Scope of this Policy

iBaset Federal Services, LLC (the “Company,” “iBaset Federal Services,” “our,” “us,” or “we”) has developed this privacy policy out of respect for the privacy of our customers and visitors to our website. This policy describes the Personal Information we collect, use, and disclose about individual consumers who visit or interact with this website (fed.ibaset.com), visit any of our offices, facilities, or locations, purchase or inquire about any of our products or services, or otherwise interact or do business with us. To access the iBaset Inc. (ibaset.com) privacy policy, please click HERE.

Whenever you visit our website, we will collect some information from you automatically simply by you visiting and navigating through this site, and some voluntarily when you submit information using a form on the website, type text into the search bar to search the website, enroll in or subscribe to our newsletter or marketing communications, request information, or use any of the other interactive portions of our website. Through the website, we will collect information that can identify you and/or your activity.

Additionally, whenever you communicate, interact, or do business with us, we will be collecting Personal Information from you or about you in the course of our interaction or dealings with you, whether online or at any of our physical locations or facilities, or whether you are contracted to perform services for us.

This privacy policy applies to any Personal Information we may collect about individuals located in the European Economic Area (EEA), the United Kingdom (UK), and the United States (US). Accordingly, this Privacy Policy governs the processing of Personal Information in compliance with applicable data protection laws including, the General Data Protection Regulation ((EU) 2016/679) (“GDPR”), the U.K. General Data Protection Regulation (“UK GDPR”) (collectively, “GDPR”) and relevant U.S. State consumer privacy laws.

The meaning of “Personal Information” may be defined based on your state or country of residence: in this policy, it means any information that can reasonably be used to identify an individual and includes personal data.

This policy does not apply to information collected from or about job applicants regarding their application for employment or candidacy. If you are a job applicant, click HERE for our Job Applicant Notice and Privacy Policy.

Data Controller

iBaset Federal Services, LLC is formed and registered in California, USA, with its primary place of business 26812 Vista Terrace., Lake Forest, CA, 92630.

For GDPR purposes, iBaset Federal Services is a Data Controller (“Controller”) of your personal data. Where we are processing personal data in relation to a client’s use of our services or products, we act as the Data Processor (“Processor”).

Consent to Terms and Conditions

By using the website, you consent to all terms and conditions expressed in this Privacy Policy. You also consent to the collection and processing of your Sensitive Personal Information and Special Category Data. Where applicable, such data will only be collected and processed with your consent.

Collection of Personal Information and Sensitive Personal Information

Based on your specific transactions and interactions with us or our website, we will or may collect, and we have in the last 12 months collected, the following categories of Personal Information about you. For each category of information, we identify below the categories of third parties, service providers, and contractors to whom we have disclosed the information in last 12 months. The examples provided for each category are not intended to be an exhaustive list or an indication of all specific pieces of information we collect from or about you in each category, but rather the examples are to provide you a meaningful understanding of the types of information that may be collected within each category.

Category	Personal Identifiers
Examples	Name.
Disclosed To in Last 12 Months	Data analytics vendors Social media platforms
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been shared with data analytics vendors and social media platforms for cross-context behavioral advertising, but we no longer share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising. For all other data in this category collected through other sources (not through this website), this data is neither sold for monetary or other valuable consideration, nor shared for cross-context behavioral advertising.

Category	Contact Information
Examples	Email address, home phone number, cell phone number.
Disclosed To in Last 12 Months	Marketing support vendors and vendors that support managing or hosting the website Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants Insurance carriers, administrators, and brokers Data analytics vendors Social media platforms
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been shared with data analytics vendors and social media platforms for cross-context behavioral advertising, but we no longer share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising. For all other data in this category collected through other sources (not through this website), this data is neither sold for monetary or other valuable consideration, nor shared for cross-context behavioral advertising.

