Morley Privacy Policy

Effective Date: February 15, 2019 | Last Modified: December 29, 2023 

Morley Companies, Inc. is a corporation incorporated under the laws of the State of Michigan, with its head office at One Morley Plaza, Saginaw, Michigan 48603 in the United States of America.

For purposes of this Privacy Policy, references to “Morley,” the “Company,” “we,” “our,” and “us” mean Morley Companies, Inc.  Morley owns and operates the website at www.morleycompanies.com (the “Website”) and has three business units: Business Process Outsourcing, Meetings & Incentives, and Exhibits & Displays. “Service” refers to any of the services of these business units, our interaction with current or potential clients, or their customers, employees, employment candidates, or other communications related to Morley business and operations.

This Privacy Policy is integrated into our Terms of Use (“Terms of Use”).

By using the Services and providing us with your personal Information (defined below), you agree to the practices described in this Privacy Policy and Terms of Use referenced above. We reserve the right to change, modify, add, or remove portions of this Privacy Policy from time to time.  Please check back periodically for any changes we may make to the Privacy Policy. Your continued use of this Website or our Services following the posting of changes to this Privacy Policy means you accept these changes.

This Privacy Policy describes, among other things, the types of information we collect when you visit our Website, when you register to use our Service, and when you communicate with us, how we use it, and how we can access your information. This Privacy Policy does not apply to information collected by or provided in connection with an individual’s application for employment, current or former employment, or an independent contractor’s arrangement with Morley. If you are a California Morley employee, independent contractor, or applicant for employment, please see the Morley Privacy Notice for California Associates & Applicants for information about how Morley collects, uses, processes, discloses, shares, and retains employment information not covered by this policy.  

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, or the European Union (EU), European Economic Area (EEA), and UK, you may be entitled to certain individual rights under the California Consumer Privacy Act of 2018 [as amended by the California Privacy Rights Act of 2020 (“CPRA”)] (collectively, “CCPA”), Virginia Consumer Data Protection Act (“VCDPA”), Colorado Privacy Act (“CPA”), Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”), Utah Consumer Privacy Act (“UCPA”), or the General Data Protection Regulation (“GDPR”) and the UK Data Protection Act 2018, respectively.  Please see the Notice to Certain Residents of Data Subject Rights section of our Privacy Policy for your rights and how to exercise them for users located in California, Virginia, Colorado, Connecticut, Utah, and the EEA and UK only.

If you have questions about our collection, use or disclosure of your personal information, or if you want to exercise your rights, explained further below, you can contact our Chief Privacy Officer by emailing privacy@morleynet.com or by writing to us at One Morley Plaza, Saginaw, MI 48603, Attn: Privacy Officer.  

INFORMATION WE MAY COLLECT ABOUT YOU & HOW WE COLLECT IT 

We may collect and process the following categories of information about you, which are described in more detail below: (A) information you provide to us, (B) sensitive information, (C) information we may automatically collect, and (E) information we may receive from third parties. All of the information listed in (A)-(C), (E) above is detailed below and hereinafter referred to as “Information.”  

A. Information You Provide to Us

 You may provide us information about you by filling out the registration form on our registration site or by corresponding with us by phone, email, chat, via our Website or otherwise.  This includes information you provide when you register for our Service. The information you provide us may include:

• Individual identifiers such as name, date of birth, gender, contact information such as address, email address, phone number, passport, or foreign personal identification number;
• Payment and transactional information such as Services purchased. Note that we use third-party payment processors to facilitate your payments and do not store your payment information, and that provider is not permitted to store, retain, or use that information except for the sole purpose of processing credit/debit information on our behalf;
• Professional or employment-related information;
• Visual information such as personal description or photograph;
• Communications with us, preferences, and other Information you provide to us such as any messages (including via online chat feature), opinions, and feedback that you provide to us, your user preferences (such as in receiving updates or marketing information), information related to your travel (travel dates, country of origin/destination), and other Information that you share with us when you contact us directly (such as for customer support services); and
• Additional Information as otherwise described to you at the point of collection or pursuant to your consent.

B. Sensitive Information

We may process the following categories of sensitive personal Information when you use our Services:

• Identification information such as passport or foreign personal identification number.
• Payment information including debit or credit card information in combination with any required security or access code collected for the purpose of processing payment for our products or Services.
• Authentication data such as account personal Information and login credentials, including unique identifiers such as username, account number, and password.
• Drivers license number
• Health information

C.    Information We May Automatically Collect About You

 As you navigate through and interact with our Website, we automatically collect information about your computer hardware and software. This information can include your IP address, browser type, domain names, internet service provider (ISP), the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times, and referring website addresses. We use this information for the operation of the Service, to maintain quality of the Service and to provide general statistics regarding use of the Website. For these purposes, we do link this automatically collected data to personal Information, such as name, email address, address, and phone number.

