1. JOB APPLICANTS

Where you have applied for a job with Franchise Direct, this section relates to you.

1.1. How we collect your personal data

Information about you, including your personal data, is gathered when you apply for a job with us either directly or indirectly via employment agencies or online job websites such as LinkedIn. We also may obtain personal data indirectly from referees you nominate to us or from your professional social media profile link you provide to us as part of the job application.

1.2. The personal data we use

Franchise Direct will process and use all personal data included in your CV, job application correspondence and collected as part of the application process, including:

• IDENTITY DATA, including your
  
  1. first name, surname, salutation;
  2. date of birth (if included on your CV);
     
  3. photographic identification, where your photograph is included on your CV;

• CONTACT DATA, including your email address, home address, telephone number(s);
  
• PREFERENCES, in respect of the job you are applying for with us;
  
• OCCUPATIONAL, including
  
  1. the name of your employer, your job title and department;
     
  2. your employment and education history and any other information contained in a CV provided to us as part of a job application.
     

• STATEMENTS ABOUT YOU, including
  
  1. references we obtain from your nominated referees as part of a job application;
  2. notes we make in relation to your suitability;
  3. statements made as part of the interview and evaluation process when you apply for a job with us.

1.3. The purpose and legal basis for processing your personal data

We process your personal data for the purpose of recruiting staff. This includes the following, which we deem necessary for the purposes of entering into an employment contract with you (i.e. assess your suitability to enter into the contract):

• Identifying you and processing your job application;
  
• Verifying the information you provided and assessing your suitability for the role;
  
• Making a decision on whether to offer you a job and the provision of feedback to you in relation to your application.

  We may also need to use your personal data for the purpose of satisfying our employment law obligations, in particular in relation to equality.

1.4. Who we share your personal data with

Your personal data will be shared to relevant staff within Franchise Direct but also to a limited number of third parties where it is necessary to do so, including:

1.   To your nominated referees;
   
2.   To third party companies or individuals who are providing recruitment services to us;
   
3.   To third parties who are providing services to us to enable us to manage the relationship with you, including our software and consultancy service providers.

   Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data.

1.5. Consequences of not giving your data to us

You are not under any obligation to provide your personal data to us. However, we do need some personal data in order to consider a job application from you and failure to provide this information may result in us not being able to consider you for the position or role.

1.6. How long we keep your personal data for

Personal data is kept in a form, which permits data subject identification only for as long as is permitted while following fair and lawful processing. No personal data will be kept for a period longer than necessary.

2. WEBSITE VISITORS

Cookies

Cookies are small text files that can be used by websites to make a user's experience more efficient. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.  Please see our Cookies Policy for more information.

Inbound Communications

You may also choose to provide personal data directly to us by way of contacting us via our contact form on our website. The information contained in the contact form includes your contact information, company information and contact reason (including a free text box for your message).

The communications via the Contact Form are kept private by being sent directly to our email, which we then use to manage and respond accordingly. The personal data is only shared with the third parties who supply software to enable us to receive, manage and respond to these communications. This inbound communication management is in line with our legitimate interests to run our business.

Newsletter Subscriptions

Please see section “Mailing List” below.

Our website is secured by SSL technology, which encrypts all information submitted through our website.

3. MAILING LIST

Where you have subscribed to our newsletter or been added to our mailing list, this section relates to you.

3.1. How we collect your personal data

Information about you, including your personal data, is gathered directly from you when you check the box on the Request Information form or submit your email address to Our Newsletter form.

subscribe to the newsletter via our website or when you are added to our mailing list through your relationship with us as a client, event attendee, or otherwise.

3.2. The personal data we use

To send you direct marketing emails, we process and use your:

• IDENTITY DATA, including your first name and surname;
  
• CONTACT DATA, being your email address;
  

3.3. The purpose and legal basis for processing your personal data

We only process your personal data where it is lawful and necessary to do so. Your personal data is processed in accordance with:

• Your consent where you have subscribed to the mailing list;
  
• Our legitimate interests to provide relevant marketing material to you where you remain opted-in – you are provided with an opportunity to opt-out when you first register your interest in a Franchise advertised on our site.

