Effective Date: Sept 15th, 2021
Please note, this Privacy Notice is available at www.alchemus.com and its related domains and subdomains.
Introduction
Inegen Inc. and its subsidiaries. (collectively, “Inetgen,” “Alchemus,” or “us”), respects the privacy of its subscribers, prospects, business partners, event attendees, employees, job applicants, and website and mobile application users (collectively, “you”), and we are committed to protecting their respective personal data. To that end, we have put together this Privacy Notice (“Privacy Notice”) to give you a better understanding of who we are and our practices with respect to the collection, use, disclosure, and retention of personal data obtained in connection with the use of our Website and our marketing efforts.
For purposes of this Privacy Notice:
• The term “personal data” means any information which relates to an identified or identifiable, living individual that directly or indirectly references one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity. Personal data excludes anonymous data.
Please take the time to read this Privacy Notice and the related statements in their entirety to ensure you are fully informed. If you have any questions or concerns about our processing of your personal data, please contact us by using the contact details under the “Contact Information” heading below.
Our Privacy Notice covers our privacy practices with respect to the collection, use, and disclosure of personal data obtained in connection with the use of our Subscription and related services, including professional services and trainings that we provide to Subscribers. It also describes our privacy practices with respect to Subscriber and partner contact information we process for Subscriber account, contract, and billing management purposes (e.g., the processing of Subscriber address and billing information) in connection with the use of our products and services and services, or technology provided by our partners to our Subscribers. For clarity, Inetgen collects personal data under the direction of its Subscribers and has no direct relationship with the Subscribers’ candidates. If you are a candidate of one of our Subscribers, please contact that Subscriber.
How We Obtain Your Personal Data
As further described below, we collect several types of personal data from and about you that broadly falls into the following three (3) categories:
1. Personal data you voluntarily provide to us:
• When filling out forms on our Website.
• When you register for a demo of one of our products or services.
• When you enter a contest or promotion we sponsor.
• When you contact us.
• When you complete one of our surveys.
• When you register for or attend an event.
• When you visit our corporate offices.
In each case, the personal data collected may include (but is not limited to):
• First name
• Last name
• Business mailing address
• Business email address
• Business telephone number
• Company or organization name
• Job title or role
If we ask you to provide any other personal data not described above, then the personal data we will ask you to provide, and the reasons why we ask you to provide it, will be made clear to you at the point we collect it. If we ask you to provide personal data that we consider to be mandatory for us to administer your relationship with us, we will inform you of such at the time of collection. In addition, we will also inform you of the consequences for not providing us with the mandatory personal data.
2. Personal data from third parties.
From time to time, we may collect and use personal data we receive about you from third parties in connection with your use of the Website or attendance at an event. For instance, we may receive personal data about you from our business partners related to your registration information for events. We also use third parties for reporting and analytics to measure the effectiveness of our Website and marketing efforts, and to identify areas for improvement.
We may combine personal data we collect from third parties with personal data you provide us to update, expand, or provide you with tailored information regarding our products, services, and events.
3. Data we collect as you navigate through the Website.
As is true of most websites, we gather certain data automatically. This data may include Internet protocol (“IP”) addresses, browser type, Internet service provider (“ISP”), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
Inetgen and its third parties use cookies or similar technologies to analyze trends, administer the Website, track users’ movements around the website, and to gather demographic data about our user base as a whole. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service. You can also manage your preferences for the Website’s cookies by using the Cookie Preference Centers found in the Website’s cookie banners, and which can also be accessed here: Cookie Settings.
How We Use Your Personal Data
We may use personal data that we collect about you for the following purposes:
• To operate, maintain, and improve our Website.
• To communicate with you about events or register you for events you sign up for with us.
• To provide you access to our corporate offices.
• To provide you with information, products, or services that you request from us.
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and Inetgen, including, but not limited to, our Website Terms of Use.
• To notify you about changes to our Website or obtain any required consent.
• To allow you to participate in interactive features of our Website, when you choose to do so.
• For industry analysis, benchmarking, analytics, marketing, and other business purposes.
• To track your browsing actions, such as the pages you visited over time, for analytics and advertising purposes.
• To contact you for marketing purposes, in accordance with your marketing preferences (e.g., we may use your personal data to contact you to further discuss your interests in our services and products or other events), including, but not limited to, promotional offers for our own or third parties’ products or services. If you do not wish to receive our email marketing communication for promotional purposes, you may opt out by clicking on the “unsubscribe” or “opt out” link in the marketing e mails we send you.