D. Cookies & Technologies Used to Collect Information About You 

We and/or certain service providers operating on our behalf may collect Information about your activity, or activity on devices associated with you over time, on our sites and applications, and across non-affiliated websites or online applications. We may collect this Information by using certain technologies, such as cookies, web beacons, pixels, software-developer kits, third-party libraries, and other similar technologies. Third-party service providers, advertisers, and/or partners may also view, edit, or set their own cookies or place web beacons. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly. This type of technology includes the following: 

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Services. Unless you have adjusted your browser setting, so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
• Web Beacons. Website pages may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages and for other related statistics (for example, recording the popularity of certain content and verifying system and server integrity). We also use these technical methods to analyze the traffic patterns, such as the frequency with which our users visit various parts of the Services. These technical methods may involve the transmission of Information either directly to us or to a third party authorized by us to collect Information on our behalf. Our Services use retargeting pixels from Google, Facebook, and other ad networks. We also use web beacons in HTML emails that we send to determine whether the recipients have opened those emails and/or clicked on links in those emails.
• Google Analytics. We use Google Analytics, which Google collects, and uses the information shared by sites and apps to deliver our Services, maintain and improve them, develop new Services, measure the effectiveness of advertising, protect against fraud and abuse, and personalize content and ads you see on Google, and on our partners’ sites and apps. To learn more about the Company’s use of Google Analytics and what Google Analytics does, please see How Google uses information from sites or apps that use our services, linked below.
  • Learn about how Google Analytics collects, uses, and processes data here.
  • Learn about the cookies Google Analytics uses here.   

Our use of online tracking technologies may be considered a “sale” or “sharing” under certain laws. To the extent that these online tracking technologies are deemed to be a “sale” or “sharing” under certain laws, you can opt out of these online tracking technologies by clicking on the Do Not Sell link on our Website or by broadcasting an opt-out preference signal, such as the Global Privacy Control (GPC). Please note that some features of our Website may not be available to you as a result of these choices.

E.    Information We May Receive From Third Parties

We may collect additional Information about you from third-party websites, social media platforms, and/or sources providing publicly available Information (e.g., from the U.S. postal service) to help us provide Services to you, help prevent fraud, and for marketing and advertising purposes.

We may obtain information from third parties, such as an employer assisting us and our client with a marketing research study. If we reached out to you to invite you to register for our Service, it may have been because your employer or another entity gave us your contact information to do so. Your employer or that entity did so because they thought you would be interested in our Service, or they specifically wanted you to register for our Service for a business-related purpose or travel experience. We also may have contacted you for business opportunities, or other operational purposes. 

This Privacy Policy only applies to Information collected by our Services. We are not responsible for the privacy and security practices of those other websites or social media platforms, or the Information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other websites or content do not constitute or imply an endorsement or recommendation by us of the linked website, social media platform, and/or content.

How We Use the Information We Collect 

A. Use and Purpose of Processing Your Personal Information

In addition to the uses identified elsewhere in this Privacy Policy, we may collect, use, or otherwise hold information to facilitate communication and delivery of our Service that you have given us information for in order for us to provide the Service and/or to perform our contract obligations with our clients, which are likely your employer, your spouse/partner’s employer, or a company with which you do business. 

In addition, we may process your Information and Information about you for the following purposes: 

• To deliver the Service to you or to allow you to participate in the Service;
• To correspond and communicate to you with respect to delivering the Service;
• To notify you about any changes to our Service to you;
• To process your registration;
• To fulfill contracts we have with you;
• To collect payment from you – we use credit/debit card information solely to collect payment from you;
• As part of our efforts to keep you safe and secure;
• To assist clients, including their employees and members of their supplier, sales, and distribution networks, with their event planning, group and individual travel programs, trade show management and participation, interactive services, including teleservices and database management projects, customer service operations, market research data collection, and analysis, and other services offered by us;
• To operate and manage customer loyalty programs in which clients provide us with personal information related to their clients, employees (which may include you), suppliers, and distributors. Examples include, but are not limited to, credit and debit card reward programs, sales incentives, and other loyalty-based marketing programs;
• To design, develop, operate, and manage market research studies for clients, including studies for which, to preserve the integrity of the research, the identity of the organization commissioning the study is not disclosed to the participants;
• If you use one of our applications to register for an event/meeting, we will use the email address you provided to send you information and announcements relating to that event;
• For general or targeted marketing and advertising purposes, including sending you promotional material or special offers on our behalf or on behalf of our marketing partners and/or their respective affiliates and subsidiaries, and other third parties, provided that you have not already opted-out of receiving such communications;
• To manage, improve, and foster relationships with third-party service providers, including vendors, suppliers, and parents, affiliates, subsidiaries, and business partners;
• To comply with governmental regulations or to respond to a subpoena or other governmental, court, or administrative order/requirement;
• To operate our Website and Morley-operated client websites in support of client projects;
• To carry on our business and serve our customers as described above;
• For our internal business purposes that include administering access and use of our applications, data analysis, securely identifying users upon logging on to an application, enhancing or modifying our Service, determining the effectiveness of our promotional campaigns, billing for the Service, and operating our business;
• For other purposes disclosed to you at the time we collect your Information and/or with your consent.

The collection of personal Information shall be limited to that which is necessary for the purposes identified above.