  You can unsubscribe at any time by clicking the “unsubscribe” button within our emails, or by emailing us at privacy@franchisedirect.com.

3.4. Who we share your personal data with

Your personal data will be shared to a limited number of third parties where it is necessary to do so, including:

1.  To third parties who are providing services to us to enable us to manage the relationship with you, including our consultants, software providers (mailing list software), IT support providers, and financial statement auditors;
   
2.  To statutory, regulatory, government, or law enforcement bodies as required by law.

   Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data.

3.5. Consequences of not giving your data to us

You are not under any obligation to provide your personal data to us. However, please note that without your email address, we will be unable to add you to our mailing list.

3.6. How long we keep your personal data for

Personal data is kept in a form, which permits data subject identification only for as long as is permitted while following fair and lawful processing. No personal data will be kept for a period longer than necessary. You will remain on our mailing list until such time when you unsubscribe. You can unsubscribe at any time by clicking the “unsubscribe” button within our emails, or by emailing us at privacy@franchisedirect.com.

4. INDIVIDUALS WHO SEEK INFORMATION ABOUT FRANCHISE OPPORTUNITIES

Where you seek more information about a franchise business listed on our site(s) by submitting a Request Information form, this section relates to you.

4.1. How we collect your personal data

Information about you, including your personal data, is gathered directly from you when you complete one of our Request Information forms in order to obtain free information about franchise opportunities.

4.2. The personal data we use

We process and use all personal data included in the Request Information form, which includes:

• IDENTITY DATA, including your first name and surname;
  
• CONTACT DATA, including your email address and telephone number;
  
• LOCATION, being your state, zip/post code and country where you are located;
  
• FINANCIAL DATA, being the available cash you are interested in investing in a franchise opportunity;
  

• PREFERENCES, including the franchise opportunities you are interested in and your marketing preferences.

4.3. The purpose and legal basis for processing your personal data

We only process your personal data where it is lawful and necessary to do so. Your personal data is processed:

• To deliver the service to you in accordance with our terms and conditions, including to provide you with information on franchise opportunities, to share your details with the franchise business that you have identified in your Request Information form, to manage and protect our services, assets and information; 
  
• To meet our legal obligations, such as our data protection obligations to protect personal data of data subjects;
  
• To manage our everyday business needs in line with our legitimate interests, such as analysis, risk management, and to establish, exercise and safeguard our rights.

4.4. Who we share your personal data with

Your personal data will be shared to a limited number of third parties where it is necessary to do so, including:

1. To the franchise business(es) that you have identified in your Request Information form;
   
2. To third parties who are providing services to us to enable us to manage the relationship with you, including our consultants and software providers;
   
3. To our clients and prospective clients where you have provided us with consent to do so;
   
4. To statutory, regulatory, government or law enforcement bodies as required by law.

   Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data.

4.5. Consequences of not giving your data to us

You are not under any obligation to provide your personal data to us. However, if you do not provide the personal data required in the Request Information form, we will be unable to provide you with the services (including sharing your information with the franchise business(es) you have expressed an interest in).

4.6. How long we keep your personal data for

Personal data is kept in a form, which permits data subject identification only for as long as is permitted while following fair and lawful processing. No personal data will be kept for a period longer than necessary.  Where you have agreed to our terms and conditions, we retain the information for up to 7 years (depending on local legislation) after the date upon which the relationship ceased / if consent: when consent is withdrawn.

5. FRANCHISORS

Where you advertise your franchise business on our site(s), this section relates to you.

5.1. How we collect your personal data

We collect information about you, including your personal data, directly from you when you apply for our franchise services. This includes filling out the "Advertise Your Franchise Opportunities With Us" form, entering into an agreement with us, requesting a campaign or profile setup on our website, and creating a campaign/profile to promote your franchise opportunity.

