PRIVACY POLICY

Last Updated: January 31, 2024

This privacy policy explains how Empower Finance (“Empower,” “we,” or “us”) collects, stores, secures, and shares your information, as well as what your choices are concerning our information practices. Empower is a financial technology company that provides financial products and services through a website and mobile application, as well as connecting you with financial products and services provided by third parties.

This policy does not cover what third parties that you access through our Empower might do with your information, and you should review their privacy policies to find out more information on their privacy practices.

 

1. What this Privacy Policy Covers

This Privacy Policy applies to users of our website, www.empower.me (the “Site”, and such users, “Site Visitors”), our mobile application (the “App”), and our related technologies, products and services (collectively with the Site and the App, the “Services”). Our Services are designed to create the best place to manage and improve your financial life by enabling you to connect and view your various online or app-based financial and finance-related accounts in one place, enabling you to open and access bank accounts, and providing qualified users access to Cash Advances.

If you download the App, or apply for or obtain a financial product or service from us, such as a checking account, cash advance, credit card, or loan, the information that you provide is protected by the Gramm-Leach-Bliley Act and is subject to Empower's federal privacy notice, as well as this general privacy policy.

Customers that download the App, begin the registration process, or sign up for a checking account, savings account, loan, crypto wallet and other products and services provided through the Services by us or a third party (each, a “Customer”) should also review carefully the Gramm-Leach-Bliley Act Privacy Notice below that applies to them. Certain sections of this Privacy Policy applicable to California residents may apply only to Site Visitors and not Customers.

This Privacy Policy is incorporated into and forms part of our Terms of Service. Before using the Services or submitting any Personal Data to us, please review this Privacy Policy carefully and contact us if you have any questions. By using the Services, you are agreeing to the practices described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not access the Site or otherwise use the Services.

 

2. What Information We Collect

We may collect information that alone or in combination with other information in our possession could be used to identify you (“Personal Data”) in the following circumstances:

2.1 Information You Provide. We collect Personal Data from you when you voluntarily provide this information to us, such as when you register for access to our Services, contact us with inquiries, link your accounts, respond to offers from us or third parties, obtain or use products or services from us or third parties, or when you authorize our Services to collect this information about you from your financial institution, credit bureaus or others. Personal Data that you voluntarily provide depends on your use of the Services but may include your name, address, email address, phone number, tax identification number (such as U.S. social security number) or other government-issued ID number, date of birth, annual income, and other information about your finances and employment.

Please note that if you are located outside of the United States, by providing this information to us, you acknowledge and agree that this Personal Data may be transferred from your current location to the offices and servers of Empower and the authorized third parties referred to in this Privacy Policy, located in the United States.

2.2 Information from Third Party Partners. When you choose to use the Services to link or view activity on financial or finance related accounts operated by a third party (e.g., your bank or credit card company), we collect Personal Data from that third party and others (each, a “Third Party Partner”) to enable us to provide the Services or certain features thereof. For example, Empower uses Plaid Technologies, Inc. (“Plaid”) to gather an end user’s data from financial institutions. By using our service, you grant Empower and Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution. You agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with the Plaid Privacy Policy.

2.3 Internet Activity Data. When you interact with our Services, we receive and store certain information about your visit, use, or interactions. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. We may store this information itself or it may be included in databases owned and maintained by our agents or service providers. Our Services may use this information and pool it with other information to track, for example, the total number of visitors to our website, the number of visitors to each page of our website, and the domain names of our visitors' Internet service providers. In particular, the following information is created and automatically logged in our systems:

  • Log Information: Information that your browser automatically sends whenever you visit the Site. Log Information includes your Internet Protocol (“IP”) address, browser type and settings, the date and time of your request, and how you interacted with the Services.

  • Cookies Information: Please see the “Cookies and Similar Technologies” section below to learn more about how we use cookies.

  • Device Information: Includes name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings. In addition, for fraud protection purposes only, we may also collect information on your battery usage, device identifier, device storage, MAC address, and SIM information. Similarly, we may collect information from your device that allows us to determine if you are masking or faking your location using a VPN, VPN app with location spoofing, or other related tools.

  • Usage Information: We collect information about how you use the Services, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.

  • Location Information: We may collect and use your location information (for example, by using your IP address to determine your approximate geographic location) through the Services in order to help us authenticate activity related to your account. We may also use your location information in an aggregate way as Aggregate Data (defined below). We do not share your location information with other users of our Services.