• To comply with applicable laws, judicial requests from courts of competent jurisdiction, or exercising or defending legal rights.
• To prevent and detect fraud or other types of wrongdoing.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by us is among the assets transferred.
• To fulfill the purpose for which you provide it.
• For other lawful or legitimate purposes, which may be reasonably required for day-to-day operations.
•
Inetgen may aggregate and/or de-identify personal data (“Aggregated Data”) and use, disclose, distribute, and publish Aggregated Data for statistical, analytical, machine learning and product enhancement purposes. Inetgen employs reasonable and technically appropriate measures designed to prevent the re-identification of such personal data by a third-party. Aggregated Data may be shared with third parties for research and other purposes.
• 1.4. We will only share your personal data with third parties (our agents) in the ways that are described in our customer agreements and this Privacy Policy. We do not sell your personal data to third parties. Additionally, our employees are trained on privacy obligations and subject to confidentiality obligations and only have access to personal data as necessary for our business purposes and their own duties
•
We may also partner with third parties to either display advertising on our Website or to manage our advertising on other sites. Our third parties may use technologies such as cookies to gather data about your activities on the Website and other websites to provide you advertising based upon your browsing activities and interests. If you wish to not have this data used for the purpose of serving you interest-based ads, you may opt-out from many third parties through the Digital Adverting Alliance’s self-regulatory opt-out by clicking here or the Network Advertising Initiative’s self-regulatory opt-out by clicking here (or if you are located in the Economic European Area (“EEA”), the United Kingdom (“UK”), or Switzerland through the European Interactive Digital Advertising Alliance’s self-regulatory opt-out by clicking here). Please note that you will continue to receive generic ads. If you do not want your data collected with Google Analytics, you can install the Google Analytics opt-out browser add-on. To opt-out of Google Analytics, visit the Google Analytics opt-out page (located at https://tools.google.com/dlpage/gaoptout) and install the add-on for your browser.
If we need to process your personal data for an incompatible purpose not discussed in this Privacy Notice, we will provide notice to you and, if required by law, seek your consent. We may process your personal data without your knowledge or consent only where required by applicable law. Lastly, Inetgen does not subject you to automated decision-making.
How We Share Your Personal Data
Inetgen takes care to allow your personal data to be accessed only by those who need such access to perform their tasks and duties, and to third parties who have a legitimate purpose for processing or accessing it. As such, we may share your personal data as described in this Privacy Notice to the following categories of recipients:
• To our subsidiaries, affiliates, or their or our successors or assigns.
• To our private equity investor, Vista Equity Partners, and its affiliates, contractors, service providers, and other third parties, including Vista Consulting Group, which will process the personal data on the basis of its legitimate interests in overseeing the administration, research, and business operations of Inetgen.
• To our contractors, business partners, service providers, and other third parties who require the data to assist us in supporting our business (e.g., third-party hosting facilities) or third parties with products, services or positions that may be of interest to you, provided such parties provide at least the same level of privacy protection as is required of Inetgen. These companies are authorized to use your personal data only as necessary to provide these services to us.
• To a potential buyer (and its agents and advisors) in connection with any proposed merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution or liquidation), in which case, personal data held by us about you will be among the assets transferred to the buyer or acquirer.
• To a third party under the following circumstances where we, in good faith,: (i) believe we are compelled by applicable law or regulation, judicial request from a court of competent jurisdiction, or another legal process or government authority; (ii) find it necessary to exercise, establish or defend our legal rights; (iii) seek to enforce or apply our Website Terms of Use or terms of any other agreement; (iv) seek to protect Inetgen’ rights or property; (v) seek to protect Inetgen, our Subscribers, or the public from harm or illegal activities; (vi) seek to respond to an emergency which we believe, in good faith requires us to disclose data to prevent harm; or (vii) rely on your consent.
Please note that we do not sell (as defined in applicable data protection and privacy laws) your personal data (and will not sell it without providing any required notices and/or opt-in/opt-out rights).
Legal Basis for Processing Personal Data
If you are a resident of the EEA, the UK, or Switzerland, our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the context in which we collect it. However, we will normally collect and/or process your personal data pursuant to one or more of the following legal bases:
• The processing is in our legitimate interests which do not override your data protection interests or fundamental rights and freedoms.
• The processing is necessary to perform a contract with you.
