RUBY RECEPTIONISTS, INC

PRIVACY POLICY

Last Updated: November 2023

Ruby Receptionists, Inc., our subsidiary Pure Chat, Inc., (collectively, “Ruby,” “us,” “we,” or “our”) takes the privacy of our customers, our customers’ end users, and our website visitors (“User”, “you” and “yours”) very seriously. This Privacy Policy outlines our policies on the privacy of Personal Information (as defined herein) that we collect via the Internet and/or delivery of our Services (as defined in our Service Terms and Conditions located at https://www.ruby.com/terms/. (“Terms”).  Capitalized terms used herein but not defined will have the meaning given them in our Terms.  If you have any questions on the use of information collected on our Site or used for the delivery of our Services, please feel free to contact us at billing@ruby.com.

As used in this Privacy Policy, “Personal Information” means information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, such as:

  • Identifiers (e.g., name, address, telephone number, email address, username);
  • Sensitive Personal Information (e.g., government identification number; racial or ethnic origin; religious beliefs; health information; contents of messages when we are not the recipient);
  • Protected classification information (e.g., race, citizenship, marital status, medical condition, sex, sexual orientation, veteran or military status);
  • Biometric information (e.g., voice, keystrokes, behavioral or biological characteristics);
  • Internet or other similar activity (e.g., browsing history, content interactions);
  • Employment-related information (e.g., current or past employment);
  • Non-public educational information, including information protected under the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99);
  • Commercial information (e.g., products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies); and
  • Inferences drawn from Personal Information to create a profile about preferences, characteristics, trends, predispositions, behavior, attitudes, intelligence, and aptitudes.

Personal Information does not include (i) publicly available information; (ii) aggregate information, meaning data about a group or category of Services or Users from which individual identities and other Personal Information has been removed; or (iii) deidentified information that cannot be easily linked back to the individual. We collect your Personal Information (a) with your consent; (b) if we have a legitimate interest in doing so; or (c) as authorized or required by law.  Personal Information as used herein includes Personal Data as defined by applicable law. We collect Personal Information from these sources:

Consumers. We interact with consumers (“Consumers”) who call, text, message, or communicate with us as a service provider to you and our other customers (“Customers”):

  • We collect and use Personal Information from Consumers via phone, text, chat, text-to-chat, email, SMS, MMS, or other channels as needed to provide our Services to our Customers.
  • If you are a Consumer contacting one of our Customers, we may collect your contact information or other identifiers, as well as Personal Information like the contents of your message to our Customer you are contacting. We collect this information to support our Customers in their efforts to assist you.

Customers. We collect and use Personal Information from our Customers with your consent and according to your instructions, as follows:

  • When you sign up as a Customer, we will collect information about your company such as name, email, phone, and other identifiers for yourself or your employees.
  • You as a Customer may provide us with your employee’s identifiers or employment-related information to include the employee in your list of potential call recipients, grant the employee access to our software or other Services or include your employee in our marketing communications. You and any of your employees may opt-out of receiving marketing communications from us at any time. If you opt-out of marketing communications, we may continue to send you product and support messages to keep you updated on the Services you receive.
  • We collect any information you submit via the mobile application, Customer self-service portal, or other software, such as account profile information and any Personal Information included in communications with us related to your subscription and/or our Services.
  • If you collect technical information about your Consumers’ online activities, you may share that information with us. We may combine this information with other data to gather feedback about our software and to run reports on your behalf. We only use the information you provide to us in our capacity as a service provider as permitted by our Agreement with you or as permitted by law. You may use this information for your own purposes according to your own privacy practices.

Note that you are solely responsible for ensuring you are authorized to share Personal Information with us for any purpose. We reserve the right to refuse your instructions to collect or process Personal Information about another individual without their consent or in a manner or for a purpose that we determine violates others’ privacy or publicity rights or otherwise violates our Terms, and such instructions may result in termination of Services at our option. We are not responsible for the privacy practices of any of our Customers or any third party.

Your Inquiries. If you contact us as a potential new Customer, Site visitor, or for any other reason, we will collect Personal Information from you to respond to your inquiry:

  • If you request information about our Services, through an online form, via chat, by text, email, or by phone, we will collect your name, email address, and other contact information as needed to provide you with the information you request. We collect this information with your consent, and we use it for the purposes stated at the time of collection, to provide you with our Services, and to communicate with you or send you direct marketing communications.
  • Where state law allows, if you participate in a phone call with a member of our team, we may record the call. We engage in call recording for quality monitoring, and training, to improve our Services, and for other internal business purposes. If you are in a state that requires notification, you will be notified if your call is being recorded. By staying on the line after receiving the notification, you consent to the call recording. If you do not consent to call recording, you may end the call or ask not to be recorded.