Category	Commercial Transactional Data
Examples	Information regarding products or services considered, purchased, or provided; company or business affiliation.
Disclosed To in Last 12 Months	Marketing support vendors and vendors that support managing or hosting the website Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants Insurance carriers, administrators, and brokers Data analytics vendors Social media platforms
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been shared with data analytics vendors and social media platforms for cross-context behavioral advertising, but we no longer share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising. For all other data in this category collected through other sources (not through this website), this data is neither sold for monetary or other valuable consideration, nor shared for cross-context behavioral advertising.

Category	Internet Network and Computer Activity
Examples	Date and time of your website visit; webpages visited; links clicked on the website including mouse movements; session identifiers; browser ID; browser type and characteristics; device ID and characteristics or attributes; referring URLs; mobile phone make, model and serial number; mobile service provider; operating system; form information downloaded; domain name from which our site was accessed; search history; interaction-level telemetry; cookies; and internet or other electronic network activity information related to usage of Company networks, servers, intranet, or shared drives, as well as Company-owned computers and electronic devices, including system and file access logs, security clearance level, browsing history, search history, and usage history.
Disclosed To in Last 12 Months	Marketing support vendors and vendors that support managing or hosting the website, including Hotjar Data analytics vendors Social media platforms Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been sold or shared to data analytics vendors and social media platforms (not for monetary consideration but for other valuable consideration), but we no longer sell or share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising. For all other data in this category collected through other sources (not through this website), this data is neither sold for monetary or other valuable consideration, nor shared for cross-context behavioral advertising.

Category	Geolocation Data
Examples	IP address, GPS location, time zone.
Disclosed To in Last 12 Months	Marketing support vendors and vendors that support managing or hosting the website Data analytics vendors Social media platforms Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been sold or shared to data analytics vendors and social media platforms (not for monetary consideration but for other valuable consideration), but we no longer sell or share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising. For all other data in this category collected through other sources (not through this website), this data is neither sold for monetary or other valuable consideration, nor shared for cross-context behavioral advertising.

Category	Form and other Electronic Submission Data
Examples	Data submitted through the website, including Contact Us forms and search bar queries.
Disclosed To in Last 12 Months	Marketing support vendors and vendors that support managing or hosting the website Data analytics vendors Social media platforms
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been sold or shared to data analytics vendors and social media platforms (not for monetary consideration but for other valuable consideration), but we no longer sell or share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising.

Category	Account Information
Examples	Username and password for Company accounts and systems and any required security or access code, password, security questions, or credentials allowing access to your Company accounts.
Disclosed To in Last 12 Months	Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants Marketing support vendors and vendors that support managing or hosting the website
Sold To or Shared With	Not sold for monetary or other valuable consideration and not shared for cross-context behavioral advertising.

Category	Visual, Audio, or Video Recordings
Examples	Your image when recorded or captured in surveillance camera footage or pictures of you taken on our premises or at our events or that you share with us; video and audio recordings of calls and virtual meetings as disclosed to you at the time of the call.
Disclosed To in Last 12 Months	Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants
Sold To or Shared With	Not sold for monetary or other valuable consideration and not shared for cross-context behavioral advertising.

Category	Professional Related Information
Examples	Information related to services provided to or rendered by the entity you represent in your dealings with the Company, including company affiliation.
Disclosed To in Last 12 Months	Marketing support vendors and vendors that support managing or hosting the website
Sold To or Shared With	Not sold for monetary or other valuable consideration and not shared for cross-context behavioral advertising.

Category	Facility & Systems Access Information
Examples	Information identifying you, if you accessed our secure company facilities, systems, networks, computers, and equipment, and at what times, using keys, badges, fobs, login credentials, or other security access method.
Disclosed To in Last 12 Months	Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants
Sold To or Shared With	Not sold for monetary or other valuable consideration and not shared for cross-context behavioral advertising.