5.2. The personal data we use

We process and use all personal data which includes:

• IDENTITY DATA, including your first name and surname;
  
• CONTACT DATA, including your email address and telephone number;
  
• LOCATION, being your state, zip/post code and country where you are located;
  
• FINANCIAL DATA, including bank account details and VAT, billing address;
  
• PREFERENCES, including the franchise opportunities you are interested in and your marketing preferences.
  

5.3. The purpose and legal basis for processing your personal data

We only process your personal data where it is lawful and necessary to do so. Your personal data is processed:

• To deliver the service to you in accordance with our terms and conditions, including to provide you with information on franchise opportunities; 
  
• To meet our legal obligations, such as our data protection obligations to protect personal data of data subjects;
  
• To manage our everyday business needs in line with our legitimate interests, such as analysis, risk management, and to establish, exercise and safeguard our rights.

5.4. Who we share your personal data with

Your personal data will be shared to a limited number of third parties where it is necessary to do so, including:

1. To third parties who are providing services to us to enable us to manage the relationship with you and to advertise your franchise opportunity, including our consultants and software providers;
   
2. To our clients and prospective clients where you have provided us with consent to do so;;
   
3. To statutory, regulatory, government or law enforcement bodies as required by law;

   Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data.

5.5. Consequences of not giving your data to us

You are not under any obligation to provide your personal data to us. However, if you do not provide the personal data required, we will be unable to provide you with the services.

5.6. How long we keep your personal data for

Personal data is kept in a form, which permits data subject identification only for as long as is permitted while following fair and lawful processing. No personal data will be kept for a period longer than necessary.  Where you have agreed to our terms and conditions, we retain the information up to 7 years (depending on local legislation) after the date upon which the relationship ceased / if consent: when consent is withdrawn.

6. SUPPLIERS (SOLE TRADERS)

6.1. How we collect your personal data

As a supplier or service provider to Franchise Direct, we collect your personal data directly when you interact with us via telephone, email, post, fax and/or person (e.g. meetings, events, conferences, etc.). We may also collect personal data from third party sources, examples of which include

1. From publicly available information. For example, from company registers, press publications, trade directories and online search engines and related results;
   
2. Introducers or common business associates who may pass on your details to us;
   
3. Third parties who provide services to you (e.g. your representatives, advisors, delivery drivers, etc.);
   
4. Our banking providers, in relation to transactions with you.

6.2. The personal data we use

Our relationship with you as a supplier is a business to business relationship and the personal data processed is limited to those necessary to establish a relationship with you and obtain your services, including:

• IDENTITY DATA, including your first name, surname, salutation, business name;
  
• CONTACT DATA, including your email address, business address, billing address, telephone number(s), fax number;
  
• OCCUPATIONAL, including;

1. information about your past/current clients, past/current projects and any other information that may be considered by us when assessing your suitability to provide a service; and
   
2. relevant insurance and/or health and safety details where required;
   

• FINANCIAL, including bank account details and VAT or other relevant tax details to facilitate transactions with you, as well as your transactional and account history with Franchise Direct.
  

6.3. The purpose and legal basis for processing your personal data

We will only process your personal data where it is lawful and necessary to do so.

Typically, your personal data are processed for the purpose of entering into and performing a contract with you as a supplier to Franchise Direct, including when we:

• Make an inquiry to purchase a product or service from you;
  
• Avail of the products and/or services from you as a supplier;
  
• Transact with you and make payments to you pursuant to the contract;
  
• Establish, exercise or defend legal claims in relation to the contract;
  
• Correspond with you throughout the relationship.