SECURITY
Our Site takes every precaution to protect our Users’ information. When you submit sensitive information via our Site, your information is protected both online and off-line. If we ask you to enter information, such as a credit card number and/or a social security number, that information is encrypted using SSL. While on a secure page, the lock icon on the bottom of Web browsers such as Microsoft Internet Explorer becomes locked, as opposed to un-locked, or open, when you are just “surfing.”

While we use SSL encryption to protect sensitive information online, we also do everything in our power to protect your information off-line. All of your information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing staff or a customer service representative) are granted access to Personal Information. Our employees are kept up-to-date on our security and privacy practices.

COOKIES
A cookie is a piece of data stored on your hard drive containing information about you. The usage of a cookie is not linked to any Personal Information while on our Site. Once you close your browser, the cookie simply terminates. For instance, by setting a cookie on our Site, you would not have to log in with a password more than once, thereby saving time while on our Site. If you reject the cookie, you may still use our Site. Cookies can also enable us to track and target your interests to enhance the experience on our Site.

WEB SERVER LOG FILES
We use IP addresses to analyze trends, administer our Site, track Users’ movements, and gather broad demographic information for aggregate use. IP addresses are not linked to Personal Information.

SHARING
We may disclose Personal Information for a business purpose to:

  • We work closely with our affiliated companies (“Affiliates”) to identify mutual or shared Customers and offer enhanced, integrated, or co-branded Services. If you use an integrated Affiliate service with our Services, we may disclose Personal Information collected about or on your behalf to one another to provide the integrated Services. For example, we share Personal Information for customer support purposes, marketing, or technical operations.
  • Professional Associations. If a Customer is a member of a professional association with which we have a referral or affinity agreement, we may pay a referral fee to your professional association and, if requested by the association, disclose your name and contact information and the type or amount of our Services used by you as an association member.
  • Service Providers. Vendors that provide us with services (“Service Providers”) may receive Personal Information to perform their contractual obligations. Our Service Providers include but are not limited to telecom providers, marketing companies, IT service providers, billing processors, and email and data hosting providers. For example, we may share identifiers to register your phone number or SMS campaign with our telecom provider, subject to their terms and conditions. We prohibit our Service Providers from selling or disclosing the Personal Information we provide, and we require all Service Providers to maintain confidentiality standards that are commercially reasonable to ensure the security of your Personal Information. The type of information that we provide to a Service Provider will depend on the service that they provide to us. To learn more about our Service Providers, read our Data Processing Agreement.
  • We may disclose Personal Information to Service Providers we use for advertising purposes (collectively, “Advertisers”) to serve targeted advertisements. We may directly share Customer names with the Advertiser or allow the Advertiser to collect and analyze cookie data from your use of our Site (see our Cookie Notice) to assist us with behavioral advertising.
  • Law Enforcement and Other Governmental Agencies. Additionally, if, in our sole discretion, we perceive that you are an imminent threat to your own physical safety or the physical safety of another person then we may disclose your Personal Information to law enforcement.
  • Other Third Parties. As permitted by applicable law. We may disclose Personal Information collected to other third parties, for example: (i) if we go through a business transition (e.g., merger, acquisition, or sale of a portion of our assets); (ii) to comply with a legal requirement or a court order; (iii) when we believe it is appropriate in order to take action regarding illegal activities or prevent fraud or harm to any person; (iv) to exercise or defend our legal claims; or (v) for any other reason with your consent.
  • Aggregated and Deidentified Information. We reserve the right to share aggregated, anonymized, or deidentified information for marketing, advertising, research or other purposes, without restriction.

LINKS
Areas of this Site may contain links to other websites. Please be aware that we are not responsible for the privacy practices of other such websites. We encourage our Users to be aware when they leave our Site to read the privacy statements of each and every website that collects Personal Information.

NOTIFICATION OF CHANGES
If we decide to change our Privacy Policy, we will post those changes on our Site so Users are always aware of what information we collect, how we use it, and under what circumstances we disclose it.

QUESTIONS
If you have any questions or concerns or would like more information on this Privacy Policy please email billing@ruby.com.

