What This Privacy Policy Covers
  • This policy covers how Jera Concepts LLC (“Jera”) treats personal data that Jera collects and receives, including information related to your use of Jera products and services.
  • References to “data” in this Privacy Policy will refer to whatever data you use within our products and services to collect and or process, whether it is data collected in a form, data inserted on a site hosted by us, or data acquired on your behalf from sources internal or external to your organization.
  • “Personal data” is defined as information about you that is personally identifiable, such as your name, mailing address, email address, or other contact information, and that is not otherwise publicly available.
  • References to “GDPR” in this Privacy Policy refer to the General Data Protection Regulation adopted by the Parliament of the European Union and published as Regulation (EU) 2016/679 (General Data Protection Regulation), which become effective on May 25, 2018. The full text of the GDPR in English can be viewed at https://gdpr-info.eu/.This policy does not apply to the practices of companies that Jera does not own or control or to people that Jera does not employ or manage.
  • This policy does not apply to non-personal data, which means any data or information other than “personal data” as described above. If you are a store or business, data or information about your store or business that does not include data or information about you personally (such as store sales, orders or waste records) is "non-personal data."
  • This Privacy Policy is effective on May 25, 2018 or the date upon which you enter into a Subscription Agreement for one or more of Jera’s products and services, whichever is later.

Information Collection and Use
  • Jera collects personal data when you register with Jera, when you use Jera products or services, when you visit Jera’s website, and when you enter Jera promotions or special offer codes.
  • When you register, we ask for information such as your name, alternate email address, zip code, company name, and contact information. Once you register with Jera and use our services, you are not anonymous to us.
  • Jera collects information about your transactions with us and with some of our business partners and affiliates, including information about your use of the products and services that we offer.
  • Jera may automatically receive and record information on our server logs from your browser, including your IP address, Jera cookie information, and the page you request.
  • Jera uses information for the following general purposes: to customize our website, advertising and content, to fulfill your requests for products and services, to improve our services and customer relations, to contact you, and to conduct research.
  • Jera and/or our selected third-party partners may also collect data about visitors’ activities on this Website and across the Internet over time for non-advertising purposes, including to conduct analytics, measure trends, and streamline website usability. The technologies used for this purpose may include log files, cookies, web beacons, and social media plug-ins. One of the service providers we may use is Google Analytics. To learn more about how Google Analytics collects and processes data and the choices you may have to control these activities, you may visit https://policies.google.com/privacy.
  • Jera does not knowingly collect or obtain from you or third parties, any “Sensitive Personal Data,” as defined under the GDPR. “Sensitive Personal Data” are personal data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data.

Children
  • Jera complies with the U.S. Children’s Online Privacy Protection Act (COPPA) and does not knowingly collect personal data from children under the age of thirteen (13) or from websites or online services directed to children under the age of thirteen (13).
  • If you are a visitor from the European Union (EU) or Switzerland, Jera does not process the personal data of a child younger than 16 years old. Jera makes reasonable efforts to verify in such cases that consent is given or authorized by the holder of parental responsibility over the child, taking into consideration available technology.
  • Consumers should not create Jera accounts on our Website or license our services, unless they are legally old enough to form a binding contract and in any case are 18 years of age or older. In the unlikely event that you are the parent or legal guardian of a child under 18, who has registered with the Jera website or has licensed services from us, please contact [email protected] to have your child’s personal data deleted.

Information Sharing and Disclosure

Jera does not sell, rent, or share personal data about you with other people or non-affiliated companies except to provide products or services that you have requested, when we have your permission, and under the following circumstances:

  • We provide the information to trusted partners and affiliates who work on behalf of or with Jera under confidentiality agreements. These companies may use your personal data to help Jera communicate with you about offers from Jera and our marketing partners and affiliates. However, these companies do not have any independent right to share this information;
  • We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or to defend against legal claims;
  • We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Jera’s terms of service, or as otherwise required by law;
  • We transfer information about you if Jera is acquired by or merged with another company. In this event, Jera will notify you before more information about you is transferred and becomes subject to a different privacy policy.
  • Jera may display targeted advertisements based on personal data. Advertisers (including ad serving companies) may assume that people who interact with, view, or click on targeted ads meet the targeting criteria.
  • Jera will not provide any personal data to the advertiser when you interact with or view a targeted ad. However, by interacting with or viewing an ad you are consenting to the possibility that the advertiser will make the assumption that you meet the targeting criteria used to display the ad.
  • Jera advertisers may include financial service providers (such as banks, insurance agents, stock brokers and mortgage lenders) and non-financial companies (such stores, airlines, and software companies).
  • If you are a franchisee or franchised business, Jera assumes that your franchise agreement requires you to disclose personal data about you and your business to your franchisor upon their request at any time. Even if such is not the case, Jera may have entered into an agreement with your franchisor that requires us to disclose non-personal data about your store or business to your franchisor as a condition to our being allowed to provide services to you and other franchisees. If Jera receives a request by your franchisor to disclose personal data about your business at any time, we will disclose such information solely to your franchisor. Any such disclosure will be subject to your franchisor’s privacy policy, rules and regulations as set forth in your franchise Operations Manual or on your franchisor’s Website and Jera will have no obligation or liability to you whatsoever with respect to such disclosure.

