Website Privacy Policy

Effective Date/Last Updated: January 10, 2023.

Center for Autism & Related Disorders and its subsidiaries, divisions, and affiliates (sometimes referred to as “Company,” “us,” “we,” or “our”) adopted this privacy policy (“Policy”) to describe our policies and practices concerning the personal information we collect about individuals. We are committed to the privacy and security of personal information.

This Policy, more specifically, is intended to provide individuals with information about how we collect, use, disclose, retain, and safeguard certain of the personal information we gather about them such as through the:

      • Use of our websites, including mobile websites, applications (collectively, the “Site”)
      • Visits to our offices, properties, or attendance at one of our events
      • Phone and email communications
      • Social media interactions, such as through Facebook, LinkedIn, Instagram.
      • Viewing of our online content or emails

It also describes options individuals may have concerning their personal information.

Please read this Policy carefully before using the Site or submitting personal information to us. BY ACCESSING OR USING THE SITE, YOU CONSENT TO THE COLLECTION, USE, AND SHARING OF YOUR PERSONAL INFORMATION AS SET FORTH IN THIS POLICY AND THE TERMS OF USE. If you do not consent to the collection, use, disclosure, and retention of your personal information as described in this Policy, please do not provide us with such information. This Policy does not apply to third-party websites accessible through our Site or other applications.

Personal Information We Collect

As described below, we may collect or have collected in the preceding 12 months the following categories of personal information (“PI” or “personal information”). We may add to the categories of PI we collect and the purpose(s) we collect and use it. In those cases, we will inform and update this section of the Policy.

      • Identifiers – such as real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, or other similar identifiers.
      • Other elements – such as name, signature, characteristics or description, address, telephone number, education, bank account number, credit card number.
      • Characteristics of protected classifications under California or federal law – such as race, religion, and age.
      • Commercial information – such as products and services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
      • Education information – such as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, Sec. 1232g; 34 C.F.R. Part 99).
      • Internet or other electronic network activity – such as browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement.
      • Geolocation data – such as location information while using one of our apps.
      • Audio, electronic, visual, or similar information – such as identifiable information obtained about you from voicemail messages, while speaking with our service representatives, including on the telephone.
      • Professional or employment-related information – such as information on job applications, information needed during onboarding for payroll and benefits, and information needed for evaluating performance.
      • Sensitive Information. Sensitive information means a consumer’s social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; genetic data; the processing of biometric information for the purpose of uniquely identifying a consumer; personal information collected and analyzed concerning a consumer’s health.

Personal information does not include certain categories of information, such as publicly available information from government records, and deidentified or aggregated consumer information.

We retain your personal information for as long as necessary to provide you with services and in accordance with the Company’s data retention schedule, unless we have or deidentified or deleted your personal information in response to a request to delete. We may retain your personal information for longer if it is necessary to comply with our legal obligations or reporting obligations, resolve disputes, or as permitted or required by applicable law. We may also retain your Personal Information in a deidentified or aggregated form so that it can no longer be associated with you. To determine the appropriate retention period for your personal information, we consider various factors such as the amount, nature, and sensitivity of your information; the potential risk of unauthorized access, use or disclosure; the purposes for which we process your personal information; applicable legal requirements.

Purposes We Collect and Use Personal Information

We collect and use your PI for the following business or commercial purposes. We may change or add to the purposes we collect PI. In that case, we will inform you and obtain your consent when required by law.

      • To provide you with information, products, or services you request from us.
      • To fulfill or meet the reason for which the information is provided.
      • To contact you and/or provide you with email alerts and other notices concerning services, events, or news that may be of interest to you. For example, we may send you announcements, surveys, and newsletters using any communications preferences you have expressed. We may provide these communications via email, postal mail, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app messaging, and other means. Of course, if at any time you no longer wish to receive such communications, you have the option of unsubscribing from our mailing list for that communication.
      • To process payments.
      • To communicate with you in social media concerning our services.
      • To ensure your information is accurate and to personalize our communications to you. For example, we may aggregate your personal information with data from various sources for purposes of keeping information up to date. If you connect your social media services or other accounts to our services, we may use this information to make your experiences with us more personal or share and use it as described elsewhere in this Policy.
      • To carry out our obligations and enforce our rights including those arising from any contracts entered into with you including for billing, payment, and collections.
      • To review, improve, and monitor our website, applications, online services, and overall consumer experience, including to provide customization to meet the specific needs.
      • To provide customer service and engage in quality control activities concerning our products and services.
      • For testing, research, analysis and service development. We may use data, including public feedback and surveys, to conduct research and for the development of the Site and the services, products, and information we provide.
      • To respond to law enforcement requests and as required by applicable law, court order, governmental regulations, or other lawful processes.
      • As described to you when collecting your personal information.
      • To manage our recruiting efforts and employment and workforce relationships. These activities include, for example, sourcing and processing employment applications, onboarding employees and contingent workers, and carrying out a range of employments activities relating to the employment relationship, such as compensation, benefits, promotion, discipline, termination, and certain post termination activities.
      • As necessary or appropriate to protect the rights, property, security, and safety of us, our employees, our consumers, our information systems, and the public.
      • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