State SPECIFIC Privacy Laws

State laws, including the California Consumer Privacy Act (“CCPA”), the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”), and the Utah Consumer Privacy Act (“UCPA”) provide specific rights to Consumers within those states with respect to the Personal Information a covered business or controller collects from a User.  This includes rights to (1) request access to the Personal Information we collect about the User and (2) request deletion or correction of such Personal Information. As we obtain Personal Information from Consumers on behalf of our Customers, we may be asked to assist our Customers with responding to access and deletion requests under these state laws.

CCPA Application to us (California)

Under the CCPA, a “service provider” is defined as an entity that:

(i)         processes information on behalf of a business and

(ii)        to which the business discloses a Consumer’s Personal Information for a business purpose pursuant to a written contract that prohibits the entity receiving the information from retaining, using, or disclosing the Personal Information for any purpose other than for the specific purpose of performing the services specified in the written or as otherwise permitted under the CCPA.

Pursuant to our agreements with our Customers, we act as a service provider for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in our agreements.

For Deletion Requests:

With respect to data collected by service providers, the CCPA provides a specific exception to deletion requests where data is maintained by a “business or a service provider” in order “to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business and compatible with the context in which the consumer provided the information.” Cal. Civ. Code sect. 1798.105.

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of serving our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the CCPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing our Services to our Customer with whom the Consumer has a relationship. We are therefore using the Consumer’ Personal Information ‘to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumers’ relationship with the business and compatible with the context in which the consumer provided the information.’ Accordingly, we are not obligated to delete Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal Information in response to such requests.

For Data Access Requests:

If our Customer receives a data access request from a California Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access a specific Consumer’s Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

For Correction Requests:

If our Customer receives a correction request from a California Consumer and determines that, we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Our Customer may then submit any correction to the data necessary and we will create a separate record noting the correction.  Note: our records are read-only and may not be modified, so the corrected data will exist in a new record, but will not remove the old record.

VCDPA Application to us (Virginia):

Under the VCDPA, a processor is defined as “a natural or legal entity that processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in our agreements with our Customers.

For Deletion and Correction Requests:

The VCDPA does not limit a processor’s ability to collect, use or retain data to: “Perform internal operations that are reasonably aligned with the expectations of the consumer or reasonably anticipated based on the consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a consumer or the performance of a contract to which the consumer is a party.”  Va. Code Ann. § 59.1-582

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the VCDPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing Services to our Customer with whom the Consumer has a relationship. We are therefore using the Personal Information in a way ‘reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a Consumer.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete or modify Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Virginia Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CPA Application to us (Colorado)

Under the CPA, a processor is defined as “a person that processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The CPA does not restrict a processor’s ability to: “perform internal operations that are reasonably aligned with the expectations of the Consumer based on the Consumer’s existing relationship with the controller.”  § 6-1-1304et seq, C.R.S.

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the CPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing a service to our Customer with whom the Consumer has a relationship. We are therefore using the Personal Information in a way ‘that [is] reasonably aligned with the expectations of the Consumer based on the Consumer’s existing relationship with the controller.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete or modify Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Colorado Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CTDPA Application to us (Connecticut):

Under the CTDPA, a processor is defined as “an individual who, or legal entity that, processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The CTDPA does not limit a processor’s ability to collect, use or retain data to: “Perform internal operations that are reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a Consumer or the performance of a contract to which the Consumer is a party.”  CTDPA § 10 (b)(4).

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the CTDPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing a service to our Customer with whom the Consumer has a relationship we are therefore using the Personal Information in a way ‘reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Connecticut Consumer and determines that, we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

UCPA Application to us (Utah):

Under the UCPA, a processor is defined as “a person who processes personal data on behalf of a controller.”  Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The UCPA does not limit a processor’s ability to process Personal Information to perform an internal operation that is: “(i) reasonably aligned with the Consumer’s expectations based on the Consumer’s existing relationships with the controller; or (ii) otherwise compatible with processing to aid the controller or processor in providing a product or service specifically requested by a Consumer or a parent or legal guardian of a child or the performance of a contract to which the Consumer or a parent or legal guardian of a child is a party.”  UCPA § 13-61-304(1)(m).