  Your personal may also be used:

• To enable us to comply with our legal, statutory and regulatory obligations. For example, your personal data may be included in our returns to the Revenue Commissioners in complying with taxation law, as part of the preparation and audit of financial statements in compliance with company law and for compliance with legally binding requests from regulatory bodies, law enforcement agencies, the courts or otherwise;
  
• To manage our everyday business needs in line with our legitimate interests, such as accounting, complaint management, troubleshooting, technical support, protection of our assets and information, and fraud prevention;
  
• To inform potential and/or current Franchise Direct clients that you are a supplier. This will be in limited circumstances and your explicit consent will be sought before it occurs.

6.4. Who we share your personal data with

We do not share your personal data with third parties unless it is necessary. Sharing occurs with a limited set of individuals and organisations and in limited circumstances. Examples of when sharing may occur and the third parties to whom we share your personal data are as follows:

1. To third parties who are providing services to us to enable us to manage the relationship with you. For example, our software providers, our IT support providers, our professional advisors and our financial statement auditors. Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data;
   
2. To our bank when we are transacting with you;
   
3. To statutory, regulatory, government or law enforcement bodies as required by law;
   
4. To our clients and prospective clients where you have provided us with consent to do so; and
   
5. To our business partners where you have provided us with consent to do (for example, where you have been introduced to us by one of our business partners and we seek your consent to inform the business partner that you made contact with us);

7. REPRESENTATIVES OF THIRD PARTY LEGAL ENTITIES

7.1. How we collect your personal data

In our business to business relationships with third party companies and organisations (e.g. clients, suppliers or otherwise), we will process some personal data belonging to individuals who represent those companies and organisations in the capacity of an employee, director or otherwise. If you fall into this category of individual where you are representing a company or organisation (“Your Organisation”), we gather your personal data from both direct and indirect sources:

• Directly from you. Examples include when you, on behalf of Your Organisation:
  
  1. Interact directly with us via telephone, email, post, and/or in person;
  2. Submit inquiries and information via our website;
  3. Provide information as part of an inquiry about a service to or from us;
     
  4. Purchase our services or provide us with services and conduct transactions with us.
     

• From third parties. Examples include collection from:

  1. Publicly available information. For example, from press publications, online search engines and related results;
  2. Referees you nominate to us as part of Your Organisation tendering for work with us;
  3. Introducers or common business associates who may pass on your details to us;
     
  4. Third parties who provide services to Your Organisation (e.g. your representatives, advisors, delivery drivers, etc.).

7.2. The personal data we use

As you are acting on behalf of Your Organisation and not a personal capacity, the personal data we use for the business to business relationship is limited and includes:

• IDENTITY DATA, including your
  
  • first name, surname, salutation;
• signature on signed documents;
  
• photographic identification, where you provide consent for us to feature your photo and/or video imagery for marketing purpose;
  
• CONTACT DATA, including your business email address, business telephone number(s);
  
• OCCUPATIONAL, including the name of Your Organisation and your job title;
  
• OPINIONS, where you consent to provide testimonials or references.

7.3. The purpose and legal basis for processing your personal data

We will only process your personal data where it is lawful and necessary to do so, including

• Our legitimate interests to identify new business opportunities, develop enquiries, generate new business leads and develop a business relationship with you and Your Organisation;
  
• For the purpose of taking steps to enter into and perform a contract to obtain or provide services from or to Your Organisation;
  
• To enable us to comply with our legal, statutory and regulatory obligations. For example, Your Organisation may be a government body with whom we need to interact as part of our legal obligations and your personal data will be used to manage this relationship;
  
• Where you have provided us with consent to use your personal data for marketing or referral purposes;
  
• To manage our everyday business needs in line with our legitimate interests, such as customer service, accounting, complaint management, troubleshooting, technical support, fraud prevention, protection of our assets and information, and fraud prevention;
  
• Establish, exercise or defend legal claims.