B.  Sharing or Disclosing Your Information

We may share non-personally identifiable Information, such as aggregated user statistics, with third parties. We do not share your personal Information with third parties for third-party marketing purposes, or for any other purpose other than as described in this Privacy Policy. We may use: (a) third-party analytics service providers and (b) ad-serving platforms, such as Google and Facebook, which may set and access their own cookies and web beacons on your device.  These parties may have access to usage information. They may also have access to pseudonymous or anonymous information about you (such as a unique identification number), which may be combined or associated with information from other sources to identify you.

We may disclose the Information we have collected about you, including personal Information, as disclosed at the time you provide your Information and in the following circumstances:

Internally with our employees/agents: We will share your Information with our employees/agents, who are responsible for providing you the Service in line with the scope of their employment/agency with us.

Third parties providing services on our behalf: We disclose your personal Information to third-party service providers that perform certain functions or Services on our behalf, such as payment processors, excursion companies, hotel/lodging accommodations, vendors, etc., to allow them to provide you the Service, as they are specific to their particular role. For example, we disclose your payment information with payment processors to allow them to charge your relevant debit/credit account for the Service. We disclose your name information with hotel/lodging and accommodation entities and excursion companies to allow them to reserve you a room/space in their hotel/lodging facility and/or on their excursion, as relevant. This Information is disclosed for the sole purpose of allowing us to provide you the Service. These companies are bound by contractual obligations to keep personal Information confidential and use it only for the purposes for which Morley discloses it to them.

We will disclose personal Information to subcontractors/processors pursuant to written contract indicating the outside party will afford a comparable level of protection while the personal Information is being processed by such third party. In some cases, that will require the third party to enter into a separate contract with us, e.g., a Data Processing Agreement that ensures their processing of your Information is compliant with all relevant and applicable laws, as they may be applicable to you. Further provisions may include the return of all personal Information to us upon completion, an agreement not to use such Information except for our purposes, and the destruction of any remaining records in the possession of the third party. Finally, the third party must agree to advise Morley immediately of any concerns or objections expressed by individuals, and of any breaches of this Privacy Policy. Care shall be taken to select only contractors, processors or other third parties who can guarantee the technical and organizational requirements and security provisions necessary for the processing.

Business transfer: We reserve the right to disclose and transfer all Information related to the Service, including, without limitation, your personal Information, demographic Information and usage Information: (i) to a subsequent owner, co-owner, or operator of the Service or applicable database; or (ii) in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or other corporate change, including, without limitation, during the course of any due diligence process.

Legal obligations: If we are under a duty to disclose or share your personal data: (i) when required by law or in order to comply with any  court order, subpoena, search warrant, or other legal obligation; (ii) to cooperate or undertake an internal or external investigation or audit; (iii) to comply with legal, regulatory, or administrative requirements of governmental authorities (including, without limitation, requests from the governmental agency authorities to view your Information); (iv) in order to enforce or apply our Terms of Use and other agreements; (v) to protect the rights, property, or safety of the Company, our customers, or others; (vi) to verify the identity of the user of our Services. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit-risk reduction.

Emergency:  Where we believe that an emergency, illegal activity, or some other reasonable basis exists for notifying the relevant authority.

Information Shared With Our Subsidiaries and Affiliates: We may share your Information with our subsidiaries and affiliates.

De-Identified or Aggregated Data: We may share your Information on an aggregated basis for any purpose in which your specific personal Information is blinded, masked, or otherwise not identifiable.

With Your Consent: We may share Information consistent with this Privacy Policy with your consent.

Morley does not use or disclose sensitive personal Information, other than for the business purposes permitted by law as described above.

Categories of Information Sold

We may sell the below categories of personal Information. For purposes of this Privacy Policy, “sell,” “sold,” or “sale” means the disclosure of personal Information for monetary or other valuable consideration but does not include, for example, the transfer of personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business. 

LINKS TO OTHER WEBSITES

Our Services may contain links to other websites or services that are not owned or controlled by us, including links to social media platforms, such as LinkedIn, Instagram, Twitter, or YouTube, or may redirect you off our Website away from our Services.  

This Privacy Policy only applies to Information collected by our Services. We are not responsible for the privacy and security practices of those other websites or social media platforms, or the Information they may collect (which may include an IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other websites or content do not constitute or imply an endorsement or recommendation by us of the linked website, social media platform, and/or content.

INFORMATION SECURITY & TECHNICAL & ORGANIZATIONAL MEASURES

 We use commercially reasonable and appropriate administrative, physical, and technical security measures to provide our Services and safeguard your Information. We maintain information security policies and procedures to protect personal Information from unauthorized access, alteration, disclosure or destruction.

However, no data transmitted over the internet or stored or maintained by us or our third-party service providers can be 100% secure. Therefore, we do not promise or guarantee, and you should not expect, that your Information or private communications will always remain private or secure. We do not guarantee that your Information will not be misused by third parties. We are not responsible for the circumvention of any privacy settings or security features. You agree that we will not have any liability for misuse, access, acquisition, deletion, or disclosure of your Information.

If you believe that your Information has been accessed or acquired by an unauthorized person, you should promptly Contact Us so that necessary measures can quickly be taken.

DATA RETENTION

We will retain your Information for as long as needed to provide you Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. We will retain and use your Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In accordance with our routine record keeping, we may delete certain records that contain Information you have submitted to us. We are under no obligation to store such Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Information.

