General Data Protecttion Regulation (GDPR) & California Consumer Protection Act (CCPA)

This section of the document applies to you if you are a resident of European Union (EU), European Economic Area (EEA) or United Kingdom (UK), or if you are a California resident. We are bound by applicable law to make the below disclosure to you in respect to your personal data gathered by us. This document must be read in addition to our Privacy Policy statement posted on our Site. This document supplements our Privacy Policy, and does not replace it.

1. What is the GDPR Privacy legal/lawful basis for which we use your personal information?

For the purposes of the GDPR (General Data Protection Regulation), you hereby acknowledge that all processing of your personal information will be justified by a “lawful ground” for processing. In the majority of cases, processing will be justified on the basis that:

• Consent: You have given your consent for processing personal data for one or more specific purposes.
• Performance of a contract: Provision of personal data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
• Legal obligations: Processing personal data is necessary for compliance with a legal obligation to which we are subject.
• Vital interests: Processing personal data is necessary in order to protect your vital interests or of another natural person.
• Public interests: Processing personal data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
• Legitimate interests: Processing personal data is necessary for the purposes of the legitimate interests pursued by the Company.

In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract. Feel free to contact us for this purpose at te***@we************.com.

2. Rights of EU, EEA and UK users

This section of the Policy supplements the other provisions of this Privacy Policy, and applies to you if you are in the EU, the European Economic Area (EEA) or UK. For the purposes of GDPR, your DATA CONTROLLER is Wealth Marathon Financial Inc, a corporation, having its principal office at #250-997 Seymour St. Vancouver, BC, Canada V6B 3M1.

ALL YOUR USER INFORMATION WILL BE COLLECTED, STORED, PROCESSED AND SHARED STRICTLY IN ACCORDANCE, IN LINE AND FULL COMPLIANCE WITH REGULATION (EU) 2016/679 (SIMPLY CALLED “GDPR”) AND DIRECTIVE 2002/58/EC (SIMPLY CALLED “E-PRIVACY DIRECTIVE, 2002”) OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (HERINAFTER COLLECTIVELY REFERRED TO AS THE “EU REGULATION”).

Under applicable EU regulation, you have the following rights in respect of your personal information:

• Right to obtain information: to obtain information about how and on what basis your personal information is processed and to obtain a copy;
• Right to rectification: You have the right to have any incomplete or inaccurate information we hold about you rectified and corrected.
• Right of Erasure: to erase your personal information in limited circumstances where (a) you believe that it is no longer necessary for us to hold your personal information; (b) we are processing your personal information on the basis of legitimate interests and you object to such processing, and we cannot demonstrate an overriding legitimate ground for the processing; (c) where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal information; and (d) where you believe the personal information we hold about you is being unlawfully processed by us;
• Right of restriction: to restrict processing of your personal information where: (a) the accuracy of the personal information is contested; (b) the processing is unlawful but you object to the erasure of the personal information; (c) we no longer require the personal information for the purposes for which it was collected, but it is required for the establishment, exercise or defence of a legal claim or (d) you have objected to us processing your personal information based on our legitimate interests and we are considering your objection;
• Right to object: to object to decisions which are based solely on automated processing or profiling;
• Right to ask for a copy: where you have provided your personal information to us with your consent, to ask us for a copy of this data in a structured, machine-readable format and to ask us to share (port) this data to another data controller; or to obtain a copy of or access to safeguards under which your personal information is transferred outside of the EEA.
• Right to withdraw your consent. You have the right to withdraw your consent on using your personal data. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of our services.
• Request the transfer of your Personal Data. We will provide to you, or to a third-party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, to the processing of your personal data by us and we may be required to no longer process your personal data. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.

In addition to the above, you have the right to lodge a complaint with a supervisory authority for data protection. Please note that the right of access and the right to erasure do not constitute absolute rights and the interests of other individuals may restrict your right of access or erase in accordance with local laws.

We will ask you for additional data to confirm your identity and for security purposes, before disclosing data requested by you. We reserve the right to charge a fee where permitted by law. We will decline to process requests that jeopardize the privacy of others, are extremely impractical, or would cause us to take any action that is not permissible under applicable laws. Additionally, as permitted by applicable laws, we will retain where necessary certain personal information for a limited period of time for record-keeping, accounting and fraud prevention purposes.

To make such requests, please contact us at te***@we************.com.

3. California Resident Rights

This section of the Policy applies to you, if you are a California resident, as per California Consumer Policy Act, 2018 (simply called “CCPA”) and California Online Privacy Protection Act (simply called “COPPA”). This privacy notice section for California residents supplements the information contained in our Privacy Policy and it applies solely to all visitors, users, and others who reside in the State of California.

Categories of Personal Information Collected

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. The following is a list of categories of personal information which we may collect or may have been collected from California residents within the last twelve (12) months.

Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by us, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if you provided such personal information directly to us.

• Category A: Identifiers.

Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver’s license number, passport number, or other similar identifiers.

Collected: Yes.

• Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Collected: Yes.

• Category C: Protected classification characteristics under California or federal law.

Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Collected: No.

• Category D: Commercial information.

Examples: Records and history of products or services purchased or considered.

Collected: Yes.

• Category E: Biometric information.

Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Collected: No.

• Category F: Internet or other similar network activity.

Examples: Interaction with our Service or advertisement.

Collected: Yes.

• Category G: Geolocation data.

Examples: Approximate physical location.

Collected: No.

• Category H: Sensory data.

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

Collected: No.

• Category I: Professional or employment-related information.

Examples: Current or past job history or performance evaluations.

Collected: No.

• Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Collected: No.

• Category K: Inferences drawn from other personal information.

Examples: Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Collected: No.

Under CCPA, personal information does not include:

• Publicly available information from government records
• Deidentified or aggregated consumer information
• Information excluded from the CCPA’s scope, such as:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data
  • Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994

We use the personal information that we collect or receive for the business purposes as described above. We may disclose the above listed categories of personal information to third parties for business purposes as described above. As previously mentioned in this Policy, we do not “sell” (as such term is defined in the CCPA) personal information.

You are entitled to the following specific rights under the CCPA in relation to personal information related to you:

• You have a right to request that we will disclose certain information to you about our collection and use of personal information related to you over the past 12 months, including: (i) The categories of personal information that we collect about you; (ii)The categories of sources from which the personal information is collected; (iii) The purposes for collecting, using, or selling that personal information. (iv) The categories of personal information that we disclosed for a business purpose or sold, and the categories of third parties to whom we disclosed or sold that particular category of personal information. (v) The specific pieces of personal information that we have collected about you.
• You have a right to request that we delete personal information related to you that we collected from you under certain circumstances and exceptions.
• You also have a right not to be discriminated against for exercising your rights under the CCPA.
• You also have a right to submit your request via an authorized agent. If you use an authorized agent to submit a request to access or delete your personal information on your behalf, the authorized agent must: (1) be a person or business entity registered with the California Secretary of State to conduct business in California; (2) provide proof of such registration; and (3) provide documentation or other proof indicating that they are authorized to act on your behalf. We may also require you to verify your identity directly with us, and directly confirm with us that you provided the authorized agent permission to submit the request.

To make such requests, please contact us at te***@we************.com.

We will verify your request using the information associated with your account, including email address. Government identification may also be required.

A request for access can be made by you only twice within a 12-months period. Any disclosures that we provide will only cover the 12-months period preceding receipt of your request. We do not charge a fee to process or respond to your verifiable User request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such decision and provide you with a cost estimate before processing further your request.

4. Questions and Concerns

Do you any questions about this policy? If yes, please feel free to write to us at te***@we************.com.