• The processing is necessary to comply with our legal obligations.
• We may also seek your consent to process or retain your personal data in certain, limited circumstances that we clearly identify to you.
• In some limited cases, we may need the personal data to protect your vital interests or those of another person; for example, we may need to share your personal data with third parties for security reasons (when we believe in good faith that disclosure is necessary to protect our rights, protect your or others’ safety, to investigate fraud, or respond to a related government request).
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and let you know whether the provision of your personal data is mandatory or not (as well as the possible consequences if you do not provide it). Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of a third party) that are not listed above, we will make clear to you at the relevant time what those legitimate interests are. If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details provided in the “Contact Information” section below.
International Transfers
Inetgen or its appointed service providers may collect, use, process, store and disclose your personal data outside of your home jurisdiction, including in the U.S., and in some cases, other countries, for the purposes described in this Privacy Notice. These countries may have data protection and privacy laws that are different than the laws of your home country. Inetgen only transfers personal data to another country in accordance with applicable data protection and privacy laws, provided there are legally adequate protections in place for the personal data.
If your personal data is processed within the EEA, the UK, or Switzerland, and for onward transfers of personal data to Inetgen’ appointed service providers, Inetgen and its appointed services providers will protect your personal data (as defined in the European Union’s (“EU”) General Data Protection Regulation (“GDPR”)) when it is transferred outside of the EEA, UK, or Switzerland by:
• Processing it in a territory which the European Commission (or other relevant governmental authority) has determined provides an adequate level of protection for personal data; or
• Otherwise implementing appropriate safeguards to protect your personal data, including through the use of Standard Contractual Clauses or another lawful transfer mechanism approved by the European Commission (or other relevant governmental authority).
Although Inetgen does not rely on the Privacy Shield Frameworks to protect personal data when it is transferred from the EEA, UK, or Switzerland to the U.S., Inetgen, Inc. and certain of its subsidiaries continue to participate in and certify their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework and subject all personal data received from the EEA, the UK, and Switzerland to the Privacy Shield Principles.
If you require further information about our international transfers of personal data, please contact us by using the contact details under the “Contact Information” heading below.
Data Security
Inetgen employs reasonable and appropriate security measures to protect against the loss, misuse, and alteration of the personal data it processes. When the Service is accessed using Microsoft Internet Explorer versions 8.0 or higher, Transport Layer Security (TLS) technology protects information using both server authentication and data encryption to help provide that personal data is safe, and secure while in transit. Inetgen also implements an advanced security method based on dynamic data and encoded session identifications, and hosts the Service in a secure server environment that uses a firewall and other advanced technology to protect against interference or access from outside intruders. Finally, Inetgen provides individual usernames and passwords that must be entered each time a customer logs on. These safeguards help protect against unauthorized access, maintain data accuracy, and provide for the appropriate use of personal data. Nevertheless, no method of transmission over the Internet, or method of electronic storage, is one hundred percent (100%) secure, however. Therefore, we cannot guarantee absolute security. If you have any questions about security on our Service, please contact us at privacy@Inetgen.com.
7. Links to Third Party Sites
Our Service includes links to other Web sites whose privacy practices may differ from those at www.Inetgenstaffing.com and https://bbo.Inetgenstaffing.com. If you submit personal data to any of these sites, your information is governed by the applicable third-party’s privacy policies and we are not responsible for it. We therefore encourage you to carefully read any notices provided through a hyperlink and the privacy policy of any Web site you visit and raise questions directly with these other providers.
EU-U.S. and Swiss-U.S. Privacy Shield Framework
Inetgen, Inc. and certain of its subsidiaries participate in and have certified their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Inetgen is committed to subjecting all personal data received from the EEA, the UK, and Switzerland in reliance on each Privacy Shield Framework to the Privacy Shield Principles. To learn more about the Privacy Shield Frameworks and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield list
Inetgen is responsible for the processing of personal data it receives, under GDPR and each Privacy Shield Framework, and subsequent transfers to a third party acting as an agent on its behalf. Inetgen complies with GDPR and the Privacy Shield Principles for all onward transfers of personal data from the EEA, the UK, and Switzerland, including the onward transfer liability provisions.
