that we may transfer your information to the United States and process it there. The privacy laws in the United States may not be as protective as those in your jurisdiction. Your consent to this Privacy Statement followed by your submission of information to us through the Site or in connection with the services represents your agreement to the transfer of your information to the United States.
14. Changes to this Privacy Statement If we decide to change our Privacy Statement, we will post those changes to the Privacy Statement on our homepage, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances we disclose it. We reserve the right to modify this Privacy Statement at any time, so please review it frequently. Any changes to this Privacy Statement will become effective when we post the revised Privacy Statement on our Services and Sites. Your continued use of the Services and Sites following these changes constitutes your acceptance of the revised Privacy Statement.
15. Release By accessing and using our website, equipment, and services, you hereby release and forever discharge ViaPath, its Affiliates and employees, contractors, agents, and all applicable Law Enforcement Officials and the correctional facility from any and all liability, expense, cost or remedy which may arise as a result of your use of our websites and services as well as the use of the Data in the manner described herein.
16. Additional Privacy Information for Certain Jurisdictions You have specific rights under state laws, including California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia. If you are a resident of California, please review Subsection A below for additional information about your privacy rights under applicable California privacy laws. If you are a resident of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, or Virginia please review Subsection B below for additional information regarding each state’s privacy law.

1. A.Additional Information for California Residents

   Shine the Light California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make this type of request, please provide submit your request in writing to: privacy@viapath.com, or to c/o Global Tel*Link Corporation d/b/a ViaPath Technologies, 3120 Fairview Park Drive, Suite 300, Falls Church, VA 22042, Attn: Privacy. California Consumer Privacy Act The California Consumer Privacy Act (CCPA) provides California residents with certain rights regarding their personal information (with some exceptions). The rights that may be available to California residents, and how to exercise such rights, are listed below. California residents who provide us personal information in connection with TouchPay services do not have the rights provided below, as the personal information that we collect under those circumstances is exempt under the CCPA. Sales and Sharing of Personal Information. Under the CCPA, “sales” and “sharing” are broadly defined, respectively, and include disclosing or making available personal information in exchange for monetary or other valuable consideration, or for purposes of cross-context behavioral advertising. While we do not disclose personal information to third parties in exchange for monetary compensation, we may “sell” or “share” (as defined by the CCPA) internet and electronic network activity information to/with third-party data analytic, marketing, and advertising partners. We do so in order to improve and evaluate our advertising campaigns and better reach customers and prospective customers with more relevant ads and content. We do not sell or share sensitive personal information, nor do we sell or share any personal information about individuals who we know are under sixteen (16) years old. Sensitive Personal Information. We do not use or disclose sensitive personal information beyond the purposes authorized by the CCPA. The right to limit the use of sensitive personal information lets you ask us to limit the use and disclosure of sensitive personal information if we use that information for purposes beyond what is needed to provide the products and Services you request or for other reasons specified in the law. The other reasons specified in the law include: (i) helping to ensure security and integrity, including preventing, detecting, and investigating security incidents, (ii) detecting, preventing and responding to malicious, fraudulent, deceptive, or illegal conduct, (iii) ensuring the physical safety of a person, (iv) providing customer service or to verify your information, (v) verifying or maintaining the quality and safety of our services, (vi) complying with our legal obligations, (vi) to our service providers who perform services on our behalf, and (vii) for purposes other than inferring characteristics about you. ViaPath does not use or disclose sensitive personal information for other purposes beyond the purposes authorized by the CCPA. California Residents’ Rights. Under the CCPA, California residents have the following rights (subject to certain limitations):
   • Opt out of sales and sharing: The right to opt-out of our sale and sharing of their personal information.
   • Limit uses and disclosure of sensitive personal information: The right to limit our use or disclosure of sensitive personal information to those authorized by the CCPA. As noted above, we do not use or disclose sensitive personal information beyond the purposes authorized under the CCPA; this, this right is not available.
   • Deletion: the right to request the deletion of their personal information that we have collected, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service providers to:
     • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
     • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
     • Debug products to identify and repair errors that impair existing intended functionality.
     • Exercise free speech ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
     • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code 1546 seq.).
     • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
     • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
     • Comply with a legal obligation.
     • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
   • To know/access. The right to know what personal information we have collected about them, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about them.
   • Correction. The right to correct inaccurate personal information that we maintain about them.
   • Non-discrimination. You have the right to not be discriminated against for exercising any rights provided to you under the CCPA.
   Submitting CCPA Requests California residents may submit a CCPA request to know/access, delete, and correct their personal information through one of the following methods:
   • Logging into your account on one of our sites (a link to an Exercise Your Privacy Rights form will display on the site’s dashboard).
   • By emailing us at privacycentral@viapath.com
   • Calling us by phone (toll-free) at:
     • ConnectNetwork Customer Service: 877-650-4249
     • GettingOut Customer Service: 866-516-0115
     • VisManager Customer Service: 855-208-7349
     • TouchPay Customer Service: 866-204-1603
   When you submit a request to know/access, correct or delete, we will take steps to verify your request by matching the information provided by you with the information we have in our records. You must provide your name and contact information to verify your request. In some cases, we may request additional information, where necessary to verify or process your request. Authorized agents may initiate a request on behalf of another individual by using the options listed above. Authorized agents must provide written proof of their authorization. We may also require that the relevant consumer directly verify their identity and the authority of the authorized agent, as permitted by the CCPA. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Requests to opt out/Browser opt out: Our Sites respond to global privacy control—or “GPC”—signals, which means that if we detect that your browser is communicating a GPC signal, we will process that as a request to opt that particular browser and device out of sales and sharing on our Site (e.g., via cookies and pixels). More information about GPC is available at: https://globalprivacycontrol.org/. You may also opt your browser out of targeting and most cookies on one of our Sites (other than essential cookies) by clicking the “Your Privacy Choices” button on our Sites which will take you to our Privacy Preference Center where you can choose not to allow certain cookie types, except those that are essential for our Site to function properly. Note that if you come back to the Site from a different device or use a different browser on the same device, you will need to opt out of (or set GPC for) that browser and device as well. Response Timing We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