Category	Inferences
Examples	Based on analysis of your activity on the website, we may develop inferences regarding your interests and preferences for our products and services including your potential to purchase a specific product or service.
Disclosed To in Last 12 Months	Data analytics vendors Social media platforms
Sold To or Shared With	For data collected through our website in the last 12 months, some of this data has been sold or shared to data analytics vendors and social media platforms (not for monetary consideration but for other valuable consideration), but we no longer sell or share any of this data moving forward. We do not and will not share this data with third parties for cross-context behavioral advertising. For all other data in this category collected through other sources (not through this website), this data is neither sold for monetary or other valuable consideration, nor shared for cross-context behavioral advertising.

What Sensitive Personal Information We Collect

Of the above categories of Personal Information, the following are categories of Sensitive Personal Information the Company may collect from or about consumers:

1. Personal Identifiers (social security number, driver’s license or state identification card number, passport number)
2. Account Information (your Company account log-in, in combination with any required security or access code, password, or credentials allowing access to the account)
3. Geolocation Data (IP address and GPS location)

Personal Information does not include:

• Publicly available information from government records.
• Information that a business has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media.
• Information made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience.
• Deidentified or aggregated information.

Sources of Personal Information

We may collect your Personal Information from the following sources:

• You the consumer when you visit the website and voluntarily submit information through forms on the website or social media, when you visit any of our physical locations, when you purchase or inquire about any of our products or services
• Our employees, contractors, vendors, suppliers, guests, visitors, other consumers, and customers based on your interactions with them (if any)
• Company event sponsors and vendors
• Surveillance cameras at our physical locations
• Lead generators and referral sources
• Company systems, networks, software applications, and databases you log into or use in interacting with our website, or otherwise interacting with us in any other capacity, including from vendors the Company engages to manage or host such systems, networks, applications or databases
• Third party customer databases

To Whom We Disclose Personal Information

We may disclose, sell, or share your Personal Information to/with the following categories of service providers, contractors, or third parties:

• Marketing support vendors and vendors that support managing or hosting the website
• Insurance carriers, administrators, and brokers
• Security and risk management vendors, including IT, cybersecurity, and privacy vendors and consultants
• Company prime contractors/subcontractors

Reasons Why We Collect, Use, Retain, and Disclose Personal Information

We may collect, use, and disclose your Personal Information for any of the following business purposes:

1. To fulfill or meet the purpose for which you provided the information, or a purpose reasonably associated with the context in which you provided the information and consistent with reasonable consumer expectations.
2. To provide you or our customers with the requested products or services.
3. To process, complete, and maintain records on transactions.
4. To provide warranty coverage on products and services.
5. To retain your selection for Text opt in/opt out to ensure customers who opted out are not sent any text messages.
6. To provide and communicate recall notifications to customers.
7. To schedule, manage and keep track of customer appointments.
8. To maintain records of when customers decline a service or sale.
9. To respond to consumer inquiries, including requests for information, customer support online, and phone calls.
10. To comply with our contractual obligations to our marketing partners and vendors.
11. To manage Company sponsored events.
12. To engage in corporate transactions, including mergers, acquisitions, and joint ventures, as well as due diligence in proposed or pending corporate transactions.
13. To contact you by email, telephone calls, mail, SMS, or other equivalent forms of communication regarding updates or informative communications related to the functionalities, services, or other information you requested or asked the Company to provide to you.
14. To contact you about the services available on our website as well as other products or services that we think may be of interest to you.
15. To send surveys to obtain feedback on our products, website, or on other aspects of our business that impact a consumer as a customer, and to send promotional materials.
16. To improve user experience on our website.
17. To understand the demographics of our website visitors.
18. To detect and investigate physical and cyber security incidents.
19. To debug, identify, and repair errors that impair existing intended functionality of our website.
20. To protect against malicious or illegal activity and prosecute those responsible.
21. To verify and respond to consumer requests under applicable privacy laws.
22. To prevent identity theft.
23. BUSINESS-TO-BUSINESS PURPOSES:
    1. To fulfill or meet the purpose for which you provided the information.
    2. To comply with state and federal law and regulations requiring businesses to maintain certain records (accident or safety records, and tax records/1099 forms).
    3. To evaluate, assess, and manage the Company’s business relationship with vendors, service providers, and contractors that provide services to the Company.
    4. To improve user experience on Company computers, networks, devices, software applications or systems, and to debug, identify, and repair errors that impair existing intended functionality of our systems.
    5. To reduce the risk of spreading infectious diseases in or through the workplace.

