AtZipeat, we are 100% committed to our customers, which is why we want to take the time to explain exactly what the “Do Not Sell My Personal Information” link on Zipeat webpages and apps means. The purpose of this article is to explain (1) why Zipeat’s webpages and apps contain the “Do Not Sell” link, (2) what it means to “sell” “personal information,” as those terms are defined under California law (3) that Zipeat does not sell personal information that directly identifies you, even under the California definition of “sale,” (4) what happens if you tell Zipeat not to “sell” your personal information, (5) how Zipeat implements your choice to block it from “selling” your personal information, and (6) how Zipeat maintains your “Do Not Sell” Choice.

1. Why Does Zipeat Provide the “Do Not Sell” Link?

Zipeat provides the “Do Not Sell” link to comply with the California Consumer Privacy Act (CCPA), California Civil Code Section 1798.100 et seq., effective January 1, 2020. The CCPA is a new data protection law that provides California residents with certain choices about their data, including the ability to tell companies not to “sell” their personal information. The link is there to inform you of this choice. Although the CCPA only gives California residents the right to make these requests, we allow non-California residents with the same choices about their personal information. Please see our Privacy Policy for more information.

2. What Does it Mean to “Sell” “Personal Information” Under the CCPA?

The CCPA broadens the definition of “sale” and “personal information” beyond how you might commonly interpret those terms. Under the CCPA, “personal information” includes information that is not necessarily directly tied to an individual’s identity but may be associated with a device. This includes identifiers such as IP addresses, web cookies, web beacons, and mobile AdIDs. In many cases, this type of information is not associated with you, but they are unique identifiers that could be. Similarly, the term “sell” is defined to include not just selling in exchange for money, but also sharing or transferring personal information (including information that does not directly identify an individual as described above) in exchange for anything of value, which is not limited to the exchange of money. Certain things are not considered “sales,” including when (1) personal information is shared with a service provider that is contractually prohibited from using the personal information for any purpose beyond the service specifically requested (“service provider exception”), or (2) when the consumer has directed a company to disclose the personal information (“consumer directed exception”).

3. Does Zipeat “Sell” my Personal Information?

Zipeat does not sell information that directly identifies you, like your name, address, social security number, banking information, or phone records. In fact, we do not even share that type of information except with service providers who can use the information solely to provide a service on our behalf, when a consumer directs us to share the information, or in the limited additional circumstances outlined in our Privacy Policy (such as for fraud prevention purposes or where we are legally required to share the information). However, the CCPA’s broad definitions of “sale” and “personal information” may deem the common flow of information in the digital analytics and advertising ecosystem to be a sale. Like most companies that operate commercial websites and apps, Zipeat utilizes online analytics to measure the ways users engage with our websites and apps. These analytics, in turn, inform how we perform online advertising. In order to provide these analytics and facilitate online advertising, Zipeat uses third-parties that collect device identifiers and place tags, cookies, beacons, and similar tracking mechanisms on our websites/apps and on third-party websites/apps. For instance, we may request that a third-party facilitate the placement of Zipeat ads on a particular website after a consumer has previously visited Zipeat.com. The third-parties we use for these purposes generally do this by placing a cookie on a user’s browser so it can identify that the same browser visited other websites. Similarly, where our webpages or apps provide space for advertisements, these third-parties may use identifiers such as cookies for websites, or the device’s mobile AdID for apps, to facilitate real-time bidding by advertisers. Where we can reasonably ensure via contract that the third-parties described above can and will use a device identifier solely to provide the specific service we have requested, and will not use or share the data for other purposes, we will not deem that sharing a “sale.” In most cases, we’ve determined that our data analytics providers that measure the ways users engage with our websites and apps meet this standard and, accordingly, we will not block the sharing of an identifier with those entities even when you choose to opt-out through the “Do Not Sell” link. In some cases, though, Zipeat does not ultimately control how such identifiers are used by some third-parties (particularly in some cases in the online advertising ecosystem), and so we can’t determine that all sharing with third-parties in these cases fall within the service provider exception under the law. As a result, we are currently treating our sharing with some of these third-parties as a “sale” under the CCPA.

4. What Happens when I Tell Zipeat not to “Sell” my Personal Information?

When a user of our websites/apps makes the “Do Not Sell” choice, we will attempt to block further sharing of the covered identifiers with the third-parties we engage on those digital properties or any other entity that does not fall within the service provider exception or the consumer directed exception.

5. How Does Zipeat Implement my Choice to Block it from “Selling” my Personal Information?

The implementation of your choice to block the sale of your personal information is complex and will vary between Zipeat brands, websites, and apps. As general rule, however, when you click the “Do Not Sell” link, you will be provided two choices: (1) set a “Do Not Sell” preference using a cookie for the particular web domain (such as Zipeat.com or metropcs.com) or an app setting for a particular mobile app that is not tied to your account, or (2) if you have an account with us, you can sign in to your account and set a persistent “Do Not Sell” preference that we can store as part of our customer records.

6. How Does Zipeat Maintain my “Do Not Sell” Choice?

For Zipeat websites, if you do not log in to your account (or do not have an account with us) and instead set a “Do Not Sell” preference that is specific to the site that you are visiting, please be aware that the setting will only work if your browser is set to accept cookies. Likewise, if you clear your browser cookies, the cookie-based “Do Not Sell” setting will be erased, and you will need to reset the setting for that web domain. For Zipeat apps, the local setting should remain until you specifically change it or clear app data on your device— but you should check the setting regularly to ensure it reflects your current choice. If you choose to sign in and set a “Do Not Sell” setting tied to your account, we will attempt to identify and honor that setting whenever you are logged into a Zipeat app or website. This persistent setting will have no effect, however, when you have not signed in to a Zipeat website or app. In that case, only the setting set for a particular website or app, if one exists, will apply. Please note that when you set a “Do Not Sell” setting in your account, we will attempt to also set your setting for the website or app you are using at that time— but again, that setting may not work if your browser does not accept cookies or if you later delete cookies or delete data on your app. You can check the current status of your “Do Not Sell” setting for the specific Zipeat website or app and change that setting at any time by clicking on the link in the footer of the Zipeat webpage you are browsing or in the menu section of the Zipeat app you are using. For more information about Zipeat’s privacy practices and our approach to the CCPA, please see our Privacy Policy.