2.4 Cookies and Similar Technologies. In operating the Services, we may use “cookies” and other similar technologies. A cookie is a piece of information that the computer hosting our Services gives to your browser when you access our Services. Cookies help provide additional functionality to our Services and help us to analyze usage more accurately. For instance, our website may set a cookie on your browser that allows you to access our Services without needing to remember and then enter a password more than once during a visit to our website. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of additional features of our Services. Advertising networks may use cookies to collect Personal Data. Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources and follow the opt-out instructions there.

  • Email Open/Click Information: We use pixels in our email campaigns that allow us to collect your email and IP address as well as the date and time you open an email or click on any links in the email.

  • Analytics: We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the Services and enhance your experience when you use the Services. For more information on how Google uses this information, click here.

  • Third Party Tracking: We may allow third party service providers, including Facebook, to use cookies, pixels, or similar technologies to collect information about your browsing activities over time and across different websites following your use of our Services and use that information to send targeted advertisements. These third party service providers help us analyze how our users use our Services, and can enhance your experience when you use our Services. We currently do not respond to “Do Not Track” (“DNT”) signals and operate as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

 

3. How We Use the Information We Collect

We will use the Personal Data you give us to provide our Services to you in a way that is consistent with this Privacy Policy. Please note that if you provide your Personal Data for one part of our Services, we may use it for another part of our Services. For example, if you contact us by email, we may use the Personal Data you have submitted to us to provide you with the answer to your question or to resolve your problem. Also, if you provide Personal Data in order to obtain access to our Services or to link your financial accounts, we will use your Personal Data to provide you with access to these Services and features, to monitor your use of these Services, and to communicate with you or provide you with push notifications through the Services if you have turned on that functionality in your device settings.

We may also use your Personal Data and other personally non-identifiable information collected through our Services to help us improve content and functionality; to better understand our Customers; to maintain and improve our Services; to develop new products and services; to prevent fraud, criminal activity, or misuses of our Services; to ensure the security of our IT systems, architecture, and networks; to comply with legal obligations and legal process; and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Additionally, in an ongoing effort to better understand and serve our Customers, we may conduct research on our Customer demographics, interests, and behavior based on Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate or other non-identifiable basis (“Aggregate Data”), and we may share this Aggregate Data with our contractors, agents and business partners. We may also disclose Aggregate Data in order to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes. In addition, we may share Aggregate Data with third party providers to permit them to make offers that are more relevant to you. We may collect and share Aggregate Data through the Services, through cookies, and through other means described in this Privacy Policy.

We may use certain parts of your Personal Data to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to "opt-out" of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or wish to have your name deleted from our mailing lists, please contact us as indicated below.

If we plan to use your Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed prior to or at the time when your Personal Data is collected.

4. When We Share the Information We Collect

We may share your Personal Data in the following circumstances:

  • 4.1 At Your Request. We may share your Personal Data where you have consented or otherwise given us permission to share your data. For example, if you want us to retrieve your credit report on your behalf, we will need to share your Personal Data with third party credit bureaus for the purpose of retrieving your credit report. We will not share your name, address, email address, phone number, or tax identification number (such as U.S. social security number) with third party product providers for marketing purposes without your express consent. Note that when you decide to pursue an offer from a third party product provider, you may be asked to provide information directly to that provider, including your Personal Data. Using our Services does not require you to provide any information directly to such providers, unless you wish to.

  • 4.2 With Third Parties Needed to Provide Our Services. We may share your Personal Data with the financial institutions with whom you choose to link your account, Third Party Partners, like Plaid, and other service providers that we use in delivering the Services. Examples include providers that provide us with technology services such as hosting, identity verification, support, payment, and email service. We provide these providers with only the Personal Data they need to perform their specific function, or to evaluate new potential vendors, and take commercially reasonable steps to ensure our service providers adhere to the security standards we apply to your Personal Data.

  • 4.3 For Legal Reasons. We may share your information if required by applicable law or legal process, or if we believe it is in accordance with applicable law or legal process. This can include protecting the rights, property, and safety of Empower, our users, and the public, including, for example, in connection with court proceedings, or to detect or prevent criminal activity, fraud, material misrepresentation, or to establish our rights or defend against legal claims.

