BETA

Discover

About

What is Third Act?

FAQ

Get Started

Privacy Policy

THIRD ACT DIGITAL LLC PRIVACY POLICY

Last Updated: November 30, 2021

Thank you for visiting us at Third Act.Digital!

This service (including our websites and other Sites as defined below in The Scope of this Policy and collectively, our “Services”) is operated by Third Act Digital LLC (“Third Act” or “us”, “our,” “we” and related terms), a New York limited liability company with its principal office New York, NY.

We are committed to respecting the privacy rights of all individuals, wherever located and have adopted this privacy policy (“Privacy Policy”) to explain how we collect and process your personal data through your use of and interaction with our Sites and Services, how we share (or do not share) any of your personal information, how we store and keep secure any of your personal information, how you can update and control any of your personal information, the rights you may have with regard to personal data, and other information relevant to your privacy.

Please review this Privacy Policy carefully, and please use the information herein to make informed choices. If you have any concerns or questions about our privacy practices, please feel free to contact us. By accessing any of our Services , and/or by registering for any of our Services, you are agreeing to all of the terms set forth in this Privacy Policy.

IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, DO NOT USE ANY OF THE SITES OR SERVICES OR GIVE US ANY OF YOUR INFORMATION. YOUR CONTINUED USE OF ANY OF THE SITES AND/OR SERVICES MEANS THAT YOU AGREE TO THIS PRIVACY POLICY.

1. The Scope of this Policy

Scope: This Privacy Policy applies to our websites (ThirdAct.Digital); to our “backend” hosted applications that are a part of our service platform; and to all data and/or information that is collected via our websites, applications and mobile applications. For the purposes of this Privacy Policy, we refer to our websites, and applications (collectively as our “Site,” “Website”, “Sites” or “Websites”). This Privacy Policy applies to all Site visitors (“Users”), as well as to all Site visitors that purchase products (“Products”) or use the Services as a guest or as a registered customer (“Customers”). While certain portions of our Sites can be viewed without registering, Site users will have to register (create an account by using Facebook or Google) in order to access some of our secure proprietary applications and certain features of our Services, including the bidding on, purchase of and redemption of Products. Customers are able to request user accounts for their employees/agents or third-party guest users (“Authorized Users”) to provide access secure areas of the Sites. Customers are responsible for managing the activity of all Authorized Users, and for how the Sites are used by their Authorized Users.

Changes: We may make changes to this Privacy Policy from time to time, and any material changes that we make will be posted (in the form of an updated Privacy Policy) on our Sites. Such policy updates will be effective when they are posted unless prohibited by law in which case, we will comply with applicable law prior to making changes to this Privacy Policy. For example, for Users in the European Economic Area (“EEA”), European Union (“EU”), the United Kingdom (“UK”), or Switzerland, any changes or modifications may only be effective upon express consent, in which case, Users will be notified of any changes by virtue of a pop-up, banner, or other notification mechanism when a User seeks to access the Sites or Services after a change or modification has been issued. Upon consent, the revisions on the Sites or Services shall apply to the User’s se of the Sites or Services and all acts or omissions occurring after the effective date of the revised Privacy Policy. Accordingly, please review the terms of this Privacy Policy on a regular basis to understand the current terms.

Terms of Use: In addition to the terms of this Privacy Policy, your use of the Sites is subject to our Terms of Use, which can be found at: thirdact.digital/termsNconditions.

2. Third Party Features, Links and Privacy Policies

‍The Sites may include service features and augmentations operated by other companies that are not our service partners, but which provide features that we believe Users may appreciate, such as social media widgets, links to third-party websites, advertisements and other third-party content (“Third-Party Features”). Users who choose to access any Third Party Features, must understand the following: (1) we do not operate, control or monitor Third-Party Features, and these features are subject exclusively to the privacy policies of the companies that operate them; (2) this Privacy Policy does not apply to information collected by any third party, including through any Third Party Features; and (3) we are not responsible for the privacy practices, the placement of cookies on your computer by any third party, or any content you may encounter via Third Party Features. Users who decide to access any Third Party Features, should read the privacy policy of each linked website to understand the privacy practices that apply to those features. In addition to creating an account on our Site through Google or Facebook, Customers will also need to create a digital wallet account from our third-party service provider venly to purchase some of the Products offered though the Sites.