YOUR CHOICES

A.  Marketing Communications. If you do not want to receive marketing and promotional emails from us, you may click on the “unsubscribe” link in the email to unsubscribe and opt-out of marketing email communications or Contact Us for more information. 

B.  Opting Out of Direct Marketing by Third Parties. To exercise choices regarding the marketing information you receive, you may also review the following links:

• • • You may opt out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices.
    • You may opt out of receiving permissible targeted advertisements by using the NAI opt-out tool available at optout.networkadvertising.org or visiting About Ads at optout.aboutads.info.

GEOGRAPHIC LOCATION OF DATA STORAGE AND PROCESSING

 The Service is hosted on U.S. servers. The data that we collect from you may be transferred to, and stored at, a destination outside the EEA and may also be processed by staff operating outside the EEA who work for us or for one of our processors. If you are visiting the Services from a country outside the U.S., you should be aware that you may transfer personally identifiable Information about yourself to the United States, and that the data protection laws of the United States may not be as comprehensive as those in your own country. By visiting the Services and submitting any personally identifiable Information you consent to the transfer of such personally identifiable Information to the United States.

Accordingly, if you are located outside the U.S., you consent and continue to consent to the processing, transfer, and storage of such data in the U.S. and outside the U.S. Where applicable, we maintain agreements in place with our contractors and processors that include standard contractual clauses to protect your rights with respect to your data. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

Morley does not knowingly sell or share data of users under the age of sixteen (16).

NOTICE TO CERTAIN RESIDENTS OF DATA SUBJECT RIGHTS

A. Notice to California Residents

To the extent any California data privacy law applies to the collection of your Information, this supplemental section of our Privacy Policy outlines the rights that California residents may have, and how they can exercise those rights. This notice applies solely to California residents. We provide the supplemental section below to comply with the California Consumer Privacy Act [as amended by the California Privacy Rights Act (referred to collectively hereinafter as CCPA)] and any terms defined in the CCPA have the same meaning when used below.  

1. Your Privacy Rights Under CCPA

You have the following rights under applicable California law in relation to your personal Information, subject to certain exceptions: 

• Right to Know and Access Specific Information. You have the right to, up to twice in a 12-month period, request that we disclose what personal Information we collect, use, disclose, share, and/or sell, as applicable. Once we receive and confirm a verifiable consumer request from you, we will disclose to you, to the extent permitted by law:
• • The categories of Information we collected about you, and whether we sell or share your Information to third parties;
  • The specific pieces of Information we hold about you;
  • The categories of personal Information sold within the last 12 (twelve) months;
  • The categories of sources from which Information about you is collected;
  • Our business or commercial purpose for collecting, selling, or sharing your Information; and
  • The categories of third parties with whom your Information is sold, shared, or disclosed for a business purpose.
  • You have the right to request that the Information described above be provided to you in a portable and readily useable format, to the extent technically feasible (“data portability”). 
• Right to Delete.  You have the right to request the deletion of your personal Information that is collected by us subject to certain exceptions. To the extent that we can delete your Information, once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Information, unless an exception applies. 
• Right to Opt-Out of Sale and Sharing of Personal Information. You have the right to opt out of the processing of your Information for the following purposes:
• • Sale of your Information; and
  • Sharing of your Information for cross-context behavioral advertising.

The use of online tracking technologies may be considered a “sale” or “sharing” under California law. To the extent that these online tracking technologies are deemed to be a “sale” or “sharing” under California law, you may opt out of these online tracking technologies by clicking on the Do Not Sell link on our Website or by broadcasting an opt-out preference signal, such as the Global Privacy Control (GPC).

• Right to Non-Discrimination. You have the right not to receive discriminatory treatment for the exercise of the privacy rights described above. We may not, and will not, treat you differently because of your data subject request activity. As a result of your data subject request activity, we may not and will not deny goods or Services to you, charge different rates for goods or Services, provide a different level quality of goods or Services, or suggest that we would treat you differently because of your data subject request activity.  
• Right to Correct Inaccurate Information. To the extent that we may maintain inaccurate personal Information, you have the right to correct inaccurate Personal Information that we maintain about you, taking into account the nature of the personal Information and the purposes of the processing of the personal Information. Once we receive and verify your verifiable consumer request, we will use commercially reasonable efforts to correct your personal Information.
• Right to Limit Use and Disclosure of Sensitive Personal Information. You have the right to request that we limit the ways we use and disclose your sensitive personal Information (as defined by CCPA) to uses which are necessary for us to perform the Services, or deliver the goods reasonably expected by you, or and as authorized by law.
• Right to Disclosure of Direct Marketers. Pursuant to Section 1798.83-.84 of the California Civil Code (Shine the Light), you have a right to request the categories and names/addresses of third parties that have received personal Information for their direct marketing purposes upon simple request, and free of charge.

 You may submit a request to delete, correct, and/or to know by contacting us at 800.832.7368, or by emailing us at ca-data-request@morleynet.com, subject “California Data Subject Request.” Once we receive your request, we will follow up in no later than 10 days, confirm receipt of your request, and request information about you that we have collected, as set forth above, to allow us to verify your identity to ensure that you are submitting a request on behalf of who you say you are.  