Legal Basis for Processing

Under data protection laws, we can only use your Personal Information if we have a proper reason for doing so, for example:

1. To comply with our legal and regulatory obligations;
2. For the performance of our contract with you or to take steps at your request before entering into a contract;
3. For our legitimate interests or those of a third party; or
4. Where you have given consent.

Do We Sell Your Information?

We have adjusted our practices and do NOT currently and will not sell your Personal Information in exchange for monetary or other valuable consideration. Likewise, we currently do NOT and will not share your Personal Information for cross-context behavioral advertising.

In the past, we may have sold or shared your Personal Information for the following business purposes:

1. To provide interest-based and retargeted advertising.
2. To receive data analytics.

Other than these exceptions, we do not and will not disclose your Personal Information to any third party in exchange for monetary or other valuable consideration or share your Personal Information for cross-context behavioral advertising.

Notice of Rights of California Residents to Limit the Use of Your Sensitive Personal Information

We do not use or disclose your Sensitive Personal Information for purposes that give rise to a right to limit the use and disclosure of your Sensitive Personal Information under the California Consumer Privacy Act (CCPA).

Automated Decision Making or Profiling

We do not use automated decision making or profiling (an automated analysis of and decision making on the basis of your Personal Information or personal circumstances) regulated by Article 22 of the GDPR.

Retention of Personal Information

We will retain each category of Personal Information for as long as we continue to have a legal or business need to retain it consistent with the purposes for which the information was collected. Your Personal Information may be stored or maintained in a variety of different records, files, databases, and information systems some of which are controlled or managed by vendors. As a result, we are unable to predict at the point of collection of your information how long the information will be retained, as it depends on many factors. In deciding how long to retain each category of Personal Information that we collect, we consider many criteria, including, but not limited to: the business purposes for which the Personal Information was collected; relevant federal, state and local recordkeeping laws; applicable statute of limitations for claims to which the information may be relevant; and legal preservation of evidence obligations.

Because the law prescribes minimum periods for retention of certain records, some records will be retained for at least the duration of the required period plus a certain number of years. Retention is often measured from occurrence of a triggering event but we may also measure the retention period from either (1) the date the record or data was collected, created, or last modified, (2) the date of the particular transaction to which the record or data pertains, or (3) another triggering event that is determined to be reasonable and appropriate based on the nature of the data and the legal/business needs for its continued use.

If the business purposes for collecting the Personal Information, and legal reasons for retaining the Personal Information, have both expired, we will purge the information in a secure manner.

Third Party Vendors

We may use other companies and individuals to perform certain functions on our behalf. Examples include administering e-mail services and running special promotions. Such parties only have access to the Personal Information needed to perform these functions and may not use or store the information for any other purpose.

Business Transfers

In the event wesell or transfer a particular portion of our business assets, information of consumers, contractors and applicants may be one of the business assets transferred as part of the transaction. If substantially all of our assets are acquired, information of consumers, contractors and applicants may be transferred as part of the acquisition.

Compliance with Law and Safety

We may disclose specific personal and/or sensitive Personal Information based on a good faith belief that such disclosure is necessary to comply with or conform to the law or that such disclosure is necessary to protect our employees or the public.

Use of Cookies, Pixels, and Other Tracking Technologies

Our website may store or retrieve information on your browser, mostly in the form of cookies. A cookie is a small piece of data (text file) that a website – when visited by a user – places on the user’s device to remember information about the user. This type of cookie is set by us and is referred to as a “first-party cookie.” Our website uses first-party cookies primarily to make the website work as you expect it to.

