Last Updated: February 13, 2024
We place the highest importance on respecting and protecting the privacy of our customers and users of our products and services. We want you to feel comfortable and confident when using the FFG Site and with entrusting your personal information to us.
We protect the confidentiality and security of your personal information by taking reasonable security measures, including physical, technological, and organizational procedures, designed to protect the integrity and security of that information.
- The information we collect and how we collect it.
- How we use the information we collect.
- When we disclose the information we collect to others.
- Measures we take to protect the integrity and security of the information we collect.
- California Residents
- How you can update or correct your personal information.
Personal Information We Collect and How We Collect It
We Collect Information That You Provide to Us
In order to use the FFG Site, we will ask you to register with us. As part of the registration process, we require that you provide us with certain information, including personal information such as your name and email address.
During the process of creating your Challenge plan, you will also have the option of providing some demographic and other information, including your gender, work and relationship status, education level, etc. You also have the option of answering general, descriptive questions about your financial situation.
You may submit comments, help requests, suggestions, problems, or other feedback to us through feedback functionality on the FFG Site or otherwise. If you choose to provide us with this sort of information, we may collect your email address and other information that you provide us in order to follow up with you and otherwise address or communicate with you with respect to your comments, requests, suggestions, or problems feedback.
Information We Collect Through Your Use of the FFG Site
We collect information about your interaction with and your use of the FFG Site, such as your IP address, your device, browser, and operating system type and version, event information such as device crashes, which pages you view, which page linked you to the FFG Site, and which link you select when you leave the FFG Site.
As most websites do, iGrad uses various technologies to collect information through your interaction with and use of the FFG Site. These technologies include cookies (small files that are sent to your browser or device when you visit a website which allows the website to recognize you when you visit again and permit storage of information such as user preferences) and may also include web beacons, clear GIFs, iGradxels and other iGradxel tags (small blocks of code that can be used to read and place cookies and transmit information), HTML5 and other local storage and caching (technology that allows an application or website to store and retrieve data on a user’s device) and similar technologies. For some of these technologies, your device or browser may offer settings that may enable you to disable the usage of such technologies. However, some services or features may not function properly or as well as a result, and the settings offered by your device or browser may only apply to that device or browser.
We Do Not Intend to Collect Information from Children Under Age 13.
We do not market the FFG Site to children under the age of 13, nor do we knowingly collect information from children under the age of 13.
How We Use the Information that We Collect.
We may use the information we collect in the following ways:
Associate You with Your Account
Tailor and Personalize the FFG Site
We use the information that you provide us, as well as information gathered through your interaction with and use of the FFG Site to tailor the content displayed on the FFG Site and personalize your experience to fit your needs. For example, by answering demographic questions or questions about your financial situation, the FFG Site may provide you with recommended goals and content that would be relevant to your situation. The FFG Site may also provide links to third-party sites and offerings, tailored to the information we collect from your interaction with and use of the FFG Site.
Provide Additional Information and Alerts
We may use your contact information to provide you with additional information, alerts, and updates regarding your account, the FFG Site, and your use of the FFG Site. For example, when you satisfactorily complete a course, we will use your contact information to provide you with a certificate of completion for that course and a report on how your financial knowledge, attitudes, and behaviors have changed. We may also use your contact information to provide you with information about our products and services and the programs and events of and other communications from or relating to the Subscriber through which you are using the FFG Site.
Create Aggregated and Other De-Identified Information
We may use the data we collect to create, publish, disclose, and use information from which we have removed personally identifiable information, for example by summarizing, aggregating, or removing certain data elements. We may use such non-identifiable information for any business purpose.
Understand the FFG Site Usage and Improve Our Offerings
We use the data we collect from your interaction with and use of the FFG Site and aggregated and other non-identifiable data we create to perform analytics, assess performance, and otherwise better understand the FFG Site activity. This allows us to better troubleshoot and resolve issues, to provide technical support assistance, and to improve the FFG Site offerings.
When We Disclose the Information that We Collect To Others.
Information Disclosed To Subscribers
We may disclose aggregated and other non-identifiable information about our users to our Subscribers and other third parties at our discretion, however, we will not disclose your individual responses to assessment and survey questions or your exam scores. We may disclose your contact information to the Subscriber through which you are using the FFG Site and certain information, such as that you passed the courses or completed the Challenge, for their internal use in administering the FFG Site offering and related programs and benefits. For example, a Subscriber may offer an incentive for employees that complete the Challenge, and we will provide that Subscriber with information as to employees that have completed the Challenge and their contact information in order for the Subscriber to provide that incentive to those employees. We may further disclose your contact information to the Subscriber through which you are using the FFG Site for their use in providing you with information regarding their products and services or for other marketing or promotional purposes.
Other Information Disclosures
We also may disclose information that we collect to third parties in the following circumstances:
We may disclose information to third parties who provide services to us, such as fraud detection services, business partners, services relating to data collection, processing, hosting and reporting, and analytics, for the purpose of providing such services to us.
For Legal Reasons
iGrad may release personal information it collects when iGrad believes that such release is appropriate to comply with the law (for example, pursuant to a subpoena, warrant, or court order), to protect against the fraudulent, abusive, or unlawful use of the FFG Site, to protect the rights or property of iGrad or others, to enforce any contract between you and iGrad and to investigate possible violations, or to prevent or address a situation involving danger of death or injury to any person.
Sale or Merger of iGrad
iGrad may merge with another entity or be sold or it might sell all or a portion of its business or assets relating to the FFG Site. In such an event, the information we collect from you may be transferred to or otherwise disclosed to another entity. We may also disclose information on a confidential basis in connection with or during negotiation of a merger, financing, acquisition, bankruptcy, dissolution, or similar transaction or proceeding.