To submit a Shine the Light request, please contact us by emailing us at ca-data-request@morleynet.com, with “CA Shine the Light Privacy Requests” in the subject line. Please note that, under the law, we are not required to respond to your request more than once in a calendar year, nor are we required to respond to any requests that are not sent to the above-designated email. 

2. Authorized Agent

You can also have an authorized representative submit a request on your behalf, but we must have proof that the person is indeed your authorized representative by seeing an authorization document that you have signed. This can include a Power of Attorney or other similar authorizing document. 

3. Additional Information

To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.  

We currently do not collect household data. If we receive a Right to Know or Right to Delete request submitted by all members of a household, we will individually respond to each request. We will not be able to comply with any request by a member of a household under the age of sixteen (16), as we do not collect personally identifying information from any person under the age of sixteen (16). 

B. Notice to Virginia Residents

To the extent any Virginia data privacy law applies to the collection of your Information, this supplemental section of our Privacy Policy outlines the individual rights guaranteed to Virginia residents and how to exercise those rights and applies solely to Virginia residents. We provide the supplemental section below to comply with the Virginia Consumer Data Protection Act (“VCDPA”) and any terms defined in the VCDPA have the same meaning when used below.   

1. Your Privacy Rights under VCDPA

Subject to certain exceptions you may be entitled to the following rights:

• Right to Access & Data Portability. You have the right to request that we disclose certain Information to you about our collection and use of your Information at any time. Once we receive and confirm an authenticated consumer request from you, we will, subject to certain exceptions:
  • Disclose whether we are processing your Information; and
  • Provide you with access to your Information.

Where the processing is carried out by automated means, and subject to certain exceptions, you have the right to request and obtain a copy of your Information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the Information to another data controller without hindrance.

• Right to Correct Inaccurate Information. To the extent that we may maintain inaccurate Information, you have the right to request that we correct such inaccurate Information taking into account the nature of the personal Information and the purposes of the processing of the personal Information. Once we receive and verify your authenticated consumer request, we will use commercially reasonable efforts to correct your Information. 
• Right to Delete. You have the right to request that we delete certain of your Information provided by or obtained about you. To the extent that we can delete your Information, once we receive and confirm your authenticated consumer request, we will delete (and direct our service providers to delete) your Information, subject to certain exceptions.
• Sale of Personal Information, Targeted Advertising, Profiling, and the Right to Opt Out. You have the right to opt out of the processing of your Information for the following purposes: 
  •  Targeted advertising;
  • Sale of your Information; and
  • Profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
• Right to Appeal. You have the right to appeal our denial of any request you make under this section. To exercise your right to appeal, please submit an appeals request via the information in the How To Contact Us section below. Within sixty (60) days of receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, you may contact the Virginia Office of the Attorney General by:
  • Contacting online: www.oag.state.va.us/consumer-protection/file-a-complaint
  • Calling:
    • If calling from Virginia, call the Consumer Protection Hotline at 1.800.552.9963.
    • If calling from the Richmond area or from outside Virginia, call the Consumer Protection Hotline at 1.804.786.2042.
• Right to Non-Discrimination. You have a right to not be discriminated against in the Services or quality of Services you receive from us for exercising your rights. We will not discriminate against you for exercising any of your rights in this section, including denying goods or Services, charging different prices or rates for goods or Services, or providing a different level of quality of goods and Services. However, we may offer a different price, rate, level, quality, or selection of goods or Services, including offering goods or Services for no fee, if you have exercised your right to opt out or the offer is related to your voluntary participation in a bona fide loyalty, rewards, premium features, discounts, or club card program.  

You may make an authenticated consumer request under the VCDPA twice within a 12-month period. To exercise the rights described above, see the Exercising Your Rights section below.

2.  Additional Information 

To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.  

C. Notice to Colorado Residents

To the extent any Colorado data privacy law applies to the collection of your Information, this supplemental section of our Privacy Policy outlines the individual rights guaranteed to Colorado residents and how to exercise those rights and applies solely to Colorado residents. We provide the supplemental section below to comply with the Colorado Privacy Act (“CPA”) and any terms defined in the CPA have the same meaning when used below.   

1.    Your Privacy Rights under CPA

Subject to certain exceptions you may be entitled to the following rights:

• Right to Access & Data Portability.  You have the right to request that we disclose certain Information to you about our collection and use of your Information at any time. Once we receive and confirm an authenticated consumer request from you, we will, subject to certain exceptions:
  • Disclose whether we are processing your Information; and
  • Provide you with access to your Information where we process it.

Where exercising your right to access, you have the right to request and obtain a copy of your Information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the Information to another data controller without hindrance (“data portability”).