7.4. Who we share your personal data with

We do not share your personal data with third parties unless it is necessary. Sharing occurs with a limited set of individuals and organisations and in limited circumstances. Examples of when sharing may occur and the third parties to whom we share your personal data are as follows:

1. To third parties who are providing services to us to enable us to manage the relationship with you. For example, our software providers, our IT support providers, our professional advisors and our financial statement auditors. Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data;
2. To statutory, regulatory, government or law enforcement bodies as required by law;
   
3. To our clients and prospective clients where you have provided us with consent to do so; and
   
4. To our business partners where you have provided us with consent to do (for example, where you have been introduced to us by one of our business partners and we seek your consent to inform the business partner that you made contact with us).

1. How long we keep your personal data for

Personal data is kept in a form, which permits data subject identification only for as long as is permitted while following fair and lawful processing. No personal data will be kept for a period longer than necessary.

The length of time we keep different types of personal data varies depending on why the reason we use the data and the legal requirements (if any) that apply. Subject to us not having a legal or regulatory requirement or a risk management reason for retaining your information for a longer period, your information will usually be kept up to 7 years (depending on local legislation). This allows us to meet our record-keeping obligations in applicable legislation, as well as allowing us to defend ourselves against potential legal claims.

2. How we keep your personal data safe

Appropriate security measures are implemented in order to protect your personal data.

Security measures refer to physical security in the office (e.g. securely locked filing cabinets etc.) as well as implementing appropriate technology and cyber security measures across our systems and networks in order to prevent any accidental or unauthorised access, interference, damage, loss or disclosure of personal data.

In the event of certain types of personal data breaches, we are legally obliged to notify the Data Protection Commission and affected individuals to whom the personal data belong. We have implemented internal procedures to manage personal data security breaches in accordance with our legal obligations.

3. Transfers outside the European Economic Area

Some of the third-party providers we use and companies within the Franchise Direct group are located in countries outside the European Economic Area (“EEA”).

 Countries outside the EEA and UK do not always have strong data protection laws. This means that, wherever your personal data is being transferred to a country outside the EEA and the European Commission, or respectively the  UK Parliament, does not consider that country to provide an adequate level of protection to data subjects, we use additional protections for those transfers to make sure you are protected to the same level as you are in the EEA. The additional protections are put in place through European Commission approved standardised contractual clauses and, where needed, additional contractual measures and/or additional technical or organisational measures to keep your data is kept safe.

This section provides additional details about your privacy rights subject to the General Data Protection Regulation (GDPR) and UK GDPR.

1. European Union residents

You have a number of rights in respect to your personal data. These are:

 The right to access your personal data, which includes receiving confirmation on whether the personal data are being processed and if so, receiving the personal data and related information about why they are being processed, the categories of personal data involved, to whom the personal data have been or will be shared and how long the data will be kept for. We will accede to any such valid requests within one month of the receipt of a valid request in writing

 The right to request that we rectify inaccurate data or update incomplete data. You may also request that we restrict the processing of the personal data until the rectification or updating has been completed, although please be aware that we may have to suspend the operation of your account or the products or services that we provide.

 The right to request that we erase your data under certain circumstances, including where you want to withdraw the consent you previously gave to us, where you object to Franchise Direct’s processing the data for its own legitimate interests or where Franchise Direct’s processing of the data is unlawful. In the case of unlawful processing, you can also request that this processing is restricted rather than the personal data being erased. Please be aware that we may have to suspend the operation of your account or the products or services that we provide where data processing is restricted.

 The right to object to the processing of your personal data, where such processing is being conducted for the purpose of:

1. Direct marketing;

Establishing, exercising or defending ourselves or others from legal claims; or

Our legitimate interests, unless we can demonstrate that our interests override your interests and rights. You may request that we restrict the processing of the personal data until this analysis of legitimate interests has been concluded, although please be aware that we may have to suspend the operation of your account or the products or services that we provide where data processing is restricted.

 The right to receive your data in a portable format or, subject to it being technically feasible, have us transfer it directly to a third party. This applies where you have provided us with consent for the processing or where the processing is necessary for entering a contract with us.

 The right, at any time, to withdraw consent you have provided to us to process your personal data.