3. The Types of Information That We Collect, and How We Collect It

‍To provide our Services, we collect data which are not personally identifiable (“Anonymous Data”) and also data that, either alone or in conjunction with other data, could be used to identify an individual or household (referred to as “Personal Data”). Collectively, Anonymous Data and Personal Data are referred to herein as “Data”. Data may be collected in the following ways:

Account and Transaction Data: We collect Personal Data that is provided to us voluntarily either via direct communications (e.g. email) or through our Sites, such as when a User registers for our Services. We use Account Data to provide our Services to you; and we may also use Account Data to contact Customers and/or Users for limited marketing or product communication purposes (subject to the provisions herein). The Data collected include common categories of contact information (e.g. name, email address, telephone number, username, password and zip code), and may also include certain account administration information (e.g. invoice and shipment information), your purchase history, information about items in your online shopping cart when you place an order with us online or place product in your online shopping cart. All digital wallet accounts that the Customer creates have digital keys that are private and we will never have access to these keys, which are encrypted by the digital wallet account provider.

Site Usage Data: We collect certain Site/Service utilization data through the use of tracking technologies (including cookies, as detailed below) and the Data collected can include both Anonymous Data (e.g., how a Site is used) and Personal Data. We use these Site Usage Data to understand how our Sites and Services are used, to improve our Sites and Services, and to protect the integrity and security of our Sites and Services. Site Usage Data include:

(1)

Device data. Information about the computer or mobile device you use to access the Sites. This may include technical information transmitted by your device such as the browser used, the device model and operating system, language preference, device location, unique device identifiers, and the Internet Protocol (IP) address through which you accessed the Site.

(2)

Site Use Activity. Information regarding your activity on the Sites such as the time and frequency of access, a referrer page domain, pages viewed, and interactions between the User and the Sites.

If your device settings allow us, we may also collect information about your location or geolocation information when you use our mobile application. For more information about how you can control the collection of local information and to set your preferences, please see “Your Choices” below.

Other Information you Choose to Provide: We collect information you choose to provide, such as your contact and marketing preferences, brand and merchandise interests, and communications and interactions (which may include email messages, chat sessions, text messages or phone calls with you) when you sign up for emails and marketing, participate in a survey, promotion or interactive area of a Site, or when you request technical or customer support or contact us.

Information we Collect from Social Media Platforms: We may obtain information about you from social media platforms that you use in connection with our Sites or when using our Services, or that share or allow you to share information with us, such as Facebook, Twitter, Youtube, The Programmatic Network, Adomni, HiveStack, and Instagram. For example, if you post content to feeds on third-party social media sites or use social media platforms in connection with the Sites, if you use credentials (e.g., username and password ) from a third party site to create or log into your account on the Sites, or if you like us or follow us on social media platforms, we may collect the information that you share with us, or that those social media platforms share with us in accordance with their privacy policies and privacy settings. For more information about social media platform privacy practices, please review the privacy policies and settings of the social media platforms and networks that you use. You may update your privacy settings on each social media platform directly.

If we combine Personal Data with Anonymous Data, the combined information will be treated by us as Personal Data for as long as it remains combined.

If you are from the EU/EEA our legal basis for collecting and using the personal information described in this Privacy Policy is based on Art. 6(1)(B) of the General Data Privacy Regulation (“GDPR”) (performance of a contract); Art. 6 (1)(f) GDPR (balancing of interests, based on our legitimate interest in constantly and profitably improving the content, functionality and attractiveness of our Sites by analyzing your usage); Art. 6 (1)(c) (necessary for compliance with a legal obligation to which we are subject); and/or Art. 6(1)(a) of the GDPR (consent), depending on the Personal Data we collect and the specific context in which we collect it.

4. Cookies and Other Automated Tracking Technologies

‍We may use cookies (small text files placed on your web browser or device) in connection with our Sites; and we may analyze the information derived from these cookies for the same purposes as set forth elsewhere in this Privacy Policy. You may be able to limit the use or function of some cookies on your computer or mobile device in the manner described below.

We may use the following types of cookies on the Sites:

"Convenience" cookies: These cookies can store ‘persistent’ information like registration information for use on later visits to the Sites. You may be able to configure your browser to block/delete these cookies; but if you do, you will have to (e.g.) input the account-related information every session.