• Right to Correct Inaccurate Information. To the extent that we may maintain inaccurate personal Information, you have the right to request that we correct such inaccurate personal Information taking into account the nature of the personal Information and the purposes of the processing of the personal Information. Once we receive and verify your authenticated consumer request, we will use commercially reasonable efforts to correct your personal Information. 
• Right to Delete. You have the right to request that we delete certain of your Information provided by or obtained about you. To the extent that we can delete your Information, once we receive and confirm your authenticated consumer request, we will delete your Information, subject to certain exceptions.
• Sale of Personal Information, Targeted Advertising, Profiling, and the Right to Opt Out. You have the right to opt out of the processing of your Information for the following purposes:
  • Targeted advertising;
  • Sale of your Information; and
  • Profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
• Right to Appeal. You have the right to appeal our denial of any request you make under this section. To exercise your right to appeal, please submit an appeals request via the information in the How To Contact Us section below. Within forty-five (45) days of receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for the decisions.  If you have concerns regarding the results of your appeal, you may contact the Colorado Office of the Attorney General by:
  • Contacting online: complaints.coag.gov/s/contact-us
  • Calling: 720.508.6000

You may make an authenticated consumer request free of charge under the CPA once within a 12-month period. We reserve the right to charge a reasonable fee for a second or subsequent request within the same 12-month period. To exercise the rights described above, see the Exercising Your Rights section below.

2. Sensitive Data

If we process sensitive data, we do so with your consent. 

3. Authorized Agent

You may use an authorized agent to submit verifiable consumer requests on your behalf.  An authorized agent is a natural person or a business entity that you have authorized to act on your behalf.  If you use an authorized agent, we will require: (1) proof of written permission for the authorized agent to make requests on your behalf, and identity verification from you; or (2) proof of power of attorney pursuant to Colo. Rev. Stat. § 15-14-705. We may deny a request from an authorized agent that does not submit proper verification proof.

D. Notice to Connecticut Residents

To the extent any Connecticut data privacy law applies to the collection of your Information, this supplemental section of our Privacy Policy outlines the individual rights guaranteed to Connecticut residents and how to exercise those rights and applies solely to Connecticut residents. We provide the supplemental section below to comply with the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”) and any terms defined in the CTDPA have the same meaning when used below.

1.    Your Rights under CTDPA

Subject to certain exceptions you may be entitled to the following rights:

• Right to Access & Data Portability.  You have the right to request that we disclose certain Information to you about our collection and use of your Information at any time.  Once we receive and confirm an authenticated consumer request from you, we will, subject to certain exceptions:
  • Disclose whether we are processing your Information; and
  • Provide you with access to your Information where we process it.

Where the processing is carried out by automated means, and subject to certain exceptions, you have the right to request and obtain a copy of your Information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the Information to another data controller without hindrance.

• Right to Correct Inaccurate Information. To the extent that we may maintain inaccurate personal Information, you have the right to request that we correct such inaccurate personal Information taking into account the nature of the personal Information and the purposes of the processing of the personal Information. Once we receive and verify your authenticated consumer request, we will use commercially reasonable efforts to correct your personal Information. 
• Right to Delete.  You have the right to request that we delete certain of your Information provided by or obtained about you. To the extent that we can delete your Information, once we receive and confirm your authenticated consumer request, we will delete (and direct our service providers to delete) your Information, subject to certain exceptions.
• Sale of Personal Information, Targeted Advertising, Profiling, and the Right to Opt Out.  You have the right to opt out of the processing of your Information for the following purposes:
  • Targeted advertising;
  • Sale of your Information; and
  • Profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
• Right to Non-Discrimination. You have a right to not be discriminated against in the Services or quality of Services you receive from us for exercising your rights. We will not discriminate against you for exercising any of your rights in this section, including denying goods or Services, charging different prices or rates for goods or Services, or providing a different level of quality of goods and Services. However, we may offer a different price, rate, level, quality, or selection of goods or Services, including offering goods or services for no fee, if you have exercised your right to opt out or the offer is related to your voluntary participation in a bona fide loyalty, rewards, premium features, discounts, or club card program.  
• Right to an Appeal. You have the right to appeal our denial of any request you make under this Section. To exercise your right to appeal, please submit appeals request to us by either: 
  • Emailing us at privacy@morleynet.com
  • Calling us at 800.832.7368

Within sixty (60) days of receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, you may contact the Connecticut Office of the Attorney General by:

• • Contacting online: www.dir.ct.gov/ag/complaint
  • Calling: The Consumer Assistance Unit at 860.808.5420.

You may make an authenticated consumer request under the CTDPA once within a 12-month period. To exercise the rights described above, see the Exercising Your Rights section below.

2. Authorized Agent

You may use an authorized agent to submit verifiable consumer requests on your behalf. An authorized agent is a natural person or a business entity that you have authorized to act on your behalf.  If you use an authorized agent, we will require: (1) proof of written permission for the authorized agent to make requests on your behalf, including through technology means, and identity verification from you; or (2) proof of power of attorney. We may deny a request from an authorized agent that does not submit proper verification proof.

3. Additional Information

To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.

E. Notice to Utah Residents

To the extent any Utah data privacy law applies to the collection of your Information, this supplemental section of our Privacy Policy outlines the individual rights guaranteed to Utah residents and how to exercise those rights and applies solely to Utah residents. We provide the supplemental section below to comply with the Utah Consumer Privacy Act (“UCPA”) and any terms defined in the UCPA have the same meaning when used below.   

1.    Your Rights under UCPA

Subject to certain exceptions you may be entitled to the following rights:

• Right to Access & Data Portability. You may have the right to request that we disclose certain Information to you about our collection and use of your Information at any time. Once we receive and confirm an authenticated consumer request from you, we will, subject to certain exceptions:
  • Disclose whether we are processing your Information.
  • Provide you with access to your Information where we process it.