 The right to lodge a complaint to the relevant supervisory authority.

If you wish to raise a complaint in relation to how we processed your personal data, please contact us at privacy@franchise direct.com. We take your privacy and data protection very seriously in Franchise Direct and we endeavour to address your complaint as expediently and as thoroughly as we can in order to find a satisfactory resolution for you.

You may contact the Data Protection Commission (DPC), Ireland's supervisory authority for data protection matters.

If you reside in another EEA Member State, you have the right to make a complaint about the way we process your personal data to the supervisory authority in the EEA Member State of your habitual residence, place of work or place of the alleged infringement. Information about your supervisory authority could be found here (external link).

2. UK residents

Under the DPA 2018 and the UK GDPR, you are entitled to the following rights:

• Question any data about you that you think is incorrect and have us take reasonable steps to correct it for you;
  
• To be told about how we process your data;
  
• Require the erasure of personal data concerning you in certain situations;
  
• Access personal data and copies (free of charge, where reasonable for us to do so at the time) concerning you collected by us in the course of our relationship with you;
  
• Object at any time to processing of personal data concerning you for e.g., direct marketing;
  
• Object to decisions being taken by automated means which produce legal effects concerning you or which similarly may significantly affect you;
  
• Object in certain other situations to our continued processing of your personal data;
  
• Otherwise, restrict our processing of your personal data in certain circumstances;
  
• The right to move, copy or transfer your personal data (where reasonable and proportionate for us to do so).

  For further data on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual rights under the GDPR.

  If you would like to exercise your rights, please contact us at privacy@franchise direct.com

  3. The United States of America

  3.1. CCPA & CPRA Privacy Statement for California Residents

  Franchise Direct has adopted this CCPA & CPRA Privacy Statement to comply with the California Consumer Privacy Act of 2018 (CCPA) and California Consumer Privacy Act of 2020 (CPRA). Any terms used in this Statement that are defined in the CCPA & CPRA have the same meaning given therein, and it applies solely to visitors and users of our website who reside in the State of California.

   Information We Collect, Use and Share

  As stated above, in the twelve (12) months preceding the Effective Date on this Privacy Policy, we may have collected, used, or shared information about California consumers in each of the following categories described in section 2 of this Policy.

  The CCPA defines “sale” of information broadly and some of our personal information sharing may be considered a “sale” under this definition.

  Franchise Direct does not sell personal information of consumers for monetary consideration under CCPA or CPRA. The use of cookies and other website collection tools described in this policy may fall under the definition of “sale” of information under CCPA. This “sale” of information is not part of service and product offerings to our customers, but rather applies only to our marketing websites and our own use of cookies for website visitors.

  If you wish to opt out the sale of your information, please refer to the section “Right to Opt-out of Sale” below.

  How we use and share this information

  Franchise Direct will use the aforementioned personal data for the purposes detailed in section 3 of this Policy.

  Data subject Rights

• From January 1, 2023, California residents have the following rights:
  
• Right to Know. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months.
  
• Right to Correct. You have the right to request that we amend any inaccurate personal information that we collected from you.
  
• Right to Delete. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions.
  
• Right to Non-Discrimination. You have the right to not be discriminated against for exercising any of these rights as a consumer or employee.
  
• In this terms, Franchise Direct will not discriminate against you or any other individual for exercising any our your rights, and only to the extent permitted by the CCPA & CPRA, Franchise Direct will not 1) deny you goods or services, 2) charge you different prices or rates for goods or services 3) provide you a different level or quality of goods or services, or 4) suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
  
•  Right to Opt-Out of Sale and Sharing. You have the right to Opt-out any Sales, as defined by the CCPA & CPRA, of personal Information by Franchise Direct. You can exercise this right by contacting us. Please note that we do not sell the personal information of minors under 16 years of age under any circumstances, as our website is not intended for users under this age. 

