Last Revised: 1/5/2024

​

California Privacy Rights

Higher Resources LLC ("we," "our," or "us") is committed to protecting the privacy of California residents and complying with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This policy outlines how we collect, use, and protect personal information, as well as your rights under California law.

​

1. Information We Collect

We may collect the following categories of personal information from clients and website visitors:

​

• Identifiers: Name, address, email, phone number, IP address

• Professional Information: Job title, employer name, work email

• Internet Activity: Browsing history, interaction with our website, cookie data

• Geolocation Data: General location based on IP address

• Inferences: Derived insights for service customization and client engagement

 

2. How We Use Your Information

We use personal information for various business and operational purposes, including:

​

• Providing, improving, and personalizing our consulting and documentation services

• Responding to inquiries, processing service requests, and handling transactions

• Marketing our services (with opt-out options available)

• Ensuring website functionality and enhancing security

• Fulfilling legal and regulatory obligations

 

3. Third-Party Sharing and Disclosure

We do not sell your personal information. However, we may share it with trusted third-party service providers (e.g., payment processors, IT support) solely to assist in service delivery and as required for business purposes. These third parties are bound by confidentiality agreements and may not use your data for other purposes. We may also disclose data if required by law or to protect our rights.

 

4. Your California Privacy Rights

As a California resident, you have specific rights under CCPA/CPRA:

• Right to Know: Request details on the personal information we collect and how it is used and shared.

• Right to Delete: Request deletion of your personal data, with exceptions where retention is legally required.

• Right to Correct: Request correction of inaccurate information.

• Right to Opt-Out: Request to opt-out of data sharing that could be classified as a “sale” under California law (though we do not sell your information).

• Right to Limit Use of Sensitive Personal Information: Limit the use of sensitive information for non-essential purposes.

• Right to Non-Discrimination: Exercise your rights without facing discrimination in service access or quality.

 

5. Exercising Your Rights

To exercise your rights or obtain further information, please contact us at [Your Contact Email] or call [Your Contact Phone Number]. We may require additional information to verify your identity before processing your request.

 

6. Updates to This Policy

This policy may be updated periodically to reflect changes in our practices or legal requirements. Changes will be posted here, with the updated policy effective immediately upon posting.

​

EU General Data Protection Regulation (GDPR) Compliance

Higher Resources LLC is dedicated to protecting the privacy and personal data of individuals within the European Union (EU) and European Economic Area (EEA). This GDPR Privacy Policy outlines our data collection, use, and processing practices in compliance with GDPR.

 

1. Data We Collect

In the course of providing consulting and documentation services, we collect:

• Identification Details: Name, email address, phone number, address

• Professional Data: Job role, employer, work-related information

• Technical Data: IP address, device information, browser type, and activity on our website collected via cookies (with user consent)

 

2. How We Use Your Data

We process personal data for:

• Delivering and improving our consulting services

• Personalizing user experiences and marketing communications (with your consent)

• Complying with legal requirements and regulatory obligations

 

3. Legal Basis for Processing

Our data processing activities are based on:

• Consent: For processing sensitive information and for cookie usage where consent is required.

• Contractual Necessity: For processing essential to service delivery.

• Legitimate Interests: For improving service offerings, securing our website, and client communication.

 

4. Your Rights Under GDPR

EU residents have specific rights, including:

• Right of Access: Request access to the personal data we hold about you.

• Right to Rectification: Request correction of inaccuracies.

• Right to Erasure: Request deletion of your data under certain conditions.

• Right to Restrict Processing: Request limitations on data processing in specific circumstances.

• Right to Data Portability: Request to obtain and reuse your data.

• Right to Object: Object to specific processing activities, such as marketing.

 

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and analyze site performance. Where required, we obtain user consent for cookie usage. You can control cookie preferences through your browser settings or use our cookie preference tool.

 

6. Data Security and Retention

We implement appropriate technical and organizational measures to secure your data against unauthorized access, alteration, or loss. We retain personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law.

 

7. Data Sharing with Third Parties

We may share personal data with third-party service providers and business partners only as necessary for service delivery, website analytics, and marketing (with consent). All third parties are contractually obligated to protect your data in line with GDPR.

 

8. International Data Transfers

Personal data may be transferred outside the EU/EEA to the United States. In such cases, we take appropriate steps to protect your data, including implementing data transfer agreements based on the EU's Standard Contractual Clauses.

 

9. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and the appropriate supervisory authorities in compliance with GDPR requirements.

 

10. Children’s Privacy

Our services are intended for professionals and not directed to individuals under 16. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a minor, we will promptly delete it.

 

11. Contact Us

If you have any questions, wish to exercise your GDPR rights, or need to submit a complaint, please contact us at [Your Contact Email] or call [Your Contact Phone Number].

 

12. Updates to This Policy

This GDPR Privacy Policy may be updated to reflect changes in legal requirements or our privacy practices. Updates will be posted here, and significant changes may require renewed consent where applicable.

​

Higher Resources LLC and its United States affiliates ("Higher Resources") comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as set forth by the U.S. Department of Commerce. Higher Resources has certified adherence to the EU-U.S. DPF Principles for processing personal data received from the European Economic Area (EEA) and the United Kingdom, as well as to the Swiss-U.S. DPF Principles for processing personal data received from Switzerland. For further details on the Data Privacy Framework (DPF) Program and to view our certification, please visit https://www.dataprivacyframework.gov/..

​

This Notice applies solely to personal information within the scope of Higher Resources’ Data Privacy Framework certifications.

​

Scope of Data Privacy Framework Certifications

​

Our certifications cover personal information related to the following:

​

• Personnel: Personal information regarding current, former, and prospective employees in connection with the employment relationship.

• Clients: Personal information regarding clients and their employees and customers, as necessary for the delivery of professional services and client relationship management.

• Third Parties: Personal information regarding third parties (such as service providers and contractors) and their employees for business management and administration of our relationships with such third parties.

 

These certifications do not apply to disclosures of personal information to third parties processing data for their own purposes when done at the request of the individual. Higher Resources discloses personal information to third-party service providers in the course of its business operations, including to deliver services to clients and manage business relationships. We require these third parties to maintain privacy protections aligned with the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF. Higher Resources may be liable if third-party providers fail to meet these obligations and Higher Resources is responsible for the incident causing the damage.

​

Legal Compliance and Data Requests

Higher Resources is subject to the investigatory and enforcement authority of the United States Federal Trade Commission (FTC). We may be required to disclose personal information to comply with legal, regulatory, or national security obligations, including requests from law enforcement, regulatory agencies, or other government bodies.

​

Dispute Resolution

EEA, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data transferred in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. DPF should contact Higher Resources at: info@higherresources.org.

​

If your issue remains unresolved, you may escalate it:

​

• For Personnel Data: Contact your local data protection authority.

• For Other Personal Information: Contact the International Centre for Dispute Resolution/American Arbitration Association (ICDR/AAA) via their website.

 

In certain situations, individuals may engage in binding arbitration with the applicable Data Privacy Framework Panel.

​

Cooperation and Compliance Commitments

Higher Resources commits to cooperate with EEA data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), and will comply with guidance provided by these authorities to ensure compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF regarding human resources data transferred from the EEA, the UK, and Switzerland for employment purposes.