Cookies

Jera and our partners use cookies and similar technologies on our website that you agree to when you use our sites and, in the case of some cookies, for legitimate interests of delivering and optimizing our services (where the cookie delivers essential functionality). Cookies are small bits of data we store on the device you use to access our services so we can recognize repeat users. Each cookie expires after a certain period of time, depending on what we use it for. We use cookies and similar technologies for several reasons:

  • To gather metrics about your experience.
  • To make our services easier to use.
  • For security reasons. We use cookies to authenticate your identity and confirm whether you are currently logged into Jera or determine if an incident impacts you.
  • To provide you with personalized content. We store user preferences, your default language, device and browser information, your profile information which includes the level of usage of service and the web-pages on our site which you visit, so we can identify you across devices and personalize the content you see.
  • To improve our services. We use cookies to measure your usage of our services and track referral data, as well as to occasionally display different versions of content to you. This information helps us to develop and improve our services (it helps us focus on the parts of the service you seem most interested in) and optimize the content we display to you (which may include marketing content).
  • To advertise to you. Jera, or our service providers and other third parties we work with, place cookies when you visit our website and other websites or when you open emails that we send you, in order to provide you with more tailored marketing content (about our services or other services), and to evaluate whether this content is useful or effective. For instance, we evaluate which ads are clicked on most often, and whether those clicks lead users to make better use of our tools, features and services. If you don’t want to receive ads that are tailored to you based on your online activity, you may contact our customer service department and ask to “opt out”. Opting out in this way does not mean you will not receive any ads; it just means that you will not receive ads from such companies that have been tailored to you based on your activities and inferred preferences.

Your Rights
  • You have the right to access the information that Jera maintains about you, request deletion of your data, update your data, object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data and you correct or amend that information if it is inaccurate or has been processed in violation of privacy laws, to the extent allowed by law, including the General Data Protection Regulation (GDPR).
  • If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
  • You have the right to opt-out from our marketing communications at any time. You can exercise this right by clicking on the “unsubscribe” or “opt out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided under the “Questions and Suggestions” heading below.
  • You can choose to have Jera delete your record after account cancellation. Some information may remain archived in our system records after your account has been deleted.
  • You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

To exercise these rights, please email [email protected].


Confidentiality and Security
  • We limit access to personal data about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs.
  • We have physical, electronic and procedural safeguards to protect personal data about you.
  • Your Jera account information is password-protected.
  • In certain areas Jera used industry-standard SSL-encryption to protect sensitive data transmissions.
  • Jera encourages our customers to use SSH and SCP (secure Telnet and FTP) programs in order to better safeguard customer data.

How Long Do We Keep This Information For?
  • Jera retains personal data we collect from you as long as we have an ongoing legitimate business need to do so (for example, to provide you with a product or Personal data is defined as information about you that is personally identifiable, such as your name, mailing address, email address, or other contact information, and that is not otherwise publicly available)
  • Jera will delete or otherwise discard customer data or data we collect about you while using our services at our discretion or when you contact us to do so. You can initiate such a request by contacting our customer service department at [email protected].

Legal Basis For Processing (European Union and Switzerland Visitors Only)
  • If you are a visitor from the European Union (EU) and Switzerland, our legal basis for collecting and processing the information described above will depend on the information concerned and the specific context in which we collect and process it. We collect and process information from you only where we have your consent (Art. 6 para 1 lit. a) GDPR), where we need the information to provide our contractual obligation to you (Art. 6 para 1 lit. b) GDPR), or where we have a legitimate interest to do so.
  • If you wish to learn more about specific legal ground(s) we rely on to process your information for any particular purpose (including any legitimate interests we have to process information), then please contact us using the details provided below under “Questions and Suggestions”. However, by way of example, we rely on our legitimate interests to process information for fraud prevention and detection, provided these interests are not overridden by your data protection interests or fundamental rights and freedoms (Art. 6 para 1 lit. f) GDPR).