Sources of Personal Information We Collect

  • You. We may collect personal information that you provide during your interactions with us, such as through our Site, by email, or when you communicate with our associates by phone, or at one of our centers. We may also collect information when you attend an event, or participate in a program we sponsor. We collect information when you are an applicant for employment with us and employed by us. We also collect information through certain online tracking tools, such as browser cookies, flash cookies, and web beacons.
  • Social media and related services.
  • Service providers and contractors. When you obtain products and services from us, we may collect your PI from service provider and contractors who collected information about you that is needed to provide those products and services.
  • Information Collected Automatically. As you navigate through and interact with our Site, we may compile statistical information concerning your usage of the Site through analytics services, such as those provided by Google Analytics. To do so, we may collect certain information about your equipment, browsing actions and patterns, including:
        • Details of your visits to our Site, such as traffic data, location data, logs and other communication data and the resources that you access and use on the Site
        • Information about your computer and internet connection, including your IP address, operating system, and browser type.
        • Information about the type of device you are using, mobile ad identifiers, the time and length of your visit, and the website that referred you to our Site.
        • Information about your preferences to make your use of the Site more productive, via the use of Cookies. For more information on Cookies, please see the Cookies and Other Tracking Technologies section. While all of this information can be associated with the IP address your computer had while you visited the Site, it will not be associated with you as an individual or with any other information you may submit through the Site or that we may store about you for any other purposes. We may use this information to generate aggregate statistics about visitors to our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.

Cookies, Tracking, and Certain Communications.

We use cookies and other web technologies to collect and store certain types of information when you visit the Site. A cookie is a small file consisting of letters and numbers that automatically collect certain information from you. This file uniquely identifies and recognizes your browser or device and transmits information back to the server. Depending on the cookie type, it may perform functions such as remembering your user preferences, improving the quality of your visit, recording the website pages you view, remembering the name or address you entered during a visit, or delivering ads that are targeted to your interests and browsing activity.

Types of Cookies. Types of cookies include:

First and Third-Party Cookies. First party cookies are generally placed on your computer or device by the website you are visiting. For example, we may use a first party cookie to improve website security. Third party cookies are placed on your computer or device by a source other than the website you are visiting in order to enable third-party features such as advertising, analytics, videos, or interactive content.

Essential or Strictly Necessary Cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually set in response to actions taken by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. These cookies do not store any personally identifiable information.

Performance and Functionality Cookies. Although these are non-essential cookies, they help the website perform and function as designed. For example, performance and functionality cookies may help the website display videos, enable chat sessions, or recognize whether you visited the website before.

Analytics Cookies. These cookies track your usage of the website. The information these cookies collect can be used for various purposes such as understanding how visitors use the website, site and content customization, or advertising and marketing.

The Site uses essential, functional, and performance cookies to function and perform as designed; analytics cookies to understand how you use the Site, improve its functionality, and other related purposes; and advertising cookies to help us with our advertising and marketing activities. We and our third-party partners and service providers may collect and track information about your online activities over time and across different websites, applications, and devices.

Embedded Content and Social Media Widgets. The Site contains embedded content (e.g., videos) and Social Media Widgets (e.g., LinkedIn). Embedded content may place third party cookies on your device that track your online activity to enhance your experience or assess the success of their application. Social Media Widgets allow us to integrate social media functions into the Site. These widgets may place third party cookies on your device for tracking and advertising purposes. We have no direct control over the information these cookies collect; please refer to the applicable third party’s website privacy policy for additional information.