  • 4.4 As Part of a Corporate Change. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate or asset sale, merger, reorganization, dissolution, or similar event, your Personal Data may be part of the transferred assets.

5. How Long We Retain Your Information

We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a business need to do so, or as required by law (e.g., for tax, legal, accounting, or other purposes), whichever is longer.

6. How to Update Your Personal Data

You agree to promptly update your account information in the event of any change. If you need to update your Personal Data, please contact us at help@empower.me. We will take reasonable steps to update or correct your Personal Data in our possession that you have previously submitted through our Services. You can also update your own data in our mobile app using the edit feature.

You may also choose not to provide us with your personal information, but you may as a result not be able to use some of our Services. You may terminate your account with us at any time by submitting a request tohelp@empower.me. Please note that we may retain your Personal Data and other information beyond the end of your relationship with us in accordance with our internal record-keeping policies and with applicable law, including to comply with legal reporting obligations.

7. When You Provide to Us Unsolicited Information

This Privacy Policy does not apply to any unsolicited information you provide to us. This includes, but is not limited to, information posted to any public areas of our website, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions. If you make an unsolicited submission, we will not treat this as confidential and we can reproduce, use, disclose, and distribute this information to others without limitation or attribution. For the safety and security of your information, please do not submit information to us other than when we specifically ask you for it.

8. When Our Services Are Unknowingly Accessed by Children

We do not knowingly collect Personal Data from children under the age of 18. If you are under the age of 18, please do not submit Personal Data to us. If you have reason to believe that a child under the age of 18 has provided Personal Data to us, please contact us and we will endeavor to delete that information from our databases, subject to applicable law.

9. When You Link or Are Referred to Other Websites or Services

This Privacy Policy applies only to our Services. Our Services may contain links or referrals to other websites or services not operated or controlled by us, including websites and services operated by the third party product providers who may make offers available to you through our Services. The policies and procedures we describe in this Privacy Policy do not apply to the websites or services of these third parties. The links from our Services do not imply that we endorse or have reviewed these third parties’ websites or services or their respective privacy policies. We suggest contacting such third parties directly for information on their privacy policies.

10. When You Integrate Social Networking Services

One of the features of our Services is the ability to connect your Empower account to various social networking services like Facebook or Twitter. By directly integrating these social networking services, we aim to make your online experiences richer and more personalized. To take advantage of this feature, we will ask you to log into or grant us permission to connect via the relevant social networking services. When you add a social networking service account to our Services or log in to our Services using your social networking services account, we will collect relevant information necessary to enable our Services to access that social networking service and your data contained in such social networking services. As part of this integration, the social networking services will provide us with access to certain information that you have provided to the social networking services, and we will use, store, and disclose such information in accordance with this Privacy Policy. However, please remember that the manner in which social networking services use, store, and disclose your information is governed by the policies of such third parties, and we have no liability or responsibility for the privacy practices or other actions of any social networking services that may be enabled within our Services. You may also have the option of posting your account activities to social networking services when you access content through our Services (for example, you may post to Facebook that you performed an activity using our Services). You acknowledge that if you choose to use this feature, your friends, followers, and subscribers on any social networking services you have enabled will be able to view such activity.

11. Our Security Practices

We take reasonable steps to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. These include policies designed to protect the confidentiality and security of your Personal Data such as industry-standard encryption and authentication measures. We also limit access to your Personal Data to employees and service providers that have a business reason to know such information. However, no Internet or email transmission is ever fully secure or error free.

12. Changes to Our Privacy Policy

Our business and Services may change from time to time. As a result, at times it may be necessary to make changes to this Privacy Policy. If we make changes, we will notify you by revising the “Last Updated” date at the top of this page. If we make material changes, we will do so in accordance with applicable legal requirements, and we will post a notice on our website and mobile applications alerting our users to the material changes prior to such changes becoming effective. Your continued use of our Services after any changes or revisions to this Privacy Policy will indicate your agreement with the terms of such revised Privacy Policy.

13. Want to Reach Us?

You may reach us at privacy@empower.me

Federal Privacy Notice

Privacy Notice Last revised: 08/11/2023

 

FACTS:

WHAT DOES Empower Finance, Inc. ("Empower") DO WITH YOUR PERSONAL INFORMATION?

Why?

Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

What?

The types of personal information we collect and share depend on the product or service you have with us. This information can include:

  • Social Security number and income

  • Account balances and account transactions

  • Checking account information and assets

How?