International Transfers
  • Jera operates its technology from servers located in the United States and the information it collects through clients is processed solely in the United States. Laws governing the collection and use of data in the European Union, Switzerland or United States may not be equivalent to those in the country where you reside, but Jera will at all times protect your data in accordance with this Privacy Policy.
  • Jera may share your information with our affiliates and other third parties described above who are based in countries outside of your country of residence. While some countries may not have data protection laws that are equivalent to those of the country in which you reside, we will take all reasonable measures to protect your information in accordance with this Privacy Policy and all applicable legal requirements.
  • If any of the recipients is located in a country without the adequate legal protection or safeguards for personal data, Jera will make reasonable efforts so the recipient adopts the principles described in this Privacy Policy.

Impact of Data Privacy Framework (DPF)

In July 2023 the former E.U.-U.S. Privacy Shield was replaced by the E.U.-U.S. Data Privacy Framework, the full text of which is available at www.dataprivacyframework.gov/s/framework-text.

The EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) were developed to facilitate transatlantic commerce by providing U.S. organizations with reliable mechanisms for personal data transfers to the United States from the European Union / European Economic Area, the United Kingdom (and Gibraltar), and Switzerland that are consistent with EU, UK, and Swiss law.

Organizations participating in the EU-U.S. DPF may receive personal data from the European Union / European Economic Area in reliance on the EU-U.S. DPF effective July 10, 2023. July 10, 2023 is the date of entry into force of the European Commission’s adequacy decision for the EU-U.S. DPF and the effective date of the EU-U.S. DPF Principles, including the Supplemental Principles and Annex I of the Principles. The adequacy decision enables the transfer of EU personal data to participating organizations consistent with EU law.

Organizations participating in the UK Extension to the EU-U.S. DPF may receive personal data from the United Kingdom and Gibraltar in reliance on the UK Extension to the EU-U.S. DPF effective October 12, 2023, which is the date of entry into force of the adequacy regulations implementing the data bridge for the UK Extension to the EU-U.S. DPF. The data bridge for the UK Extension to the EU-U.S. DPF enables the transfer of UK and Gibraltar personal data to participating organizations consistent with UK law.

The effective date of the Swiss-U.S. DPF Principles, including the Supplemental Principles and Annex I of the Principles is July 17, 2023; however, personal data cannot be received from Switzerland in reliance on the Swiss-U.S. DPF until the date of entry into force of Switzerland’s recognition of adequacy for the Swiss-U.S. DPF. The recognition of adequacy will enable the transfer of Swiss personal data to participating organizations consistent with Swiss law.

The Data Privacy Framework (DPF) program, which is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce and is more particularly described at www.dataprivacyframework.gov, enables eligible U.S.-based organizations to self-certify their compliance pursuant to the EU-U.S. DPF and, as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF. To participate in the DPF program, a U.S.-based organization is required to self-certify to the ITA via the Department’s DPF program website at www.dataprivacyframework.gov and publicly commit to comply with the DPF Principles. While the decision by an eligible U.S.-based organization to self-certify its compliance pursuant to and participate in the relevant part(s) of the DPF program is voluntary, effective compliance upon self-certification is compulsory. Once such an organization self-certifies to the ITA and publicly declares its commitment to adhere to the DPF Principles, that commitment is enforceable under U.S. law.

Jera is in the process of self-certifying its compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), and hereby publicly declares its commitment to the “DPF Principles” and the “Supplemental Principles” more particularly described at https://www.dataprivacyframework.gov/s/framework-text. As soon as Jera has been added to the Data Privacy Framework List available at www.dataprivacyframework.gov, we will update this Privacy Policy and notify you of such update via e-mail.


PRIVACY NOTICE FOR CERTAIN U.S. STATE RESIDENTS

This Supplemental Notice applies solely to residents of the States of California, Virginia, Colorado, Connecticut, and Utah who have interacted with us in the ways described in the introduction of this Privacy Policy, and who have certain privacy rights under the applicable laws in their state (respectively, the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act, the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, and the Utah Consumer Privacy Act; collectively, "Certain State Privacy Laws".)

This Supplemental Notice should not be construed as an admission that Jera is subject to Certain State Privacy Laws, does business in any state where Certain State Privacy Laws apply, or meets the jurisdictional threshold of any Certain State Privacy Law.

Information We Collect

We do not collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("personal information"). If you are a store or business, data or information about your store or business that does not include data or information about you personally (such as store sales, orders or waste records) is "non-personal information."