Below is a detailed list of the categories of first-party cookies we use on our website. You can prevent the collection of data by non-essential functional cookies by clicking on “Your Privacy Choices” in our website footer and toggling off the related functionality.

How we use cookies

We make use of cookies under the following circumstances and for the following reasons:

• Provide you with services available through the website and to enable you to use some of its features.
• For security related purposes.
• Authenticate users and prevent fraudulent use of user accounts.
• Identify if users have accepted the use of cookies on the website.
• Understand and save visitor preferences for future visits, such as remembering your login details or language preference, to provide you with a more personal experience, or to avoid you having to re-enter your preferences every time you use the website.

Essential Cookies  

Essential cookies are necessary for the website to function properly and cannot be switched off in our systems. They are usually only set in response to a site visitor’s request for services, such as a visitor setting their privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about these cookies, but blocking these cookies will prevent the website from working correctly or might prevent the Website from working at all.

Non-Essential Cookies  

Non-Essential cookies are not essential to the website functionality but serve some other unique purpose in three subcategories:

1. “Performance” cookies (sometimes referred to as static cookies) collect information about the user’s behavior on the website without collecting personal information, for example:

   • Pages the user visits.
   • Ads the user views.
   • Ads or site features that the user clicks.

2. “Functional” cookies (sometimes called preference cookies) track and remember the user’s preferences and past choices on the website to provide a personalized user experience. For example, functional cookies can collect:

   • Usernames
   • Passwords
   • Regions

3. “Targeting” cookies (sometimes called preference cookies) can track:

   • Content the user views
   • Links the user follows
   • The user’s browser and device information and IP address

Please note: Organizations can use targeting cookies to track and influence users by building user profiles or displaying advertisements.

Information on Some of the Cookies in Use on our Site

For information on some of the cookies we use on our site, please review the policies from some of our vendors:

• Cloudflare

Cookie Management

You can control and manage cookies associated with your browser. If you are interested in controlling and managing cookies from your browser including any set by our Website, please refer to http://www.allaboutcookies.org/manage-cookies/index.html for information on different ways to configure your browser’s cookie settings.

If you want to clear all cookies left behind by the websites you have visited, here are links where you can download three third party programs that clean out tracking cookies.

• http://www.lavasoftusa.com/products/ad-aware_se_personal.php
• http://www.spybot.info/en/download/index.html
• http://www.webroot.com/consumer/products/spysweeper/

You may delete cookies from your web browser at any time or block cookies on your equipment, but this may affect the functioning of or even block the website. You can prevent saving of cookies (disable and delete them) by changing your browser settings accordingly at any time. It is possible that some functions will not be available on our website when use of cookies is deactivated. Check the settings of your browser. Below you can find some guidance:

• Safari
• Opera 
• Internet Explorer
• Google Chrome
• Mozilla

Do Not Track (DNT) is a privacy preference that users can set if they do not want web services to collect information about their online activity. We do not respond to DNT signals with the exception of Global Privacy Controls as explained above in the section of this policy on “Opt-Out Preference Signals”).

You can adjust your advertising preferences on mobile devices through your device settings. Below you can find guidance based on your mobile device type:

• Apple
• Android

DAA

Many advertising companies that collect information for interest-based advertising are members of the Digital Advertising Alliance (DAA), which maintains a self-regulatory program along with a website where people can opt out of interest-based advertising from their members. To opt-out of website interest-based advertising provided by the DAA’s participating companies, visit the DAA’s opt-out portal available at http://optout.aboutads.info/.

• To opt-out of data collection for interest-based advertising across mobile applications by participating companies, download the DAA’s AppChoices mobile application opt-out offering found here: https://youradchoices.com/appchoices.

Non-Participant Opt-Out Options

• Some of our vendors do not participate in the DAA self-regulatory program for online behavioral advertising or have developed their own processes for allowing consumers to opt-out: https://branch.app.link/optout
• Some devices and apps do not have access to web-based browser cookie opt-outs. To learn more about the advertising opt-outs provided by your mobile device’s operating system (like iOS and Android) or the device manufacture, click here.