All financial companies need to share consumers' personal information to run their everyday business. In the section below, we list the reasons financial companies can share their consumers' personal information; the reasons Empower chooses to share; and whether you can limit this sharing.

Reasons we can share your personal information

Does Empower share?

Can you limit this sharing?

For our everyday business purposes — such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus

Yes

No

For our marketing purposes — to offer our products and services to you

Yes

No

For joint marketing with other financial companies

No

We don't share

For our affiliates’ everyday business purposes — information about your transactions and experiences

Yes

No

For our affiliates’ everyday business purposes — information about your creditworthiness

No

We don’t share

For our affiliates to market to you

No

We don’t share

For our nonaffiliates to market to you

No

We don't share

 

Questions?

Email: privacy@empower.me , call us at 888 943 8967 or go to empower.me/privacy

 

What we do

Who we are

 

Who is providing this notice?

The Empower Finance Inc. family of companies

What we do

 

How does Empower protect my personal information?

To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.

How does Empower collect my personal information?

We collect your personal information, for example, when you:

  • Open an account

  • Deposit money

  • Pay your bills

  • Provide account information

  • Make deposits or withdrawals from your account

We also collect your personal information from others, such as credit bureaus, affiliates, and other companies.

Why can’t I limit all sharing?

Federal law gives you the right to limit only

  • sharing for affiliates' everyday business purposes—information about your creditworthiness

  • affiliates from using your information to market to you

  • sharing for nonaffiliates to market to you

State laws and individual companies may give you additional rights to limit sharing. See "Other important information" section below.

  

Definitions

 

Affiliates

Companies related by common ownership or control. They can be financial and nonfinancial companies

  • Our affiliates include certain companies with an Empower name.

Nonaffiliates

Companies not related by common ownership or control. They can be financial and nonfinancial companies.

  • Empower does not share with nonaffiliates so they can market their products to you.

Joint marketing

A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

  • Empower does not engage in joint marketing.

 

Other important information

You may have other privacy protections under applicable state laws. To the extent these state laws apply, we will comply with them when we share information about you.

For California residents: In accordance with California law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example, with your consent or to service your account. We will limit sharing among our companies to the extent required by California law.

For Vermont residents: In accordance with Vermont law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example with your consent or to service your account. We will not share information about your creditworthiness within our corporate family except with your authorization or consent, but we may share information about our transactions or experiences with you within our corporate family without your consent.

For Vermont residents: In accordance with Vermont law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example with your consent or to service your account. We will not share information about your creditworthiness within our corporate family except with your authorization or consent, but we may share information about our transactions or experiences with you within our corporate family without your consent.

Telephone Communications: All telephone communications with us or our authorized agents may be monitored or recorded.

 

 

Empower Privacy Policy and Collection Notice for California Residents

Effective Date: August 11, 2023

Last Reviewed on: August 11, 2023

This Privacy Policy and Collection Notice for California Residents supplements the information contained in Empower’s Privacy Policy and applies solely to residents of the State of California. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA).  Any terms defined in the CCPA and CPRA have the same meaning when used in this Notice. 

Personal information subject to the CCPA and CPRA does not include publicly available information from government records; de-identified or aggregated consumer information; and information governed by the federal Gramm-Leach-Bliley Act (GLBA), the federal Fair Credit Reporting Act, the California Financial Information Privacy Act, or the Driver’s Privacy Protection Act. This means, in part, that the consumer financial information that you provide to us so that Empower can provide financial products and services to you, which is protected by the GLBA, is not covered by this California Privacy Notice. This includes, without limitation, certain device information and biometric information collected from the App for fraud screening purposes in connection with Empower’s provision of those financial products and services. Relevant disclosures about that information are available to you in Empower’s Federal Privacy Notice.

1.    Information We Collect

Empower is collecting your personal information to support its business operations, including for business purposes set forth below.  

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device ("personal information"). Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA's scope, like:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
  • Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

In particular, we may collect the personal information categories listed in the table below. The table also lists, for each category, our expected retention period, and use purposes, and whether we sell the information or share it with third parties for cross-context behavioral advertising. 


Personal Information Category

Retention Period

Sold or Shared

Identifiers

6 months

No

California Customer Records personal information

6 months

No

 

Internet or other similar network activity

6 months

No



We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you. For example, from documents you provide or through products and services you purchase.
  • Indirectly from you. For example, from observing your usage of and actions and submissions on our Website.
  • From third parties that interact with us in connection with the services we perform. For example, from Plaid, Stripe, your financial institutions, or other companies. 