We do not collect any "sensitive personal information" as defined under Certain Privacy laws.

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Categories
Examples
Collected?
A. Identifiers
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
No
B. Personal information categories
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
No
C. Protected classification characteristics under California or federal law.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
No
D. Commercial information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
No
E. Biometric information
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
No
F. Internet or other similar network activity
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
No
G. Geolocation data
Physical location or movements.
No
H. Sensory data
Audio, electronic, visual, thermal, olfactory, or similar information.
No
I. Professional or employment-related information
Current or past job history or performance evaluations.
No
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
No
K. Audio, electronic, visual, or similar information
Recording of service calls.
No
L. Inferences drawn from other personal information
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
No

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you. For example, from users of our website when the user or their agent provides personal information to us.
  • Indirectly from you. For example, by observing your interactions on our website and by using cookies.

Sharing Personal Information and Non-Personal Information

We do not disclose personal information except as expressly provided in this Privacy Policy.

We may disclose non-personal information about your store or business to a third party for a business purpose. When we disclose non-personal information for a business purpose to franchisors or service providers, we enter a contract that describes the purpose and requires the recipient to both keep that non-personal information confidential and not use it for any purpose except performing the contract or (in the case of franchisors) in accordance with such franchisor’s Operations Manual and agreements with its franchisees.

In the preceding twelve (12) months, we have disclosed the following categories of non-personal information about your store or business for a business purpose:

Category D: Commercial Information

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes other than those set forth in this Privacy Policy without providing you notice.

We disclose your non-personal information for a business purpose to the following categories of third parties:

  • If you are a franchised business, your franchisor and its Affiliates.
  • Third parties to whom you or your agents authorize us to disclose your non-personal information in connection with products or services we provide to you.

In the preceding twelve (12) months, we have not sold any personal information of consumers collected from the Website as defined by Certain Privacy Laws.

We have not shared personal information or non-personal information with our Affiliates and service providers as disclosed above.

Your Rights and Choices

Certain Privacy Laws provide their residents with specific rights regarding their personal information. This section describes your rights if you are a resident subject to the Certain Privacy Laws and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you.
  • The categories of personal information sold, the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold; and
  • The categories of personal information disclosed for a business purpose.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Opt-Out Request Rights

You have the right to opt-out of the sharing of your personal information that we collected from you. Once we receive and confirm your verifiable consumer request to delete your personal information, we will delete (and direct our service providers to delete) your personal information from our records and stop sharing it, unless an exception applies.

Right to Request Correction of Inaccurate Information

You have the right to request correction of inaccurate information. Once we receive and confirm your verifiable consumer request, we will correct any inaccurate information identified in the request our records, unless an exception applies.

Right to Appeal

If you are a Virginia, Colorado or Connecticut resident and we were unable to fulfill your request, we will notify you. You may appeal our decision by emailing us at [email protected] within fourteen calendar days, including "Appeal Request" in the subject line, with a detailed reason for your appeal, as well as your state of residence. If you are dissatisfied with our decision on your appeal, you may contact your applicable state Attorney General:

Virginia
202 North Ninth Street
Richmond, Virginia 23219
Colorado
1300 Broadway, 10th Floor
Denver, CO 80203

Exercising Your Rights

To exercise the rights described above, please submit a verifiable consumer request to us by either:

  • Calling 508-686-8090 or by submitting a request to [email protected].
  • Only you or a person that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request, to process and fulfill the request, and for necessary record keeping.

Process Used to Verify an Access and/or Deletion Request

You will be required to submit 4 pieces of information including your name, address, email, and phone number. We will use this information to search our systems and determine if we have information about you. If we are able to locate information about you, we will fulfill your access and/or deletion request. If we are not able to match all 4 pieces of information you submit, we may provide you with a report that includes the categories of personal information we collect, use, disclose, and sell.

Response Timing and Format

We try to respond to a verifiable consumer request within 45 days of its receipt, unless a shorter time period applies under Certain Privacy Laws. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your rights under Certain Privacy Laws.


Changes to this Privacy Policy

Jera may revise this policy at any time. Any changes and/or updates to the policy will be updated directly on this page, and we will send a notification of the changes via the e-mail we have on file for your account, if you want ensure that you are on the list, please send a request to be added to the e-mail below . We encourage you to visit this page periodically to review our current privacy policy so that you will always know what information we gather and how we may use that information.


Questions and Suggestions

If you have questions or suggestions, please contact us at: [email protected]