Where the processing is carried out by automated means, and subject to certain exceptions, you have the right to request and obtain a copy of your Information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the Information to another data controller without hindrance (“data portability”).

• Right to Delete. You have the right to request that we delete certain of your Information provided by or obtained about you. To the extent that we can delete your Information, once we receive and confirm your authenticated consumer request, we will delete (and direct our service providers to delete) your Information, subject to certain exceptions.
• Right to Non-Discrimination. We will not discriminate against you for exercising any of your rights in this section, including denying goods or Services, charging different prices or rates for goods or Services, or providing a different level of quality of goods and Services.
• Sale of your Personal Information, Targeted Advertising, and Right to Opt Out. You have the right to opt out of the processing of your Information for the following purposes:
  • Targeted advertising; and
  • Sale of your Information.

You may make an authenticated consumer request free of charge under the UCPA once within a 12-month period. We reserve the right to charge a reasonable fee for a second or subsequent request within the same twelve 12-month period. To exercise the rights described above, see the Exercising Your Rights section below. 

F. Notice to Individuals in the European Economic Area and the UK

The EU General Data Protection Regulation (“GDPR”) became effective in the European Union as of May 25, 2018. In preparation for the GDPR, we reviewed our internal processes and put policies and procedures in place to attempt to meet the requirements and standards of the GDPR, and any relevant data protection laws. 

We are not established in the EEA; however, this section applies only to individuals coming to our Services from within the European Union (EU), the European Economic Area (EEA), and the United Kingdom (UK), and only if we collect through the Services any Information from you that is considered “Personal Data,” as defined in the GDPR and the UK Data Protection Act 2018.

Personal Data includes any Information relating to an identified or identifiable natural person, who could be identified either directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (which may include some or all your Information as defined in this Privacy Policy). 

1. Identity and Contact Details of Controller and EU Representative 

Unless otherwise stated, we are the Data Controller for the Information we process.

Contact Details:

Email: privacy@morleynet.com

Call us: 800.832.7368

Write us: Morley Companies
One Morley Plaza
Saginaw, MI 48603

2. Your Data Protection Rights

To the extent the GDPR and Data Protection Act 2018 apply, and we hold your Information in our capacity as a Data Controller as defined under those laws you may request that we:    

• Restrict the way that we process and share your Information;
• Transfer your Information to a third party;
• Provide you with access to your Information;
• Remove your Information if no longer necessary for the purposes collected;
• Update your Information, so it is correct and not out of date; and/or
• Object to our processing of your Information. 

If we have collected and processed your personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal Information conducted in reliance on lawful processing grounds other than consent. 

You have the right to withdraw your consent to our collection and/or processing of your Information at any time by contacting us in the following ways:

Email: privacy@morleynet.com

Call us: 800.832.7368

Write us: Morley Companies, Inc.
One Morley Plaza
Saginaw, MI 48603

You have the right to complain to a data protection authority about our collection and use of your personal Information, although we invite you to contact us with any concern as we would be happy to try and resolve it directly. Contact details for data protection authorities in the EEA, Switzerland, and certain non-European countries (including the U.S. and Canada) are available. 

To exercise any of your data subject rights, please contact us at privacy@morleynet.com. We will respond to your request without undue delay, and, in any event, within one month of receipt of the request. That period may be extended by two (2) further months where necessary, taking into account the complexity and number of the requests we receive. If we take an extension, we shall inform you within one (1) month of our receipt of the original request, together with the reasons for delay. 

3. Legal Basis for Processing Personal Information 

If you are a visitor/customer located in the EEA, our legal basis for collecting and using the personal Information described above will depend on the personal Information concerned and the specific context in which we collect it.  However, we will normally collect personal Information from you only where we have your consent to do so, where we need the personal Information to perform a contract with you, where it is necessary to protect your vital interests or those of another person, or where the processing is in our legitimate interests and not overridden by your data protection interests, or fundamental rights and freedoms.  In some cases, we may also have a legal obligation to collect personal Information from you.

Depending on what Personal Data we collect from you and how we collect it, we may also rely on various grounds for processing your Personal Data, including the following reasons:

• Processing on the basis of legitimate business interests. When we process Personal Data on the basis that the processing is necessary for our legitimate business interests, such interests include: (i)  providing, improving, and promoting our Services; (ii) communicating with current and potential customers, other business partners, and their individual points of contact; (iii) managing our relationships with our customers and other business partners, and their individual points of contact; (iv) other business development purposes; (v) sharing Information within the Company, as well as with service providers and other third parties; and (vi) maintaining the safety and security of our products, Services, and employees, including fraud protection.
• Processing on the basis of performance of a contract. Examples of situations in which we process Personal Data as necessary for performance of a contract include e-commerce transactions in which you purchase a service from us.
• Processing on the basis of consent. Examples of processing activities for which we may use consent as its legal basis include: (i) collecting and processing precise location Information from your mobile device; (ii) sending promotional emails when consent is required under applicable law; and (iii) processing Personal Data on Company Services through cookies and similar technologies when consent is required by applicable law.
• Processing because we are under a legal obligation to do so.  Examples of situations in which we must processes Personal Data to comply with our legal obligations include: (i) providing your Personal Data to law enforcement agencies and other governmental bodies when required by applicable laws; (ii) retaining business records required to be retained by applicable laws; and (iii) complying with court orders or other legal processes.