With Your Consent
We may disclose personal information to third parties when you authorize us to do so. We will not disclose your personal information to affiliates or third parties for their direct marketing purpose without first obtaining your “opt-in” consent.
We may disclose aggregated, de-identified, or other non-personally identifiable information to third parties at our discretion
Measures We Take to Protect the Integrity and Security of the Information We Collect
We take reasonable security measures, including physical, technological, and organization procedures, designed to protect the integrity and security of personally identifiable information that we collect. For certain sensitive data, we use industry-standard encryption technology to protect such data during storage and transmission through our services. We also use industry-standard security technology such as firewalls designed to protect our network and systems from external attacks. Our contracts with our employees and with third parties that receive your personal information include standard provisions requiring them to maintain its security and confidentiality.
You play an important role in keeiGradng your information secure. Your account information is protected by a password that you select for your privacy and security. We encourage you to use “strong” passwords (that use a combination of upper and lower case letters, number, and symbols). Please also make sure to protect your account information and log off when you are done using the services, especially if other users have access to the device you are using to access the services. You should not share your user name, password, or other security information for your account with anyone. If we receive instructions using your user name and password, we will consider that you have authorized the instructions.
Please be aware that no protection measures are perfect or impenetrable. Although we believe the measures we take are reasonable, we cannot guarantee the absolute integrity and security of your personal information or that unauthorized third parties will never be able to defeat the security measures taken by us or others. We assume no liability or responsibility for disclosure of your information due to errors in transmission, unauthorized third-party access, or other causes beyond our control.
Personal Information We Have Collected
Through your interaction with FFG Site, we collect information that is defined as “personal information” under the CCPA, which is information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device. Personal information does not include publicly available information from government records, deidentified or aggregated consumer information or information excluded from the CCPA’s scope. We do not, however, collect any information qualifying as “sensitive personal information” under the CCPA through the FFG Site.
In particular, we have collected the following categories of personal information about consumers (i.e., California residents) within the last 12 months:
Categories Examples of Personal Information in the Category Collected ("Yes" or "No") A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. Yes, we have collected personal information included in this category. B. Personal information categories described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Please note that some personal information included in this category may overlap with other categories.
Yes, we have collected personal information included in this category. C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). Yes, we have collected personal information included in this category. D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. No, we have not collected personal information included in this category. E. Biometric information. Genetic (e.g., DNA), physiological, behavioral, or biological characteristics, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data. No, we have not collected personal information included in this category. F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. Yes, we have collected personal information included in this category. G. Geolocation data. Physical location or movements. No, we have not collected personal information included in this category. H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. No, we have not collected personal information included in this category. I. Professional or employment-related information. Current or past job history or performance evaluations. Yes, we have collected personal information included in this category. J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No, we have not collected personal information included in this category. K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes, we have collected personal information included in this category.
Our Disclosures of Personal Information for Business Purposes
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. We disclose your personal information to the categories of third parties described above in the “When We Disclose The Information We Collect To Others” section. In the preceding twelve (12) months, we have disclosed the following categories of personal information (referenced above) for a business purpose:
- Category A: Identifiers.
- Category B: California Customer Records personal information categories. Category C: Protected classification characteristics under California or federal law.
- Category F: Internet or other similar network activity.
- Category I: Professional or employment-related information.
- Category K: Inferences drawn from other personal information.
We have disclosed personal information for a business purpose to Subscribers and service providers.
No Sales or Sharing of Personal Information
In the preceding twelve (12) months, we have not sold any personal information. We also have not shared any personal information with third parties for cross-context behavioral advertising in the preceding twelve (12) months.
Your Rights Under the CCPA
The CCPA provides consumers (California residents) with specific rights regarding their personal information, as we describe further below.
Information Access and Portability Rights:
As a California resident, you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. If we receive and confirm a verifiable consumer request from you (see “Exercising Access, Portability, Correction and Deletion Rights” below), we will disclose the following to you consistent with the CCPA:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting (or selling, if applicable) that personal information.
- The categories of third parties to whom we disclose that personal information.
- The specific pieces of personal information we collected about you (also called a “data portability request”).
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing: (1) sales, identifying the personal information categories that each category of recipient purchased (or, if we did not sell your personal information, we will disclose that fact); and (2) disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Collection and Deletion Requests Rights:
As a California resident, you have the right to request that we correct inaccurate personal information or delete any of your personal information that we collected from you and retained, subject to certain exceptions. If we receive and confirm a verifiable consumer request from you (see “Exercising Access, Portability, Correction and Deletion Rights” below), we will correct or delete (and direct our service providers to correct or delete) your personal information, unless an exception applies. We may deny your deletion request if maintaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products or services to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Portability, Correction and Deletion Rights:
If you have an account with us, you may be able to exercise the personal information access, portability, correction and/or deletion rights described above within your account (such as through the Settings page). Otherwise, to exercise these rights, please submit a verifiable consumer request to us by email at: firstname.lastname@example.org.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must (a) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and (b) describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Our Responses to Access, Portability, Correction and Deletion Requests:
We endeavor to respond to a verifiable consumer request within forty-five (45) days of receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we may deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding our receipt of the verifiable consumer request. If we cannot comply with a request, the response will explain the reasons we cannot comply. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to easily transmit the information from one entity to another entity.
We do not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that a request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not do any of the following:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Notice at collection of Personal Information
How You Can Update or Correct Your Personal Information
If your personally identifiable information changes (such as your name or email address), we provide a way to correct or update personal data. This can be done at the Settings page on the FFG Site.
Contacting Us with Questions
2163 Newcastle Avenue, Suite 100
Cardiff-By-The-Sea, CA 92007.