You may have the option to opt out of convenience cookies (if applicable) when you visit our Sites.

If you do not opt out, and you would like to delete any account information we may store via convenience cookies, you can take the following actions: (1) you can delete your cookies (via your browser); and/or (2) you can reach out to us as specified in this Privacy Policy.

"Analytics" cookies: Cookies which help us to determine usage patterns of our web pages by collecting information about how visitors use our Site.

[More specifically, we use a tool called Google Analytics for aggregated and anonymized website traffic analysis. In order to track your session usage, Google places a cookie with a randomly generated Client ID number in your browser. This ID number is anonymized and contains no identifiable information like email, phone number, name, etc. Google also has access to your IP address. In addition, Google may install additional cookies (e.g. Google fonts, Google tag manager). We use Google Analytics to track aggregated website behavior, such as what pages you looked at, for how long, and so on. This information is important to us for improving the user experience and determining site effectiveness.

If you would like to understand or limit what Google Analytics-derived browsing information we may have and/or want to delete any Google Analytics data, you can take the following actions: (1) you can delete your cookies (via your browser); (2) you can reach out to us as specified in this Privacy Policy, and/or (3) you can install the Google Analytics Opt-Out Browser Add-On (https://tools.google.com/dlpage/gaoptout). Although Google Analytics plants a permanent cookie on your web browser which can identify you as a unique user the next time you visit the Site, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use (as amended for government websites) and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser.

"Necessary" cookies: These cookies are essential for you to browse a website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies.

"Third-party" cookies: These cookies are set by other online services that run content on the page you view on your browser. For example, if you click on a Facebook "like" button, the underlying code may store a cookie on your computer that can later be accessed by Facebook and may be able to track other sites that you visit.

Web Beacons: We may also collect information using Web beacons, which are small images embedded into websites or emails that send information about your computer, mobile phone, or other device when you visit our Sites, use our mobile application, or open an email we send to you.

Please see “Your Choices” below to manage the use of these Cookies.

5. How We Use the Data that We Collect

We use Data in the manner described in this Privacy Policy. We use such Data to:

Provide Products Services to you: We use it to provide the Services to you, facilitate account creation and one-click orders, provide memberships and subscriptions, provide maintenance and support (including by sending you confirmations, related transactional, communications, security alerts, support and administrative messages), and to improve our Services and the Sites. We also use anonymized, de-identified and aggregated data generated by the Services to provide insights to our customers.

Further our Business Purposes: We use it to operate, improve upon and expand our business and lawful business activities; to maintain our programs, accounts, and records; for research; to detect and prevent fraud or misuse of our Services; and for any other business purpose that is permitted by law.

Customize and Enhance your Experiences with Us. We use it to remember and categorize your interests and preferences; customize the products and services we share with you through direct marketing; communicate with you about the Sites, Services, products, offers, promotions, surveys, events and other news and information we think may be of interest to you and contact you for feedback. Third Act also may also use Google or Facebook to create a survey to collect data from Users.

Respond to You. We use it to respond to you, such as when you place an order, call us, make a request or inquiry, complete a survey, or share a comment or concern.

Miscellaneous. We use it for any of the following reasons:

To identify your preferences
To provide you information about our other Services that might be of interest to you
To comply with our internal record-keeping needs to legal compliance needs
To notify you about changes to our Services
To allow you the option to participate in interactive features of our Services
To detect, prevent, and address technical issues
To protect or otherwise investigate our Services regarding misuse, security breaches, prevention, detection, mitigation, or investigation of fraud, or other potentially prohibited or illegal activities and/or attempts to interfere with the Website or Services or to harm others
With respect to a transfer or sale, including a potential transfer or sale, of any of our assets and/or operations to another party or in the due diligence process in line with a potential transfer or sale
To determine your level of engagement
Monitor and improve the information security of our Sites and/or our Services
Comply with governmental regulations or to respond to a subpoena or other governmental, court, administrative, Member State, Supervisory Authority or other legal requirement (as those terms are defined by applicable law)
Hire, train and/or manage our staff/employees
To enforce our Terms and Conditions, this Privacy Policy or other policies, and to monitor for violations of our policies or applicable laws
Combined with information we receive from other sources for the purposes set out in this Privacy Policy
Any other purpose communicated to you at the time of collecting the Personal Information and if required by law for which consent has been obtained
We may use non-personally identifiable information such as demographic data to analyze and develop our marketing strategy and maintain and further improve the Sites and our Services
We may use Product/NFT metadata in any way we deem appropriate for the provision of the Services, including without limitation to take inventory of the Products on Google Sheets