Controlling Cookies. You may control cookies, including preventing or stopping the installation and storage of cookies, through your browser settings and other tools. Most browsers will allow you to block or refuse cookies. However, you may need to manually adjust your preferences each time you visit a site. For more information, see the Help section of your browser. Please note that if you block certain cookies, some of the services and functionalities of our Site may not work.

IMPORTANT: BY USING THE SITE, YOU CONSENT TO THE PROCESSING OF ANY PERSONAL INFORMATION FOR THE PURPOSES AND FUNCTIONS DESCRIBED ABOVE.

Do Not Track. “Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our Site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests.

Third Party Website Links. Some portions of our Site may contain links to other websites on the Internet that are neither under our control nor maintained by us. Such links do not constitute an endorsement by us of those other websites, the content displayed therein, or the persons or entities associated therewith. You acknowledge that we are providing these links to you only as a convenience, and you agree that we are not responsible for the content of such websites. Your use of these other linked websites is subject to the respective terms of use and privacy policies located on the linked websites.

To the extent you voluntarily opt to have SMS notifications sent directly to your mobile phone, we receive and store the information you provide, including your telephone number or when you read a text message. You may opt out of receiving text messages at any time by texting “STOP” to our text messages. For more information about text messages, see our Terms of Use.

Disclosures of Personal Information.

We do not sell or share your personal information to third parties. We also do not use or disclose your sensitive personal information for purposes that, with limited exceptions, are not necessary in order to provide our products and services as are reasonably expected by an average consumer requesting those goods and services.

We may, however, disclose your personal information with services providers and contractors who help us provide services, such as, email, text and other communications, applications, sales, business and inventory support, photography, and website, software, platform, cloud, data storage and other technical services.

We may also disclose your personal information if necessary to: (1) comply with federal, state, or local laws; (2) comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities; (3) cooperate with law enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate federal, state, or local laws; or (4) exercise or defend legal claims.

Lastly, we may transfer to a third party personal information as part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control or acquires of all or part of the assets of our business.

Of the categories of PI noted above, during the past 12 months, we disclosed the following:

Categories of Personal Information Categories of Third Parties to Whom Disclosed & Purposes for Disclosure
Address and other identifiers – such as name, postal address, email address, phone number, account name, date of birth, social security number, driver’s license number, photograph, passport number, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers NOTE: The information in this category may include the following elements of Sensitive Personal Information: social security number, driver’s license number, state identification card number, and/or passport number.
Third parties as directed by you. We may disclose your personal information to the third parties to whom you direct. Our business partners. For example, we might disclose your personal information to one of our business partners for purposes of collaborating on providing services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Governmental entities, legal service providers. We may disclose your personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Protected status – such as citizenship, ethnic background, gender, or other similar identifiers NOTE: The information in this category may include the following elements of Sensitive Personal Information: racial, ethnic, or national origin.
Third parties as directed by you. We may disclose personal information to those third parties to whom you direct. Our business partners. For example, we might disclose your personal information to one of our business partners for purposes of collaborating on providing services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Financial information – such as bank account details, credit history, income details or other similar identifiers NOTE: The information in this category may include the following elements of Sensitive Personal Information: log-in, financial account, debit card, or credit card number, in combination with any required security or access code, password, or credential allowing access to an account.
Third parties as directed by you. We may disclose your personal information to the third parties to whom you direct. Our business partners. For example, we might disclose personal information to one of our business partners for purposes of collaborating on providing products or services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose your personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Education or professional information, including veteran status or other similar identifiers NOTE: The information in this category may include the following elements of Sensitive Personal Information: union membership.
Third parties as directed by you. We may disclose your personal information to the third parties to whom you direct. Our business partners. For example, we might disclose personal information to one of our business partners for purposes of collaborating on providing products or services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Internet or other electronic network activity – such as browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement NOTE: The information in this category may include the following elements of Sensitive Personal Information: the contents of mail, email, or text messages, to which the business was not the intended recipient.
Third parties as directed by you. We may disclose your personal information to third parties to whom you direct. Our business partners. For example, we might disclose personal information to one of our business partners for purposes of collaborating on providing products or services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Geolocation data NOTE: The information in this category may include the following elements of Sensitive Personal Information: precise geolocation.
Third parties as directed by you. We may disclose your personal information to the third parties to whom you direct. Our business partners. For example, we might disclose personal information to one of our business partners for purposes of collaborating on providing products or services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Audio, electronic, visual, thermal, olfactory, or similar information.
Third parties as directed by you. We may disclose personal information to the third parties to whom you direct. Our business partners. For example, we might disclose personal information to one of our business partners for purposes of collaborating on providing products or services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.
Biometric Information NOTE: Biometric information is considered an element of Sensitive Personal Information.
Third parties as directed by you. We may disclose your personal information to those third parties to whom you direct. Our business partners. For example, we might disclose personal information to one of our business partners for purposes of collaborating on providing products or services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them. Third parties that perform services on our behalf. For example, we may disclose information to certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, payroll and benefits managers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf. Governmental entities, legal service providers. We may disclose personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.

