Last Updated: April 1, 2022
Information We Receive
We collect and use your information to provide our services and improve them over time.
When you create an account with us, you provide us with some personal information, such as your name, address and email address. If you are paying with a credit card, you will be required to provide us with your credit card information at the time of purchase.
Our servers automatically record information (“Log Data”) created by your use of our services. Log Data may include information such as your IP address, browser type, the referring domain, pages visited and search terms. Other actions, such as interactions with advertisements, may also be included in the Log Data.
Our website may use a variety of applications and provide links to websites owned or operated by third parties to help provide our services. Whenever you connect with such applications or third-party websites, the applications and websites may collect information sent by your browser, such as cookies or your IP request. Additionally, we may receive information from them, including information about actions you take.
We will retain your information for as long as you maintain an account with us or as needed to provide you services. We will retain and use your information to comply with our legal obligations, resolve disputes and enforce our agreements. We will also use your information to provide you with relevant content, advertisements, promotions and marketing materials.
Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information that we are aware of. To request this information, please contact us at email@example.com.
Information Sharing and Disclosure
We may share or disclose your information, such as when you use a third-party web client to access your NYMT account.
We may disclose your information if we are required to do so by law, or we believe, in good faith, that such disclosure is necessary to comply with the law, defend our rights or property, or respond to an emergency situation.
We may share or disclose your non-private, aggregated, or other non-personal identifying information, such as the number of users who clicked on a particular link.
From time to time, we enter into relationships with third parties who provide services to us (for example, advertisers, ad networks, data management and storage services, credit card processing services, or application provider). These third party service providers may also use technologies such as cookies, web beacons, tags, flash, HTML5, scripts, or other tracking technologies to gather information about your activities on our website and other sites in order to suggest advertisements based upon your browsing activities and interests. We also share your information with such third parties for the purposes of facilitating your purchases and in connection with measuring and improving our website and advertising effectiveness, and other enabling enhancements. We may share aggregated information about our visitors with our advertisers and promotional partners, such as how many persons visited a particular page or activity, or the likes and dislikes of our visitors, but this information is not specific to any individual visitor. We may obtain geographic information such as zip code clustering from other sources, but this aggregate information will not reveal the precise location of a specific visitor. We may also obtain other demographic information from third parties to improve our products and services, for marketing purposes or to display more relevant advertising. We do not control these third parties’ tracking technologies or how they may be used.
If you are interested in opting out of some of these third party tracking technologies, you may be able to do so at the following links:
Changing or Removing Information
If you are concerned about the information you have voluntarily submitted to NYMT through our website or would like to review, update or delete that information, please contact us at firstname.lastname@example.org. You may also update, correct or delete information about you at any time by signing into your account and modifying your information. If you wish to deactivate your account, please email us at email@example.com, but note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information for a certain period of time.
Promotional and Marketing Communications
You may opt out of receiving promotional and marketing emails from NYMT by following the opt-out instructions in those emails. You may also opt out of receiving promotional emails and other promotional communications from us at any time by emailing firstname.lastname@example.org with your specific request. If you opt out, we may still send you non-promotional communications, such as security alerts and notices related to your access or use of our website or those about your account or our ongoing business relations.
Children’s Online Privacy Protection Act
We are committed to protecting children’s privacy on the internet and we comply with the Children’s Online Privacy Protection Act. Our services are not directed to individuals under the age of 13. We do not knowingly collect personally identifiable information from children under the age of 13. If you become aware that your child under the age of 13 has provided us with personal information without your consent, please contact us at email@example.com. If we learn that we have collected personal information from a child under the age of 13, we will take steps to promptly remove such information.
Our website employs reasonable security measures to protect the personal information you voluntarily submit to it. Such security involves the use of SSL-secured Web forms, firewalls, and other commonly employed security methods. However, even with these security measures in place, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your information transmitted to our website. Any transmission is at your own risk.
“Phishing” is a scam designed to steal your personal information. If you receive an e-mail that looks like it is from us asking you for your personal information, do not respond. We will never request your password, user name, credit card information or other personal information through e-mail.
Consent to Collection and Processing in the United States
By using our website, you consent to having your personal data transferred to and processed in the United States.
For California Residents
This section provides you with our practices regarding the collection, use, and disclosure of your personal data. It also explains your rights regarding your personal data that we collect (as set forth in the California Consumer Privacy Protection Act or the “CCPA”).
If you are a California resident, you have the right to know what personal data we collect, disclose, and “sell” about you (as that term is used in the CCPA). Additionally, you have the right to access, delete and opt out from the “sale” of your personal data. Specifically, California residents may request that we:
- Inform you about the specific pieces of personal data we collected about you (also called a data portability request).
- Provide you access to and/or a copy of certain personal data we hold about you.
- Delete certain personal data we have about you.
The CCPA further provides you with the right to not be discriminated against (as provided for in applicable law) for exercising your rights.
Certain data may be exempt from such access, data portability, and deletion requests under California law. For example, we need to retain certain data in order to provide our services to you.
Only you or your authorized representative registered with the California Secretary of State may make a verifiable consumer request related to your personal data. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability two (2) times within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm the personal data relates to you. We will only use personal data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
California Notice of Right to Opt-Out of “Sale”
California residents may opt out of the “sale” of their personal data. California law broadly defines “sale” in a way that may include allowing third parties to receive certain data, such as cookies, IP address, and/or browsing behavior, to deliver targeted advertising on our website or other sites and apps.
If you would like to opt out of our use of your personal data for such purposes, you may do so by contacting us at firstname.lastname@example.org. Please note that you will need to opt out again if you visit our website from a different device or browser or if you clear your cookies. Please note that we do not knowingly sell the personal data of minors under 16 years of age without legally-required affirmative authorization.
California Shine the Light Disclosure
Under California Civil Code sections 1798.83- 1798.84, California residents are entitled to ask for a notice identifying the categories of personal customer data which we share with our affiliates and/or third parties for their own direct marketing purposes, and providing contact information for such affiliates and/or third parties.
To exercise a Shine the Light request, please contact us at email@example.com with the subject line “Your California Privacy Rights” and provide us with your name, street address, city, state, and zip code. In the body of your request, please provide enough information for us to determine if this applies to you. Please note that we will not accept inquiries via the telephone or by facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.
EU Data Subject Rights
If you are a resident of the European Economic Area (EEA), you have the right to: (a) request access to your personal data and rectification of inaccurate personal data; (b) request erasure of your personal data; (c) request restrictions on the processing of your personal data; (d) object to processing your personal data; and/or (e) the right to data portability (collectively, “EU Requests”). We can only process EU Requests from a user whose identity has been verified. To verify your identity, please provide your email address or [URL] when you make an EU Request. For more information about how to get access to personal data and for exercising your rights, you can submit a request by emailing us at firstname.lastname@example.org with the subject line “I am an EU resident and would like to exercise my individual rights”.