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the UCPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing Services to our Customer with whom the Consumer has a relationship. We are therefore using the Personal Information in a way ‘reasonably aligned with the Consumer’s expectations based on the Consumer’s existing relationships with the controller; or otherwise compatible with processing to aid the controller or processor in providing a product or service specifically requested by a Consumer.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Utah Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

California Privacy Policy

Your privacy is important to us at RUBY, and its affiliates and subsidiaries (“we,” “us,” or “our”), and we are committed to safeguarding, preserving, and respecting your privacy rights.  If you are a California resident, you have certain rights with respect to the collection, use, transfer, and processing of your personal information, as defined by the California Consumer Privacy Act (“CCPA”), Cal. Civ. Code § 1798.100 et seq., as amended by the California Privacy Rights Act (“CRPA”) and implementing regulations. 

This California Privacy Policy (“Policy”) describes how we collect, use, share, disclose, retain, and secure the personal information we gather about you through our website, http://www.ruby.com/ (the “Site”), and when you interact with us as a customer or otherwise (collectively, the “Services”) when you use our Site.  This Policy does not apply to information collected from employees, job applicants, directors, contractors, or others within the employment context.  Those individuals should review our Employee Privacy Policy for more information on their data collection and use.  

We reserve the right to limit these rights where permitted under applicable law, including where your identity cannot be reasonably verified or to the extent your rights adversely affect the rights and freedoms of others. 

What Information Do We Collect?

The below examples are illustrative examples from the CCPA and do not reflect the specific pieces of information we collect. 

In the previous 12 months, we have collected the following categories of personal information:

Category[1]

 

Examples

 

Collected

 

Retention Period

A. Identifiers

 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

Yes

Duration of the relationship or as required by law

B. Personal Information

 

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

Yes

Duration of the relationship or as required by law

C. Protected Classification Characteristics Under California or Federal Law

 

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

No

N/A

D. Commercial Information

 

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes

Duration of the relationship or as required by law

E. Biometric Information

 

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

No

N/A

F. Internet or Other Similar Network Activity

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

Yes

45 months

G. Geolocation Data

Physical location or movements.

Yes

26 months

H. Sensory Data

 

Audio, electronic, visual, thermal, olfactory, or similar information. 

Yes

Duration of the relationship or as required by law

I. Professional or Employment-Related Information

Current or past job history or performance evaluations.

No

N/A

J. Non-Public Education Information

 

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

No

N/A

K. Inferences Drawn of the Consumer

 

Inferences drawn from personal information identified above to create a profile about a consumer reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Yes

26 months

L. Sensitive Personal Information

Personal information that reveals (a) Social Security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credential allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; or (f) genetic data. 

Biometric information processed for the purpose of uniquely identifying a consumer, personal information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation.

Some Sensitive Personal Information included in this category may overlap with other categories.

Yes

Duration of the relationship or as required by law

Sources From Which Personal Information Is Collected

We collect your personal information directly from you, from your interaction with the Services, from publicly available sources, and from third parties, which collect the personal information directly from you. 

Business or Commercial Purposes for Which Personal Information Is Collected

Your personal information is used for the following purposes:

  • To present our Services and its contents in a suitable and effective manner for you and your device;
  • To contact you to provide you with information or services that you request from us;
  • To advertise opportunities, services, or special events that we think may be of interest to you;
  • To provide customer support, troubleshoot issues, manage accounts, and respond to requests, questions, or comments;
  • To carry out our obligations and enforce our rights arising from any contracts; and
  • To notify you about any additions, upgrades, or changes in our services.

Third Parties with Whom Personal Information Is Disclosed, Shared, or Sold

In the preceding 12 months, we have disclosed the following personal information about consumers for business purposes:

  • We disclose personal information in categories A (identifiers), B (personal), D (commercial), F (internet), G (geolocation), and K (inferences) with service providers.
  • We may disclose all of our information, including your personal information, with our subsidiaries and affiliates in connection with providing the Services to you or otherwise in connection with business operations.

In the preceding 12 months, we have shared for cross-contextual behavioral advertising the following the personal information in categories A (identifiers), B (personal), D (commercial), F (internet), G (geolocation), and K (inferences).

In the preceding twelve (12) months, we have not sold the personal information of any consumer for monetary consideration.  However, our use of cookies and other tracking technologies may be considered a sale of personal information under the CCPA.  Categories of personal information that we have sold under the CCPA include categories A (identifiers), B (personal), D (commercial), F (internet), G (geolocation), and K (inferences). Categories of third parties to whom personal information is sold under the CCPA include data analytics providers and advertising and marketing providers.

You can opt out of our tracking technologies for analytics and advertising service providers by clicking the Your Privacy Choices link or by broadcasting the Global Privacy Control signal during your browsing session.  Please note that your use of our Site will still be tracked by RUBY and its service providers.