6. How We Use the Data that We Collect

Your information is not sold, rented or leased to other organizations for commercial/business purposes and has not been in the last 12 months immediately preceding the effective date of this Privacy Policy. We may send out email blasts to you on behalf of partners of Third Act who may want to offer their products and services to you and we may advise you of new Products Third Act will offer.

We work with third-party service providers that supply website and application development, hosting, maintenance, storage, virtual infrastructure, payment processing, research, advertising, marketing, analysis, and other services for us, which may require them to access or use of your Personal Data. However, in the event one of our third-party service providers needs to access your Personal Data to perform services on our behalf, they must also agree to comply with all portions of this Privacy Policy. We engage and share certain Data with third party service providers / partners as follows:

Engage with Service Partners: By necessity, we may share certain Data with third party service partners that are under contract with us and which perform Site-related functions on our behalf (“Service Partners”). Service Partners include certain cloud-based service providers (listed below and that may be subsequently added) that provide aspects of the Sites’ functionality (e.g. application hosting, cloud-based storage) other technology service providers and third parties that furnish us with products and services and provide services such as shipping, fulfillment and payment processing, including the following:

Wallet service partner: venly: digital wallet services. venly’s privacy policy can be found here: https://www.venly.io/terms-conditions
AWS: Application hosting and data storage services and NFT metadata. AWS’s privacy policy can be found here: https://aws.amazon.com/privacy/
IPFS Database services and Photo partner. IPFS does not have a privacy policy
Google Analytics: See previous section.
Partners for e-blasts about NFTs: Mailchimp, whose privacy policy can be found here mailchimp.com/legal/privacy/ and Constant Contact, whose privacy policy can be found here constantcontact.com/legal/privacy-notice
Login partners: Google and Facebook, whose privacy policies can be found here and here facebook.com/about/privacy. Purchases cannot be made without logging in through Google or Facebook
Hedera: cryptocurrency transaction processor and Hedera Mainnet blockchain processor, whose privacy policy can be found here: hedera.com/privacy
New Relic: server monitoring, whose privacy policy can be found here docs.newrelic.com/docs/security/security-privacy/data-privacy/data-privacy-new-relic/
Stripe credit card payment processor: whose privacy policy can be found here stripe.com/privacy

Third Act also relies on the following service partners to process credit card and/or other payments made by Customers: Stripe, Paypal, Circle (which will be used in the future). Your use of our Sites is subject to the terms of our partners’ terms of use and privacy policies, available (as listed below, collectively, the Payment Services Agreement) Third Act does not retain or record any payment processing information except that which is necessary to confirm payments and associate those payments with Customer accounts. Only our payment processing partners receive credit card information. Only our wallet service partner and cryptocurrency transaction processor receive information about account credentials and account holdings.

For Legal Purposes. We also reserve the right to disclose Data or any information submitted via Sites if we have a good faith belief that disclosure of such information is reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) establish or exercise our rights to defend against legal claims;(v) prevent harm to our rights, property or safety (or the same interests of our Users or any third party); (vi) to notify you of any product recalls or other safety concerns; or (vii) for any other legal purpose.

For Other Purposes. We may share personal information with third parties for other purposes. For example, we share personal information with:

Third parties who provide products and services that may be of interest to you, including third parties that provide us with products and services that enhance our products and services for you and that provide us with marketing, research and advertising services, including to: serve advertisements across the Internet; track and categorize your activity and interests over time on our Website and mobile application, and on third-party websites and mobile applications; and to identify the different device(s) you use to access websites and mobile applications.
Social media platforms and networks that offer Third-Party Features and login credentials for our Website, including logins for purchases, bidding and redemption of Products and Services on our Website. For more information about what information is shared or collected, and how it is used and how to adjust your privacy settings on those platforms and networks, see above.
Our Website, if you provide comments or reviews on our services or products.