  To exercise one or more of the above CCPA & CPRA rights, please contact us by email at privacy@franchisedirect.com. We will need to verify your request and we may need you to provide additional information for this purpose. We will respond to all such request within forty-five (45) days, and in the case that we require more time to do so, we will inform you of the reasons and extension period.     

  3.2. VCDPA Privacy Statement

  Franchise Direct has adopted this VCDPA Privacy Statement to comply with Virginia Consumer Data Protection Act (VCDPA), which provides certain rights to Virginia consumers. Any terms used in this Statement that are defined in the VCDPA have the same meaning given therein, and it applies solely users and consumers from Virginia.

  To the extent that we collect Personal Data that is subject to the VCDPA, that information, our practices, and your rights are described below. 

      

  Under the Virginia Consumer Data Protection Act (“VCDPA”), effective on January 1, 2023, a controller shall comply with an authenticated consumer request to exercise the right:

  ●  To confirm whether or not a controller is processing the consumer's personal data and to access such personal data;

  ●  To correct inaccuracies in the consumer's personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer's personal data;

  ●  To delete personal data provided by or obtained about the consumer;

  ●  To obtain a copy of the consumer's personal data that the consumer previously provided to the controller in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance, where the processing is carried out by automated means; and

  ●  To opt out of the processing of the personal data for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.

  Franchise Direct will not discriminate consumers exercising their rights, and you can Opt-Out of the sale of your personal information, targeted advertising and profiling.

  To exercise one or more of the above VCDPA rights, please contact us by email at privacy@franchise direct.com. We will need to verify your request and we may need you to provide additional information for this purpose. We will respond to all such request within forty-five (45) days, and in the case that we require more time to do so, we will inform you of the reasons and extension period.

  Under the VCDPA, you have the right to appeal a business´s refusal of a request through an appeal process, and we must respond to an appeal in writing within sixty days (60). If the appeal is denied, we must provide and online mechanism (if available) or other method through which you, as a consumer, can submit a complaint to the AG (Attorney General of Virginia).     

  3.3. CPA Privacy Statement

  Franchise Direct has adopted this Colorado Privacy Statement to comply with Colorado Privacy Act (he “CPA”) which provides certain rights to Colorado consumers. Any terms used in this Statement that are defined in the CPA have the same meaning given therein, and it applies solely users and consumers from Colorado.   

  Under the Colorado Privacy Act (the “CPA”), effective on July 1, 2023, a consumer has the following rights:

• Right to Access. Consumers have the right to confirm whether a controller is processing personal data concerning the consumer and to access the consumer’s personal data;
  
• Right to Correction. Consumers have the right to correct inaccuracies in the consumer’s personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer’s personal data;
  
• Right to Delete. Consumers have the right to delete personal data concerning the consumer;
  
• Right to Data Portability. Consumers have the right to obtain a personal data in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another entity without hindrance;
  
• Right to Opt-out. Consumers have the right to opt out of the processing of personal data concerning the consumer for purposes of:
  
  1. targeted advertising;
  2. the sale of personal data, or
  3. profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer.

To exercise one or more of the above CPA rights, please contact us by email at privacy@franchise direct.com. We will need to verify your request and we may need you to provide additional information for this purpose. We will respond to all such request within forty-five (45) days, and in the case that we require more time to do so, we will inform you of the reasons and extension period.

Under the CPA, you have the right to appeal a refusal of a request through an appeal process, and we must respond to an appeal in writing within sixty days (60). If the appeal is denied, we must provide and online mechanism (if available) or other method through which you, as a consumer, can submit a complaint to the AG (Attorney General of Colorado).

3.4. CTDPA Privacy Statement

Franchise Direct has adopted this Connecticut Privacy Statement to comply with Connecticut Act Concerning Personal Data Privacy and Online Monitoring ('CTDPA') which provides certain rights to Connecticut consumers. Any terms used in this Statement that are defined in the CTDPA have the same meaning given therein, and it applies solely to users and consumers from Connecticut.  