External Links

Our website contains links to other sites. We are not responsible for the privacy practices or the content of such websites. To help ensure the protection of your privacy, we recommend that you review the Privacy Policy of any site you visit via a link from our website.

Passwords

The personal data record created through your registration with our website can only be accessed with the unique password associated with that record. To protect the integrity of the information contained in this record, you should not disclose or otherwise reveal your password to third parties.

Consumers Under the Age of 16

We do not knowingly sell or share the Personal Information of consumers under 16 years of age.

How We Protect the Information that We Collect

The protection of the information that we collect about visitors to our website is of the utmost importance to us and we take every reasonable measure to ensure that protection, including:

• We keep automatically collected data and voluntarily collected data separate at all times.
• We use internal encryption on all data stores that house voluntarily captured data.
• We use commercially reasonable tools and techniques to protect against unauthorized access to our systems.
• We restrict access to private information to those who need such access in the course of their duties for us.

Your Consumer Rights / Privacy Choices

Based on your state or country of residence, you may have some or all of the following rights:

Consumer Right	Description
Right to Know	You may have the right to request, (1) the categories of Personal Information we have collected about you, (2) the categories of sources from which the Personal Information was collected, (3) the business or commercial purpose for collecting, selling, or sharing this information, (4) the categories of third parties with whom we share or have shared your Personal Information, (5) as applicable, the categories of Personal Information that we have sold or shared about you and the categories of third parties to whom the Personal Information was sold or shared, by category or categories of Personal Information for each category of third parties to whom the Personal Information was sold or shared, and (6) the categories of Personal Information that we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose;
Right to Access	You may have the right, in certain circumstances, to receive a copy of the Personal Information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your Personal Information to another person.
Right to Portability	You may have the right, in certain circumstances, to receive a copy of the Personal Information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your Personal Information to another person.
Right to Confirm	You may have the right to confirm if we are processing your Personal Information and to access your Personal Information, as just stated above.
Right to Delete	You may have the right to request that we delete Personal Information that we collected from you, subject to certain exceptions.
Right to Correct	You may have the right to request we correct inaccurate Personal Information (to the extent such an inaccuracy exists) that we maintain about you.
Right to Appeal	You may have the right to appeal our refusal to take action on a request.
Right to Non-Discrimination	You have the right to not be discriminated or retaliated against for exercising any of the above rights.
Additional Rights for UK and EEA Data Subject If you are located in the United Kingdom or country within the European Economic Area, you may have the following additional rights under applicable data protection laws.
Right to Rectification	You may have the right to require us to correct any mistakes in your personal data.
Right to Restriction of Processing	You may have the right to require us to restrict processing of your personal data in certain circumstances, e.g., if you contest the accuracy of the data.
Right to Object	You may have the right to object (1) at any time to your personal data being processed for direct marketing (including profiling) and (2) in certain other situations to our continued processing of your personal data, e.g., processing carried out for our legitimate interests.
Right to Withdraw Consent	You may have the right to withdraw consent at any time where our processing is solely based on your specific consent. Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

 

Exercising Your Rights

To exercise any of the rights described above, you may do so through any of the options below:

1. Send an email to [email protected].
2. Call our privacy toll-free line at 1-888-502-9547.

How We Will Verify That it is Really You Submitting the Request

If you submit a Right to Know, Right to Access, Right to Delete, or Right to Correct request through one of the methods provided above, we will ask you to provide some information in order to verify your identity and respond to your request. Specifically, we will ask you to verify information that can be used to link your identity to particular records in our possession, which depends on the nature of your relationship and interaction with us.