Inetgen recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR transfer personal data to jurisdictions outside the EEA. Inetgen also recognizes Switzerland’s announcement that the Swiss-US Privacy Shield Framework does not provide an adequate level of protection to transfer personal data from Switzerland to the U.S. Although Inetgen now relies on Standard Contractual Clauses or other lawful transfer mechanisms approved by the European Commission (or other relevant governmental authority) to transfer personal data from the EEA, the UK, and Switzerland, Inetgen will continue to maintain its Privacy Shield certification and will continue to honor its obligation to comply with the Privacy Shield Principles with respect to data that was previously transferred pursuant to the EU-U.S. Privacy Shield Framework and/or the Swiss-U.S. Privacy Shield Framework.
With respect to personal data received or transferred pursuant to GDPR, Inetgen is subject to the regulatory enforcement powers of the EU in conjunction with the U.S. Federal Trade Commission. For each Privacy Shield Framework, Inetgen is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain circumstances, Inetgen may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with GDPR and the Privacy Shield Principles, Inetgen commits to resolve complaints about our collection and use of your personal data. EEA, UK, and Swiss individuals with inquiries or complaints regarding our privacy practices should first contact Inetgen as provided in the “Contact Information” section below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Security and Breach Notification
Inetgen maintains appropriate technical and organizational measures, including, but not limited to, reasonably designed administrative, physical, and technical safeguards, designed to protect the personal data obtained as discussed in this Privacy Notice from accidental or unlawful destruction, loss, alteration, unauthorized disclosure and access. Inetgen personnel and service providers with access to personal data collected as discussed in this Privacy Notice are required to keep such personal data confidential and secure. Inetgen has a dedicated team responsible for monitoring and responding to security events, and it notifies applicable parties of security or privacy incidents and data breaches in accordance with as per applicable law.
Data Retention
Unless a longer retention period is required by law, we will retain your personal data for as long as is needed to fulfill the purposes outlined in this Privacy Notice, or for as long as we have a legitimate business interest that is not outweighed by your data protection interests or fundamental rights and freedoms. When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible (e.g., because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. As such, we reserve the right to use such anonymous data for any legitimate business purpose without further notice to you or your consent.
Cookies and Similar Technologies
For information about the cookies and other tracking technologies used by our Website and how to manage your settings for these cookies and technologies,
How We Use Cookies, Log Files, Social Media Plug-ins and Other Tracking Technologies
2.1. Technologies such as cookies or similar technologies are used by Inetgen and our partners, affiliates, or our service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
2.2. Log in files: We gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, the files viewed on our site (e.g., HTML pages, graphics, etc.), to analyze trends in the aggregate and administer the Site. We do link these automatically-collected data sets to personal data of you that we may have already stored.
2.3. Cookies: We use cookies to remember users’ settings (e.g. language preference), and for your authentication when you visit the Site or use the Service, as the case may be. The following information will help you to understand the different types of cookies used:
2.3.1. Strictly necessary cookies are required for the operation of the Site. These include, for example, cookies which are necessary for users to create an account or login to secure areas of the Site, and cookies that are required to show error or success messages to users.
2.3.2. Session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. This information allows Inetgen to process your transactions and requests. Session cookies help us make sure you are who you say you are after you’ve logged in and are required to use the Inetgen application.
2.3.3. Persistent cookies that only Inetgen can read and use, to identify the fact that you are a Inetgen customer or a visitor, who has registered for the Inetgen Community, to identify and maintain your preferences such as language, country and last check out or to receive certain types of content. Persistent cookies remain on your computer after you’ve closed your browser or turned off your computer. They include such information as a unique identifier for your browser. We are careful about the security and confidentiality of the information stored in persistent cookies. For example, we do not store account numbers or passwords in persistent cookies. Users or visitors who disable their Web browsers’ ability to accept cookies will be unable to use all aspects of our service or the Inetgen Community.
2.3.4 Targeting cookies which store a user’s username, the referring user if using the referral network and the referral source to the Site.
2.3.5. The following third party, performance, and targeting cookies could be used:
• HubSpot: the Site uses cookies from HubSpot to track user behaviors and market to users based on their behaviors.
• DoubleClick: the Site uses cookies from DoubleClick to track user behaviors and market to users based on their behaviors.
• Marketo: the Site uses cookies from Marketo to improve user experience and shorten contact forms for visitors that have previously visited the Site.
• LinkedIn: the Site uses cookies from LinkedIn to track user behaviors and market to users based on their behaviors.
• BrightFunnel: the Site uses cookies from BrightFunnel to track user behaviors and market to users based on their behaviors.