Security

We take precautions to protect data and information under our control from misuse, loss or alteration. Our security measures include industry-standard physical, technical, and administrative measures to prevent unauthorized access to or disclosure of your information, to maintain data accuracy, to ensure the appropriate use of information, and otherwise safeguard your personal information. However, no system for safeguarding personal or other information is 100% secure and, although we have taken steps to protect your personal information from being intercepted, accessed, used or disclosed by unauthorized persons, we cannot fully eliminate security risks associated with personal information.

Please recognize that protecting your personal information is also your responsibility. We ask you to be responsible for safeguarding the password, security questions and answers, and other authentication information you use to access our Site.

Applicable law

This Policy is governed by the laws of the State of Texas, without regard to its conflict of laws principles. Jurisdiction for any claims arising under or out of this Policy shall lie exclusively with the state and federal courts within Texas. If any provision of this Policy is found to be invalid by a court having competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Policy, which shall remain in full force and effect.

Notice to Site Users Located Outside the U.S.

The Company operates in accordance with the laws of the U.S. When you access our Site from outside the U.S., we may transfer the PI that we collect from you to a location outside of your jurisdiction, including the U.S. The data protection laws in these jurisdictions may not provide you with the same protections as those of your jurisdiction. By using this Site, you acknowledge that these laws may provide a different standard of protection and you consent to the transfer of your personal data to other jurisdictions, including the U.S.

Contact Us

If you have additional questions, you may call us at (844) 995-0384. You can write to us at: info@centerforautism.com.

Changes to this Policy

We reserve the right to revise this Policy at any time. If we make any material changes, we will update the date noted above. We reserve the right to provide notice of any changes in other ways as well. Your use of this Site or submission of personal information after such changes constitutes your agreement to the Policy as amended. Except to the extent we receive your authorization, or as permitted or required by applicable law, we will handle your personal information in accordance with the terms of the Policy in effect at the time of the collection. Please check our Site periodically for updates.

Notice to California Residents

Shine the Light. If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by certain members of the Company to third parties for the third parties’ direct marketing purposes. Requests may be made one time per calendar year. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we disclosed customer information for the immediately prior calendar year (e.g., requests made in 2022 will receive information regarding 2021 sharing activities). You may submit your request using the contact information in this Policy.

Eraser Law. If you are a California resident under the age of 18, and a registered user of any Site where this Policy is posted, California law permits you to request and obtain removal of content or information you have publicly posted. You may submit your request using the contact information in this Policy. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

California Consumer Privacy Act. The section concerning the California Consumer Privacy Act (“CCPA Section”) applies solely to individuals who are residents of the State of California (“consumers” or “you”) as required under the California Consumer Privacy Act, as amended (“CCPA”). This CCPA Section describes our policies and practices regarding the collection, use, and disclosure of personal information we collect about you, including personal information we obtain when you access or use the Site, or through other channels including but not limited to visiting one of our locations, phone and email conversations, attending our events, social media interactions on our websites and other third party websites such as social media sites, viewing our emails, or through our authorized services providers.

This CCPA Section supplements and amends the information contained in the Policy with respect to California residents. Any terms defined within the CCPA have the same meaning when utilized within this CCPA Section. For purposes of this CCPA Section, personal information also does not include: (i) health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

All other terms shall have the meaning set forth in the Policy or Terms of Use as applicable. The other provisions of the Policy continue to apply except as modified in this CCPA Section.

Please read this CCPA Section carefully before using the Site or submitting information to us. By accessing or visiting the Site, you indicate your understanding that the collection, use, and sharing of your information is subject to the terms of this CCPA Section.

IF YOU DO NOT CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED IN THIS CCPA SECTION, PLEASE DO NOT PROVIDE US WITH SUCH INFORMATION.