Responding to Your Right to Know, Right to Access, Right to Delete, and Right to Correct Requests

Upon receiving a verifiable request, we will confirm receipt of the request no later than 10 business days after receiving it. We endeavor to respond to a verifiable request within 45 calendar days of its receipt. If we require more time (up to an additional 45 calendar days, or 90 calendar days total from the date we receive your request), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

Individuals in the EEA and U.K: Upon receiving a verifiable request, we will confirm receipt of the request no later than 10 business days after receiving it. We endeavor to respond to a verifiable request within 30 calendar days of its receipt. If we require more time (up to an additional 60 calendar days, or 90 calendar days total from the date we receive your request), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

For a request to correct inaccurate Personal Information, we will accept, review, and consider any documentation that you provide, and we may require that you provide documentation to rebut our own documentation that the Personal Information is accurate. You should make a good-faith effort to provide us with all necessary information at the time that you make the request to correct. We may deny a request to correct if we have a good-faith, reasonable, and documented belief that a request to correct is fraudulent or abusive. If we deny your request to correct, we shall inform you of our decision not to comply and provide an explanation as to why we cannot comply with a request, if applicable.

If You Have an Authorized Agent:

You may be able to authorize someone else as an authorized agent who can submit a request on your behalf. To do so, you must either: (a) execute a valid, verifiable, and notarized power of attorney; or (b) provide other written, signed authorization that we can then verify. When we receive a request submitted on your behalf by an authorized agent who does not have a power of attorney, that person will be asked to provide written proof that they have your permission to act on your behalf, and we will also contact you and ask you for information to verify your own identity directly with us and not through your authorized agent. We may deny a request from an authorized agent if the agent does not provide your signed permission demonstrating that they have been authorized by you to act on your behalf.

Appeal of Our Decision Regarding Your Request

For residents in certain states, in the event we refuse to act in response to your request, we will provide you with information regarding our appeal process. We will inform you in writing of any action taken or not taken in response to an appeal within a reasonable time after receipt of your appeal, including our written explanation of the reason or reasons for our decision. If we deny your appeal, we will provide you with information regarding the online mechanism by which you may contact your State Attorney General to submit a complaint.

Lodging a Complaint with the Data Protection Authority in the EEA or UK

Where the GDPR applies to our processing of your Personal Information, you also have the right to lodge a complaint with a data protection supervisory authority in one or more of the European Union Member States or in the UK, as applicable.

Specifically, you can lodge a complaint in the member state of the EEA of your habitual residence, place of work, or the alleged violation of the GDPR. A list of DPAs for member states is available here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

In the UK, you can lodge a complaint with the UK Information Commissioner’s Office (ICO). You can access the ICO website by clicking here: www.ico.org.uk.

California Shine the Light

The California Civil Code permits California residents with whom we have an established business relationship to request that we provide you with a list of certain categories of Personal Information that we have disclosed to third parties for their direct marketing purposes during the preceding calendar year. To make such a request, please send an email to [email protected], or write to us at the following address: 26812 Vista Terrace, Lake Forest, CA 92630. Please mention that you are making a “California Shine the Light” inquiry.

International Data Transfers

Your information, including Personal Information, may be transferred or maintained outside of your state, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the U.S. and choose to provide information to us, please note that we transfer the data, including Personal Information to U.S. and process it there. Your consent to this privacy policy followed by your submission of such information represents your agreement to that transfer.  The Company will take all the steps reasonably necessary to ensure that your information is treated securely and in accordance with this privacy policy and no transfer of your Personal Information will take place to an organization or a country unless there are adequate controls in place including the security of your data and other Personal Information.

Changes to Our Privacy Policy

As our services evolve and we perceive the need or desirability of using information collected in other ways, we may from time to time amend this Privacy Policy. We encourage you to check our website frequently to see the current Privacy Policy in effect and any changes that may have been made to them. If we make material changes to this Privacy Policy, we will post the revised Privacy Policy and the revised effective date on this website. Please check back here periodically or contact us at the address listed at the end of this Privacy Policy.

Consumers With Disabilities

This policy is in a form that is accessible to consumers with disabilities.

Questions About the Policy

This website is owned and operated by iBaset Federal Services, LLC. If you have any questions about this Privacy Policy, please contact us at [email protected] or call 1-888-502-9547.

**Updated April 7, 2026.