2. B. Additional Information for Residents of Colorado, Connecticut, Delaware, Iowa Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia

   Residents of certain U.S. states, including Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia have the right to receive certain disclosures regarding a business’ processing of “personal data,” as defined under applicable privacy laws.  Residents of these states may have certain rights with respect to our processing of such personal data. To the extent you are a resident of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia and we collect, use or disclose personal data subject to your state’s privacy law, the following applies. For more information about the personal data we collect, use and disclose, please see “Information We Collect,” “Purposes For Which We Collect, Use, and Process Your Personal Information,” and “How We Share Your Information” sections above. TouchPay Exemption: Residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia who provide us personal information in connection with their use of TouchPay services do not have the rights provided below, as TouchPay is exempt under each state’s privacy law as a financial institution. Your Privacy Rights. Under the applicable state privacy laws, residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia have the following rights (subject to certain limitations):
   • Right to know/access. You have the right to confirm whether or not we are processing your personal data and to access such personal data.
   • Right of portability. You may have the right to obtain a copy of the personal data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit your personal data to another controller or business where the processing is carried out by automated means.
   • Right to delete. You have the right to ask us to delete certain personal data we have collected about you.
   • Right to correction. You have the right to ask us to correct inaccuracies in the personal data we have collected.
   • Right to opt out. You have the right to opt out of certain types of processing, including:
     • To opt out of the “sale” of your personal information (as defined under applicable privacy laws).
     • To opt out of targeted advertising by us. (To opt out of targeted marketing, please see our Notice of Right to Opt-Out section below.)
     • To opt out of any processing of personal information for purposes of making decisions that produce legal or similarly significant effects. We do not process personal data for such profiling; thus, this right is not available.
   • Right to not be discriminated against. You have the right to not be discriminated against for exercising any rights provided to you by state law.
   Submitting Privacy Requests Resident of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia can exercise the right to know, access, delete, and correct data through one of the following methods:
   • Logging into your account on one of our sites (a link to an Exercise Your Privacy Rights form will display on the site’s dashboard).
   • By emailing us at privacycentral@viapath.com
   • Calling us by phone (toll-free) at:
     • ConnectNetwork Customer Service: 877-650-4249
     • GettingOut Customer Service: 866-516-0115
     • VisManager Customer Service: 855-208-7349
     • TouchPay Customer Service: 866-204-1603
   When you submit a request to know/access, correct or delete, we will take steps to verify your request by matching the information provided by you with the information we have in our records. You must provide your name and contact information to verify your request. In some cases, we may request additional information, where necessary to verify or process your request. If you are a resident of Colorado, Connecticut, Delaware, Montana, Nebraska, New Hampshire, New Jersey, Oregon, or Texas you may appoint an authorized agent to initiate a request on your behalf by contacting us using one of the methods described above. Authorized agents will be required to provide proof of their authorization and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent. Process to Appeal a Decision Related to Your Rights Some states allow you to appeal a denial of your request to exercise the privacy rights provided by the state law. If you are a resident of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, or Virginia and we deny your request, you may appeal this decision by contacting us at privacycentral@viapath.com. We will respond to your request with an explanation about our decision to fulfill or refuse your request. If we deny your appeal, you may contact your state’s Attorney General to file a complaint related to the denial. Notice of Right to Opt-Out If you wish to opt out of processing of personal data that is gathered when you visit our websites and other web-based services for purposes of “sales” and/or targeted advertising, you may do so in one of the ways described below: If you are in the U.S., you can obtain more information and opt out of receiving targeted ads from participating third-party ad networks at info/choices(Digital Advertising Alliance). You may also download the DAA AppChoices (https://youradchoices.com/appchoices) tool in order to help control interest-based advertising on apps on your mobile device). Our Sites respond to global privacy control—or “GPC”—signals, which means that if we detect that your browser is communicating a GPC signal, we will process that as a request to opt that particular browser and device out of sales and sharing on our Site (e.g., via cookies and pixels). More information about GPC is available at: https://globalprivacycontrol.org/. You may also opt your browser out of targeting and most cookies on one of our Sites (other than essential cookies) by clicking the “Your Privacy Choices” button on our Sites which will take you to our Privacy Preference Center where you can choose not to allow certain cookie types, except those that are essential for our Site to function properly. Note that if you come back to the Site from a different device or use a different browser on the same device, you will need to opt out of (or set GPC for) that browser and device as well.

   PP20241220EN