No Sale or Sharing: Except Data that we share out of necessity with our service partners, Data that may be generated by certain cookies (Section 4, above), and for the purposes listed in Section 5 above, we do not rent, sell, or share Data with third parties for third-party marketing or advertising purposes, but we may send out email blasts for partners of Third Act who want to let you know about services or products they offer, who will compensate Third Act for doing so.

Please see Section 6, “Your Choices” for information about the choices you have about the sharing of your information.

7. Your Choices

Targeted Advertising: If you do not want to receive the benefits of targeted advertising, you may be able to opt out of some network advertising programs that use your information by visiting the NAI Opt-Out Page at http://www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance (DAA) consumer choice page at www.aboutads.info/choices. Please note that even if you choose to remove your information (opt out), you will still see advertisements while you’re browsing online. However, the advertisements you see may be less relevant to you and your interests. Additionally, many network advertising programs allow you to view and manage the interest categories they have compiled from your online browsing activities. These interest categories help determine the types of targeted advertisements you may receive. The NAI Opt-Out Page and the DAA consumer choice page provide mechanisms to opt out of receiving cookies from those companies. Please note that if you opt-out of targeted advertising, we may still track your visits to the Site(s) for our own analytics, operations and security purposes. We cannot guarantee that all of the third party advertisers or web optimization service providers we work with will honor the selections you make. California residents may have additional personal information rights and choices.

Google Analytics. If you would like to opt out of Google Analytics on a per browser basis, please see above.

Cookies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies and web beacons. Managing cookie preferences is different on each browser so refer to your specific browser for further information. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of the Site(s) and you will not be able to login or purchase digital assets. We will store your cookie preferences until you clear your browsing cache. You may change your preferences at any time.

Social Media: You should review your privacy settings and options directly with each of the social media platforms and networks that you access to determine your options and choices about sharing information from these sites with us.

Social Media: You may choose during the account registration process on the Sites, or otherwise, to provide us with your email address for the purpose of allowing us to send newsletters, surveys, offers, and other materials related to our products and services. You may opt out of receiving these promotional communications from us by following the instructions in those communications (such as by using an “unsubscribe” link in an email you receive) or by contacting us at the contact information provided above. Even if you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.

Phone/Text/SMS Information: With your consent, we may collect text/SMS information to communicate with you via phone, text and/or SMS. Electronic communication is the most effective and timely way to provide the users of the Sites and Services with any optional or required notifications and disclosures. In some circumstances, however, applicable laws may require us to send you disclosures or communications in paper format unless you have affirmatively consented to receiving electronic notifications only in advance of the notification. You may opt out of receiving these promotional communications from us by following the instructions in those communications (such as by texting “STOP” in response to a text message you receive) or by contacting us at the contact information provided above. Even if you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.

Location Information: We may collect information about your actual location when you use our mobile applications. You may stop the collection of this information at any time by changing the settings on your mobile device but note that some features of our mobile applications may no longer function if you do so.

Account Information: You may update, correct or modify information about you at any time by logging into your online account or by contacting us at the contact information provided above. If you wish to deactivate your account, please email us at hello@thirdact_digital but note we may continue to store information about you as required by law or for legitimate business purposes.

Push Notifications: We may send promotional and non-promotional push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device or within our mobile applications.

8. The Scope of this Policy

Data Inventory/Mapping: We have assessed our data practices and systems to assure that we understand the personal data that may be collected via our Sites and how it may flow through our Services and technology platform. We prioritize privacy concerns in the design phase of all new features for our platform.

Data Retention: We only collect and process those data that we need to perform the Services or as otherwise described in this Privacy Policy. We have adopted policies that require us to delete or anonymize all data that are no longer required for the performance of the Services.

Security of Data and Processing: We have implemented measures that are designed to limit access to Personal Data to authorized individuals and to prevent the loss or corruption of data. We have implemented commercially reasonable data security technologies designed to preserve the security of all data collected and/or processed on our platform, including encryption for all such data in transit and at rest when applicable except for metadata and photos which are publicly accessible and not encrypted at rest.