2.    Use of Personal Information for Business Purposes

We may use or disclose the personal information we collect for one or more of the following business purposes: 

  • To fulfill the request for which you provided us information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a financial product or service, we will use that information to process your payment and facilitate delivery of our product or service to you. We may also save your information to facilitate new requests or process refunds. 
  • To provide, support, personalize, and develop our Website, products, and services.
  • To create, maintain, customize, and secure your account with us.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third party sites, and emails or text messages.  Emails and text messages are sent only with your consent, where such consent is required by law.
  • To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA/CPRA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us  about our Website users/consumers is among the assets transferred.
  • To audit a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance.
  • We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

3.    Sharing Personal Information 

We may disclose your personal information to a third party for a business purpose. When we disclose personal information and sensitive personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. 

We may share your personal information with the following categories of third parties: 

  • Our affiliates.
  • Service providers.
  • Contractors.
  • Government or regulatory authorities.

3.1.    Disclosures of Personal Information or Sensitive Personal Information for a Business Purpose

In the preceding twelve (12) months, we may have disclosed the following categories of personal information (as described above) for a business purpose: 

  • Identifiers.
  • California Customer Records personal information categories.
  • Protected classification characteristics under California or federal law.
  • Commercial information.
  • Professional or Employment-related information.

In the preceding twelve (12) months, we have not disclosed sensitive personal information for a business purpose.

We disclosed your personal information for a business purpose to the following categories of third parties: 

  • Service providers.
  • Contractors.

3.2.    Sales of Personal Information or Sensitive Personal Information

In the preceding twelve (12) months, we have not sold any personal information or sensitive personal information. 

3.3.    Sensitive Personal Information Use and Disclosure Limitations

We have not and will not use or disclose to a service provider, contractor, or other third party, sensitive personal information for purposes other than the following:

  • To perform services or provide goods that an average consumer requesting those goods or services would reasonably expect.
  • To help ensure security and integrity, if that use is reasonably necessary and proportionate.
  • To perform short-term, transient uses, including but not limited to non-personalized advertising shown as part of a consumer's current interaction with us.  
  • However, we will not:
    • disclose the sensitive personal information to another third party; or
    • use it to build a profile about you or otherwise alter your experience outside your current interaction with us.
  • To perform services, including:
    • maintaining or servicing accounts;
    • providing customer service;
    • processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing, storage, or providing similar services for the business.
  • To verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us.
  • To improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.
  • To perform other actions that CPRA regulations authorize.

4.    Your Rights and Choices 

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

4.1.    Access to Specific Information and Copy of Personal Information

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months and to request a copy of the specific pieces of personal information that we have collected about you in the prior 12 months (collectively, referred to as your ‘access’ right). Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The categories of personal information we disclosed or shared with a third party for a business purpose. 
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • The categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal information sold to each category of third party (if applicable). 

4.2.    Deletion Request Rights 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. 

We may deny your deletion request if an exception applies, such as regulatory or legal obligations or as required for servicing the account. 

4.3.    Correction Request Rights 

You have the right to request that we correct inaccurate personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will correct (and direct our service providers to correct) your personal information in our records, unless an exception applies. 

We may deny your deletion request if an exception applies, such as regulatory or legal obligations or as required for servicing the account. 

4.4.    Do-Not-Sell Rights

California residents also have the right to opt-out of the sale of their personal information by us, including the sharing of personal information for cross-context behavioral advertising.  As noted above, we do not sell personal information about California residents. 

4.5.    Right to Restrict Sensitive Personal Information Processing

California residents have the right to limit the use or disclosure of their sensitive personal information to just actions necessary to perform specific purposes under California law. As noted above, we do not collect, use, or disclose your sensitive personal information.

5.    Exercising Access, Data Portability, Correction, and Deletion Rights

To exercise the access, data portability, correction, and deletion rights described above, please submit a verifiable consumer request to us by emailing us at privacy@empower.me.

Only you, or someone legally authorized to act on your behalf (an “authorized agent”), may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. 

5.1.    Request Verification

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. 

We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. 

5.2.    Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

We will deliver our written response by mail or electronically, at your option. 

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. 

5.3.    Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. 

6.    Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice's effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.