Right To Know About Personal Information Collected or Disclosed. We generally describe in this Privacy Policy our current and practices for the prior 12 months related to the categories of personal information we collect, how we collect and use the personal information, and how we disclose your personal information. Upon receipt of a verifiable consumer request (see below), in addition to what is described above, as a California resident, you also have the right to request more information regarding the following items. In general, any disclosures we provide will only cover the 12-month period preceding the receipt of your verifiable consumer request. However, with respect to personal information collected on and after January 1, 2022, and to the extent expressly required by applicable regulation, you may request that such disclosures cover a period beyond the 12 months referenced above, provided doing so would not require a disproportionate effort by us.

      • the categories of personal information,
      • the categories of sources from which the personal information is collected,
      • the business or commercial purpose for collecting, selling, or sharing personal information, if applicable,
      • the categories of personal information we sold or disclosed for a business purpose,
      • the categories of third parties to whom the business discloses personal information, and
      • the specific pieces of personal information the business has collected about you.

Right To Request Deletion Of Your Personal Information. You have the right to request that we delete the personal information we collected or maintained about you. Once we receive your request, we will let you know what, if any, personal information we can delete from our records, and we will direct any service providers and contractors with whom we disclosed your personal information to also delete your personal information from their records.

There may be circumstances where we cannot delete your personal information or direct service providers or contractors to delete your personal information from their records. Some of these instances include, but are not limited to, if we need to:

      • Complete the transaction for which the PI was collected, provide a good or service requested by you, or reasonably anticipated by you within the context of our ongoing business relationship with you, or otherwise perform a contract between the Company and you.
      • Help to ensure security and integrity to the extent the use of the consumer’s PI is reasonably necessary and proportionate for those purposes.
      • Debug to identify and repair errors that impair existing intended functionality.
      • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
      • Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
      • Engage in public or peer-reviewed scientific, historical, or statistical research that confirms or adheres to all other applicable ethics and privacy laws, when the Company’s deletion of the information is likely to render impossible or seriously impair the ability to complete such research, if you have provided informed consent.
      • To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with the Company and compatible with the context in which the consumer provided the information.
      • Comply with a legal obligation.
      • Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will provide a response to such requests.

Right to Request Correction. You have the right to request that the Company correct any inaccurate personal information we maintain about you, taking into account the nature of that information and purpose for processing it. Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will provide a response to such requests.

[Rights regarding sale, sharing, and limiting use of sensitive personal information]

Right to Non-Discrimination for the Exercise of Your Privacy Rights. We will not discriminate against you for exercising any of your rights under the CCPA, as described above. This includes, but is not limited to: (A) denying good or services to you; (B) charging you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; (C) providing a different level or quality of goods or services; or (D) suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services. It also includes an employee’s, applicant’s, or independent contractor’s right not to be retaliated against for the exercise of
their CCPA rights.

Submitting Consumer Rights Requests

How to submit. To submit a California Consumer Rights request as outlined in this CA Addendum, please contact the Company by calling us at (844) 995-0384 or info@centerforautism.com. We reserve the right to only respond to verifiable consumer requests to know, delete, or correct. A verifiable consumer request is one made by any individual who is:

• the consumer who is the subject of the request,
• a consumer on behalf of the consumer’s minor child, or
• the authorized agent of the consumer.

What to submit. If we request, you must provide us with sufficient information to verify your identity and/or authority to act on behalf of a consumer. In general, we may ask you to provide identifying information that we already maintain about you or we may use a third-party verification service. In either event, we will try to avoid asking you for sensitive PI to verify your identity. We may not be able to respond to your request or provide you with PI if we cannot verify your identity or authority to make the request and confirm the PI relates to you. However, making a verifiable consumer request does not require you to create an account with us.

Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond. We will not use the PI we collect from an individual to determine a verifiable request for any other purpose, except as required or permitted by law.

Our response. We reserve the right to charge a fee to process or respond to your request if it is excessive, repetitive, or manifestly unfounded. If we determine that a request warrants a fee, we will attempt to notify you as to why we made that decision and provide a cost estimate before completing your request. We will endeavor to respond to a verifiable consumer request within forty-five (45) calendar days of receipt, but we may require an extension of up to forty-five (45) additional calendar days to respond and we will notify you of the need for the extension.

Questions. If you have questions about this CA Policy, please contact us as described above in the Policy.

4887-1642-5286, v. 1