Please understand, however, that no security system is impenetrable or perfectly secure. We cannot guarantee the security of our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to or from us over the Internet. As a result, you use the Sites at your own risk. When registering with us on the Sites, we encourage you to choose passwords of sufficient length and complexity, install the latest security updates and anti-virus software on your computer to help prevent malware and viruses, not share your password with others, and review your account information periodically. If there is any unexpected activity or inaccurate information or if you have reason to believe that your information is no longer secure, please contact us using the contact information provided above.

9. Users in the United States

Through this Privacy Policy, pursuant to 15 U.S.C. § 7001, you hereby affirmatively consent to receive electronic notifications and disclosures from us only (without requiring a paper copy) and you represent that, to date, you have not withdrawn such consent. You have the right to change your mind and withdraw your consent at any time. If you would like to withdraw your consent to receive electronic notifications and/or would like to request paper copies of any electronic notifications you receive, you may contact at privacy@thirdact.digital via mail at 12 East 49th Street, Floor 11, New York, NY 10017. To receive electronic records, you will need access to a smart phone, tablet, laptop or computer with internet access and an email account. You may opt out of receiving these promotional communications from us by following the instructions in those communications (such as by texting “STOP” in response to a text message you receive) or by contacting us at the contact information provided above. Even if you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.

Do not track (including California and Delaware do not track disclosures). Some internet browsers incorporate a "Do Not Track" feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the "Do Not Track" signal, we do not currently interpret, respond to or alter its practices when it receives "Do Not Track" signals.

Notice to California, Nevada, and Utah residents. We do not disclose a user’s personal data to any third party for such third-party's direct marketing purposes. Nevada S.B.220 allows Nevada residents to opt-out of the sale of their personal information now in the event we change our Privacy Policy in the future. If you are a Nevada resident we want you to know that, in the event we sell your Personal Information, you will have choices and can opt-out and can effect them by contacting us at privacy@thirdact.digital via mail at 12 East 49th Street, Floor 11, New York, NY 10017. This may prevent or restrict your use of the Services in the future.

California Data Subject Rights

Shine the Light Law

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal Information that we share with our affiliates and/or third parties for marketing purposes and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to privacy@thirdact.digital or via mail at 12 E 49TH, Floor 11, NYC, NY, 10017. We will respond to one request per California customer each year, and we do not respond to requests made by means other than as set forth above.

The California Consumer Protection Act and the California Privacy Rights Act

If you are a California resident, you have the following rights under applicable California law in relation to your personal information, subject to certain exceptions:

Right to Know. You have the right to, up to twice in a 12-month period, request what Personal Information we collect, use, disclose, and/or sell, as applicable.
Right to Delete. You have the right to request the deletion of your Personal Information that is collected by us.
Right to Opt-Out of Sale. You have the right to opt-out of the sale of your Personal Data by a business. However, as noted above, we do not currently sell any Personal Data.
Right to Non-Discrimination. You have the right not to receive discriminatory treatment for the exercise of the privacy rights described above.
Right to Data Portability. You have the right to request a copy of your Personal Data we have collected and maintained about you in the past 12 months.

Please note that if you request deletion of your Personal I Data we may deny your request or may retain certain elements of your Personal Information if it is necessary for us or our service providers to:

Complete the transaction for which the Personal Data was collected, provide goods or Services requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between our business and you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
Debug to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
Comply with a legal obligation.
Otherwise use the personal data, internally, in a lawful manner that is compatible with the context in which you provided the information.

Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”) as permitted by the CCPA. To submit a request, please email privacy@thirdact.digital. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the personal information on. These rights are also subject to various exclusions and exceptions under applicable laws.

You may also designate an authorized agent, in writing or through a power of attorney, to request to exercise the above rights on your behalf. The authorized agent may submit a request to exercise these rights by emailing privacy@thirdact.digital.

We currently do not collect household data. If we receive a Right to Know or Right to Delete request submitted by all members of a household, we will individually respond to each request. We will not be able to comply with any request by a member of a household under the age of 13 as we do not collect Personal Data from any person under the age of 13.

We will respond to your request within 45 days after receipt of a Verifiable Consumer Request for a period covering 12 months and for no more than twice in a twelve-month period. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days.