If the processing of your Personal Data is based on your consent, the GDPR and Data Protection Act 2018 also allow users the right to access, revoke, or modify your consent at any time. Please see the How to Contact Us section, below, to review or modify your consents.  

4. Consent to Transfer

We maintain significant operations in the United States, and we may use service providers based in the United States to operate our business and our relationship with you. Please be aware that Information, including your Personal Data, that we collect will be transferred to, stored, and processed in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen. We maintain measures to address the transfer of your Personal Data between our group companies and between us and our third-party providers in accordance with applicable data protection laws and regulations.

5. Retention

We will retain your Information for as long as needed for the purposes described in this Privacy Policy. More specifically, the time we maintain your Information depends on the following factors:

• Whether we need the Information to provide the Services. We will maintain any data needed to provide you with the Services, such as contact Information and payment or transaction Information, for as long as needed for us to provide you with the Services, respond to your questions and requests, and/or administer your account (if applicable).
• Whether we need the Information to comply with our legal obligations. We may have legal obligations to maintain your Information where a legal or regulatory body may ask for it in the future, for example in response to a data subject request or complaint. This Information may include contact Information and location Information.
• Whether we need the Information for a legitimate business interest. We may store Information like contact Information, cookies, and location Information in order to perform analytics, troubleshoot errors, or improve our Services. In any event, we delete the Information when it is no longer needed for our legitimate interest.

REGARDLESS OF OUR REASON FOR RETAINING YOUR INFORMATION, WE DELETE ALL INFORMATION IN ACCORDANCE WITH OUR ROUTINE RECORD KEEPING POLICIES. “DO NOT TRACK” SIGNALS

We support “Do Not Track” (“DNT”). Some browsers incorporate a DNT feature that, when turned on, signals to websites and online services that you do not want to be tracked.  Do Not Track is different from Global Privacy Controls (“GPC”), which may notify websites of consumers’ privacy preferences regarding the sale or sharing of personal Information, or the use of sensitive personal Information.

CHILDREN’S INFORMATION

Our Service, including use of the Website, is not intended for children under thirteen (13) years of age. We do not knowingly collect personal Information from children under thirteen (13). If you are under thirteen (13), do not use or provide any Information on this Website or on or through any of its features, register on the Website, use any of the interactive or public comment features of this Website or provide any Information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal Information from a child under thirteen (13) without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under thirteen (13), please contact us at privacy@morleynet.com. 

EXERCISING YOUR DATA SUBJECT RIGHTS

To exercise any of the rights described above, please submit a verifiable consumer request to us via the methods described below. The verifiable consumer request must:

• Provide sufficient Information that allows us to reasonably verify you are the person about whom we collected Information, or an authorized representative; and
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

For purposes of requests to delete, correct, and to know, we will verify your identity based on Information we have collected about you, including your name, address, and phone number, but will not fulfill your request unless you have provided sufficient Information that enables us to reasonably verify that you are the consumer about whom we collected the personally identifying Information on. If we are unable to verify your identity, we may deny your request. 
 
We will respond to your request within the defined time proscribed by the applicable law, after receipt of your request. We reserve the right to extend the response time when reasonably necessary and provided that consumer notification of the extension is made within the first forty-five (45) days. We will give you notice of the reason for this additional time needed to process our request. 
 
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded or permitted by applicable by law. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

These rights are also subject to various exclusions and exceptions under applicable laws. 
 
We may also have to delay complying with a request to delete with respect to data stored on an archived or backup system until such time as that system is restored to an active system or is next accessed or used for sale, disclosure or commercial purpose.

Only you or your authorized agent may make a verifiable consumer request related to your Information. If you designate an authorized agent to make a request on your behalf, we may require you to provide the authorized agent written permission to do so and to verify your own identity directly with us (as described above). You may also make a verifiable consumer request on behalf of your minor child.  

Email us: privacy@morleynet.com

Call us: 800.832.7368

Write us: Morley Companies, Inc.
One Morley Plaza
Saginaw, MI 48603

DIFFICULTY ACCESSING OUR PRIVACY POLICY

Individuals with disabilities who are unable to usefully access our Privacy Policy online may contact us to inquire how they can obtain a copy of our policy in another, more easily readable format.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to change, modify, or amend this Privacy Policy at any time to reflect changes in our products and service offerings, accommodate new technologies, regulatory requirements, or other purposes. If we modify our Privacy Policy, we will update the “Effective Date” and such changes will be effective upon posting. It is your obligation to check our current Privacy Policy for any changes.

HOW TO CONTACT US

If you have any questions about this Privacy Policy or the Information we have collected about you, please contact us at the following:

Email us: privacy@morleynet.com

Call us: 800.832.7368

Write us: Morley Companies, Inc.
One Morley Plaza
Saginaw, MI 48603

Effective Date: Dec. 31, 2023