In the preceding twelve (12) months, RUBY has not knowingly sold personal information of consumers under the age of sixteen (16) years of age.

We do not have actual knowledge that we sell or share the personal information of consumers under sixteen (16) years of age.

Individual Rights

Right to Know About Personal Information Collected, Disclosed, Shared, or Sold

You have the right to request that we disclose the personal information we collect, use, and disclose about you to third parties.  There are two types of Rights to Know requests that you can make:

  1. Right to Know (Abbreviated Request):  If you make a Right to Know (Abbreviated Request), you will receive the following information about you:
    1. Categories of personal information collected, sold, or shared;
    2. Categories of sources from which personal information is collected;
    3. Categories of third parties to whom the information is sold, shared or disclosed;
    4. Business or commercial purpose for collecting, sharing, or selling personal information;
    5. Categories of personal information disclosed for a business purpose and categories of persons to whom it was disclosed for a business purpose.
  2. Right to Know (Specific Pieces of Information Request):  If you make a Right to Know (Specific Pieces of Information Request), you will receive the following information about you:

Specific pieces of personal information collected about you.

This information will be provided to you free of charge, unless we determine that your request is manifestly unfounded or excessive.  You may request this information twice in a 12-month period.

There are certain exceptions to a consumer’s Right to Know.  We will state in our response if an exception applies.

Right of Deletion

You have the right to request that we and our service providers delete any personal information about your which we have collected from you upon receipt of a verifiable request.  This right is subject to certain exceptions.  We will state in our response if an exception applies.

Right to Opt-Out of the Sale or Sharing of Personal Information

You have the right to opt-out of the sale or sharing of your personal information by a business subject to certain laws and regulations.  

We recognize the Global Privacy Control.  Your browser must be able to support the Global Privacy Control (“GPC”) for us to recognize your opt-out preference signal.

Please note that opt-out choices may be stored via cookies.  If you clear cookies, if your browser blocks cookies, or if you view the page from a different browser or device, your opt-out choice may no longer be logged or recognized. 

For more information, please visit https://www.ruby.com/privacy/.

Right to Non-Discrimination

You have the right not to receive discriminatory treatment for exercising the privacy rights conferred by California law.  We will not discriminate against you because you exercised any of your privacy rights, including, but not limited to, by: denying goods or services to you; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; providing a different level of quality of goods or services to you; or suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.  We will also not retaliate against any employee, applicant for employment, or independent contractor for exercising their rights under the CCPA.

Right of Correction

If we maintain inaccurate personal information about you, then you have the right to request that we correct the inaccurate personal information upon receipt of a verifiable request.  Taking into account the nature of the personal information and purposes of processing the personal information, you have the right to request that we correct inaccurate personal information about you, if applicable. 

Right to Limit Use and Disclosure of Sensitive Personal Information

If we process Sensitive Personal Information, we will only do so for the purposes specifically authorized by California law and in a manner that is necessary and proportionate for those purposes.  As such, we do not perform any processing for which a Right to Limit request is available.

Submitting Requests

You can submit your request by emailing us at https://my.datasubject.com/16CVvZSmPFx0VPvo9/25350 or by toll-free phone at 1-800-207-7920

Verifying Requests

To ensure the protection of your personal information, we must verify that the individual submitting a request to know, request to delete, or request to correct is the consumer to whom the request relates prior to processing the request.  To verify a California consumer’s identity, we may request up to three pieces of personal information about you when you make a request to compare against our records.  We may also request that you sign a declaration under the penalty of perjury from the consumer whose personal information is the subject of the request. 

Making a verifiable consumer request does not require you to create an account with us. 

We will only use personal information provided in your request to verify your identity and will delete any information you provide after processing the request.  We reserve the right to take additional steps as necessary to verify the identity of California consumers where we have reason to believe a request is fraudulent.

Authorized Agents

You may choose a person or a business registered with the California Secretary of State that you authorize to act on your behalf to submit your requests (“Authorized Agent”).  If you choose to use an Authorized Agent, we require that you provide the Authorized Agent with written permission to allow them to submit your request and that you verify your identity directly with us.  Failure to do so may result in RUBY denying your request.

Contact Us

If you have any questions about this Privacy Policy, please contact us by email billing@ruby.com, via phone at 866-611-7829, or at:

Ruby Receptionists, Inc.

805 SW Broadway, Suite 900

Portland, OR 97205

[1] Categories of personal information are as defined in Cal. Civ. Code. § 1798.140(v).