You may exercise any of the rights described in this section by sending an email to: thirdact.digital with “California Privacy Rights” as the subject line or mail us a letter to: 12 E 49TH, Floor 11, NYC, NY, 10017

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We may now or in the future elect to share information about you with third parties for those third parties’ direct marketing purposes. California Civil Code § 1798.83 permits California residents who have supplied personal information (as defined in the law) to us to, under certain circumstances, request and obtain certain information regarding our disclosure, if any, of Personal Data to third parties for their direct marketing purposes. If this law applies to you, you may obtain the categories of Personal Data shared by us and the names and addresses of all third parties that received Personal Data for their direct marketing purposes from us during the immediately prior calendar year (e.g., requests made in 2021 will receive information about 2020 sharing activities). To make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a California resident and provide a current California address for our response. To make such a request (limit one request per year), please send an email to privacy@thirdact.digital, with “California Privacy Rights” as the subject line or mail us a letter to our attention at 12 E 49TH, Floor 11, NYC, NY, 10017. You must include your full name, email address with which you registered on our Website or to use our Services, and postal address in your request.

10. Users in the EU/EEA and UK

EEA data subject protection rights under the GDPR

If you are a resident of the EEA/EU or UK, you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.

If you wish to be informed about what Personal Information we hold about you, have a copy of it, correct or otherwise rectify it, and/or if you want it to be removed from our systems, please contact us using the contact information set out below.

In certain circumstances, you have the following data protection rights:

Request access to your Personal Information (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Information we hold about you where we are the data controller and to check that we are lawfully processing it.
Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us.
Request erasure of your Personal Information. This enables you to ask us to delete or remove Personal Information where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Note, however, that we may not always be able to comply with your request for erasure for specific legal reasons, which will be explained to you, if applicable, at the time of your request.
Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request that we restrict the processing of your Personal Information. This enables you to ask us to temporarily stop the processing of your Personal Information in the following scenarios: (a) if you have concerns about the accuracy of your information and want to have it rectified; (b) where you believe our use of your information may be unlawful but you do not want us to erase it; (c) where you need us to hold the information for the purposes of defending or exercising your rights with respect to a legal claim even though we may no longer need it; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to keep it.
Request the transfer of your Personal Information to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in your Member State.

If you wish to exercise any of the rights set out above, please contact us using the contact details below.

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure designed to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

11. Users in Canada

This Section provides additional information regarding the use of Personal Information about Canadian residents and the process to be followed in order to send unsolicited electronic communications to them, and our responsibilities under Canada’s Anti-Spam Legislation (CASL).

For the purposes of this section:

Commercial activity: Any transaction of commercial character, regardless of whether there is an expectation of profit or not.
Commercial electronic message (“CEM”): CEMs are commercial electronic messages that encourage participation in commercial activity. Even if a commercial message is not sent with an expectation of garnering profit, it still qualifies as a CEM.
Electronic address: An address used in connection with the transmission of an electronic message to an electronic mail account, and instant messaging account, a telephone account or similar account.
Electronic message: A message sent by any means of telecommunication, including text, sound, voice or image.
Express consent: Permission obtained when a recipient “opts in” to receive CEMs. Consent can be oral or written and could be an unedited audio recording, paper or electronic checkbox on a website. Express consent never expires unless the recipient chooses to unsubscribe. We will maintain records of all contacts for whom express consent exists.
Unsubscribe: A withdrawal of consent to receive CEMs

By submitting forms to us that provide your electronic address, you are granting us express consent to send you CEMs. You may unsubscribe via the link found at the bottom of every electronic message.

All partners, employees, contractors, vendors and any other person sending CEMs on behalf of us will ensure that all such CEMs contain:

Full contact information. This includes the sender’s first name, last name, title, company name, company mailing address, direct telephone number, electronic address and company web address.
Information enabling you to contact us and, if the CEM is sent on behalf of another party, the name of this party and the sender, in addition to the information listed above.
An unsubscribe link that is clearly visible and that is valid for at least 60 days. The unsubscribe mechanism that will be provided to users via this link will be simple, quick and easy for the user to perform.

When we plan to introduce significant changes to its privacy practices, it will notify Canadian-resident users and obtain their consent prior to the changes coming into effect. Significant changes include using Personal Information for a new purpose not anticipated originally or a new disclosure of personal information to a third party for a purpose other than processing that is integral to the delivery of a service. This Section provides additional information regarding the use of Personal Information about Canadian residents and the process to be followed in order to send unsolicited electronic communications to them, and our responsibilities under CASL.