• Lead Forensics: the Site uses cookies from Lead Forensics to track user behaviors and market to users based on their behaviors.
• Freshmarketer: the Site uses cookies from Freshmarketer to track users’ reactions to A/B tests. A/B tests are the creation of two or more versions of a website or portion thereof to determine which one performs better.
• Google Analytics: the site uses cookies from Google Analytics to track anonymous interactions and visits.
• Drift: this site uses cookies from Drift to track user behaviors and provide a chat bot based on user behaviors.
2.3.6. Functional cookies which store user ids and enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Please note that other third parties may also use cookies. These cookies are likely to be analytical/performance cookies or targeting cookies and include, for example, those from advertising networks or providers of external services.
2.3.7. Strictly necessary cookies are necessary for the website to function. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
2.4. Opt-out: You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited. Many browsers allow a private mode to be activated through which the cookies are always erased after the visit. Depending on each browser, this private mode can have different names. The following is a list of the most common browsers that support the minimum recommended level of encryption TLS 1.2. Each browser type has a different name for “private mode”:
• Internet Explorer 11 and later versions = In Private
• Safari 7 and later versions = Private Navigation/Browsing
• Opera 17 and later versions = Private Navigation/Browsing
• Mozilla Firefox 27 and later versions = Private Navigation/Browsing
• Google Chrome 30 and later versions = Incognito
2.5. Targeted Advertisement: We partner with third parties to either display advertising on our Site or to manage our advertising on other sites. Our third-party partners may use cookies or similar technologies to gather information about your activities on this Site and other websites to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking http://optout.aboutads.info (or if located in the European Union click or http://www.youronlinechoices.eu). Please note this does not opt you out of generic ads. You will continue to receive generic ads.
2.6. Social Media (Features) and Widgets: Our Site includes social media features, such as LinkedIn. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing it.
2.7. Blogs: Our Site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal data from our blog or community forum, contact us at privacy@Inetgen.com. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why. Alternatively, if you used a third-party application to post such information, you can remove it, either by logging into the application and removing the information, or by contacting the appropriate third party application.
Your Privacy Rights
Certain jurisdictions may provide you with privacy rights under applicable data protection or privacy law regarding your personal data. In particular, you may have the right to:
• be informed about your personal data;
• access your personal data;
• correct any personal data that is inaccurate;
• have your personal data erased;
• restrict or suppress the processing of your personal data;
• obtain and reuse your personal data;
• object to the processing of your personal data;
• object to how your personal data is used in automated decision making, if applicable.
• lodge a complaint with a supervisory authority; and
• obtain a copy of Standard Contractual Clauses (if applicable).
These rights may be limited, for example, if fulfilling your request would reveal personal data about another individual, or if you ask us to delete personal data which we are required by law to keep or which we need to defend claims against us.
If you do not wish to receive our email marketing communication for promotional purposes, you may opt out by clicking on the “unsubscribe” or “opt out” link in the marketing e mails we send you.
If we process your personal data in reliance upon your consent, you can contact us at any time to withdraw your consent.
To exercise any of these rights, please contact us by using the contact details under the “Contact Information” heading below.
We will respond to such requests in accordance with the requirements of applicable data protection laws. Please note that in order to fulfil your request, we may need you to provide certain personal data to verify your identity. Depending upon applicable data protection and privacy law, individuals may also designate an authorized agent to exercise these rights on their behalf.
Third-Party Websites and Applications
This Website may link to websites that are not owned or controlled by Inetgen. As such, this Privacy Notice does not apply to personal data collected on any third party site or by any third party application that may link to or be accessible from the Website. This Privacy Notice does not apply to personal data collected by Subscribers, our business partners, and other third parties or third party applications or services, even if this personal data is collected using our Website or at events.
No Service to Minors
The Website is not directed to or intended to be used by anyone under the age of 13. We do not knowingly collect personal data from anyone under the age of 13. If you are under 13, please do not attempt to fill out our forms or send any personal data about yourself to us. If we learn that we have collected personal data from a child under age 13, we will delete that data promptly.
Changes to this Notice
Inetgen reserves the right to update or change this Privacy Notice from time to time. If we make material changes to this Privacy Notice, we will post it to our Website home page prior to or at the time of the change becoming effective. We ask that you review the Privacy Notice periodically to stay informed about any updates or changes that we may have made.
You can see when this Privacy Notice was last updated by checking the “Effective Date” displayed at the top of this Privacy Notice.