To the extent that we collect Personal Data that is subject to the CTDPA, that information, our practices, and your rights are described below. 

Under the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (the “'CTDPA”), effective on July 1, 2023, a controller shall comply with an authenticated consumer request to exercise the right:

• Right to be Informed: Consumers have the right to confirm whether a controller is processing the consumer's personal data;
  
• Right to Access: Consumers have the right to confirm whether or not a controller is processing the consumer's personal data and accessing such personal data unless such confirmation or access would require the controller to reveal a trade secret;
  
• Right to Correction: Consumers have the right to correct inaccuracies in consumer’s personal data, taking into account the nature of the personal data and the purposes of the processing of consumer’s personal data;
  
• Right to Rectification: Consumers have the right to correct inaccuracies in their personal data, taking into account the nature of the personal data and the purposes of the processing of the consumer's personal data;
  
• Right to Erasure: Consumers have the right to delete personal data provided by, or obtained, about them;
  
• Right to object/opt-out: Consumers have the right to opt-out of the processing of their personal data for purposes of:
  
  1. targeted advertising;
  2. the sale of personal data; or
  3. profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning the consumer.
     

• Right to Data Portability: Consumers have the right to obtain a copy of their personal data processed by the controller, in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance, where the processing is carried out by automated means, provided such controller will not be required to reveal any trade secret;
  
• Right not to be subject to automated decision-making: Consumers have the right to opt of the processing of the personal data for purposes of profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning the consumer.

  To exercise one or more of the above CTDPA rights, please contact us by email at privacy@franchise direct.com. We will need to verify your request and we may need you to provide additional information for this purpose. We will respond to all such request within forty-five (45) days, and in the case that we require more time to do so, we will inform you of the reasons and extension period. 

  Under the CTDPA, you have the right to appeal a refusal of a request through an appeal process, and we must respond to an appeal in writing within sixty days (60). If the appeal is denied, we must provide and online mechanism (if available) or other method through which you, as a consumer, can submit a complaint to the AG (Connecticut Attorney General).

3.5. UCPA Privacy Statement

Franchise Direct has adopted this Utah Privacy Statement to comply with Utah Consumer Privacy Act ('UCPA') which provides certain rights to Utah consumers. Any terms used in this Statement that are defined in the UCPA have the same meaning given therein, and it applies solely users and consumers from Utah. 

To the extent that we collect Personal Data that is subject to the UCPA, that information, our practices, and your rights are described below.  

Under the Utah Consumer Privacy Act ('UCPA'), which will become effective on December 31, 2023, a controller shall comply with an authenticated consumer request to exercise the following rights:

• Right to Access. Consumers have the right to (i) confirm whether a controller is processing the consumer’s personal data; and (ii) access the consumer’s personal data;
  
• Right to Delete. Consumers have the right to delete the consumer’s personal data that the consumer provided to the controller.
  
• Right to Data Portability. Consumers have the right to obtain a copy of the consumer’s personal data, that the consumer previously provided to the controller, in a format that:
  
  1. to the extent technically feasible, is portable;
  2. to the extent practicable, is readily usable; and
     
  3. allows the consumer to transmit the data to another controller without impediment, where the processing is carried out by automated means.
     

• Right to Opt-out of certain processing. Consumers have the right to opt out of the processing of the consumer’s personal data for the purposes of targeted advertising; or the sale of personal data.

  To exercise one or more of the above UCPA rights, please contact us by email at privacy@franchisedirect.com. We will need to verify your request and we may need you to provide additional information for this purpose. We will respond to all such request within forty-five (45) days, and in the case that we require more time to do so, we will inform you of the reasons and extension period. 

4. Residents of other jurisdictions

If you are not a resident in one of the above countries mentioned in this Statement, and you would like to exercise your data privacy rights or have any questions or concerns regarding your personal data and privacy, please reach out to us at privacy@franchisedirect.com