For the purposes of this section:

Commercial activity: Any transaction of commercial character, regardless of whether there is an expectation of profit or not.
Commercial electronic message (“CEM”): CEMs are commercial electronic messages that encourage participation in commercial activity. Even if a commercial message is not sent with an expectation of garnering profit, it still qualifies as a CEM.
Electronic address: An address used in connection with the transmission of an electronic message to an electronic mail account, and instant messaging account, a telephone account or similar account.
Electronic message: A message sent by any means of telecommunication, including text, sound, voice or image.
Express consent: Permission obtained when a recipient “opts in” to receive CEMs. Consent can be oral or written and could be an unedited audio recording, paper or electronic checkbox on a website. Express consent never expires unless the recipient chooses to unsubscribe. We will maintain records of all contacts for whom express consent exists.
Unsubscribe: A withdrawal of consent to receive CEMs

Full contact information. This includes the sender’s first name, last name, title, company name, company mailing address, direct telephone number, electronic address and company web address.
Information enabling you to contact us and, if the CEM is sent on behalf of another party, the name of this party and the sender, in addition to the information listed above.
An unsubscribe link that is clearly visible and that is valid for at least 60 days. The unsubscribe mechanism that will be provided to users via this link will be simple, quick and easy for the user to perform.

Unsubscribe Requests: All unsubscribe requests will be managed within 10 days of receipt. Partners, employees, contractors, vendors and any other person sending CEMs on behalf of us will not send an unsubscribed party any further communications by electronic means.

When we plan to introduce significant changes to its privacy practices, it will notify Canadian-resident users and obtain their consent prior to the changes coming into effect. Significant changes include using Personal Information for a new purpose not anticipated originally or a new disclosure of personal information to a third party for a purpose other than processing that is integral to the delivery of a service.

11. Other Terms

Transfer of Assets: If another entity acquires us or acquires all (or substantially all) of our assets, the Data in our platform will be transferred to and used by this acquiring entity. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be sold or transferred to third parties.

Minors and Privacy: Minors and Privacy: The Sites and Services are not directed toward, or intended for use by, individuals under age 13 (16 if outside the US). We do not knowingly collect information from anyone under age 13 (16 if outside the US). If you are under the age of 13 (16 if outside the US), please do not use the Sites and do not register with, order or purchase from, or provide any personal information to, us. If we find out that we have collected information from a minor under age 13 (16 if outside the US), we will take all commercially reasonable steps to delete that information immediately. If you are under the age of 18, you should use the Sites only with the involvement of a parent or legal guardian and should not submit any personal information to us.

Third Party Sites and Links: We are not responsible for the privacy practices and/or security practices employed by any third-party websites or service, including but not limited to any such sites or services that may be linked to or referred to in any way on the Sites.

International Users: If you are a user from a country outside the United States, and you choose to access the Sites, you are deemed to consent to the transfer of any personal information you disclose from the country from which you reside or from which you access the Sites to United States.

Do Not Track: Some web browsers may transmit “Do Not Track” signals to websites visited by the user. The Sites may not respond to web browser-based “do not track” signals.

Biometric ID Processing: Third Act does not use any technologies (e.g. face recognition) that are designed to identify an individual based on data (e.g. photographs, videos) collected/processed by the system.

Accessibility: We strive to assure that our Sites are accessible. If you experience any difficulty in accessing any part of the Sites or this Privacy Policy, please contact us immediately.

Security: We endeavor to incorporate commercially reasonable safeguards to help protect and secure your Personal Data. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure the security of any information you transmit to us, and you use our Services and provide us with your information at your own risk.

Severability and Enforceability: To the extent any provision of this Privacy Policy is found by a competent tribunal to be invalid or unenforceable, such provision shall be severed to the extent necessary for the remainder to be valid and enforceable.

12. Contact Us

If you have any questions about this Privacy Policy, our Sites and/or Services, you can contact us at:

Third Act Digital LLC
privacy@thirdact.digital
12 E 49TH ST, 11th Floor, New York, NY, 10017
347-429-4999

Privacy Policy

Still have questions about this Privacy Policy?