CARDINAL CAPITAL PARTNERS WEBSITE PRIVACY NOTICE
Effective: August 26, 2024
Overview
Personal Data We Collect
Categories of Personal Data We Collect
How We Use Your Personal Data
How We Obtain Your Personal Data
Who We Share Your Personal Data With
Your Rights Regarding Personal Data
Accessing, Modifying, Rectifying, and Correcting Collected Personal Data
Your California Privacy Rights
Your Nevada Rights
Your Other U.S. State Privacy Rights
Your Choices
Communications Opt-Out
Cookies, Web Tracking, and Advertising
Protecting Personal Data
Retention of Personal Data
Other Important Information About Personal Data and the Services
Collection of Personal Data from Children
Third-Party Websites and Services
Business Transfer
Do Not Track
International Use
Modifications and Updates to this Privacy Notice
Applicability of this Privacy Notice
Additional Information and Assistance
- Overview
Cardinal Capital Partners, Inc. and its subsidiaries and affiliates (collectively, “Cardinal,” “we,” “our,” or “us”) respect your privacy and are committed to protecting the personal data we hold about you. If you have questions, comments, or concerns about this Privacy Notice or our processing of personal data, please see the bottom of this Privacy Notice for information about how to contact us. Cardinal Capital Partners, Inc. is the data controller of the personal data collected, and is responsible for the processing of your personal data.
This Privacy Notice explains our practices with respect to personal data we collect and process about you. This includes information we collect through, or in association with, our website located at cardinalcapital.com and our associated investor portal (the “Site”), our products and services that we may offer from time to time via our Site, our offline services and interactions with you, our related social media sites, or otherwise through your interactions with us (the Site, products, services, offline interactions and social media pages, collectively, the “Services”).
Please review the following to understand how we process and safeguard personal data about you. By using any of our Services, whether by visiting our Site or otherwise, and/or by voluntarily providing personal data to us, you acknowledge that you have read and understand the practices contained in this Privacy Notice. This Privacy Notice may be revised from time to time, so please ensure that you check this Privacy Notice periodically to remain fully informed.
- Personal Data We Collect
We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal data”). In addition, we may collect data that is not identifiable to you or otherwise associated with you, such as aggregated data, and is not personal data. To the extent this data is stored or associated with personal data, it will be treated as personal data; otherwise, the data is not subject to this Privacy Notice.
-
- Categories of Personal Data We Collect
The types of personal data we collect about you depends on your interactions with us and your use of the Services. In the past twelve (12) months, we collected the below categories of personal data from our users:
- Identifiers such as name, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, phone number, social security number, driver’s license number, passport number, or other similar identifiers.
- Commercial information, including financial information, such as bank account numbers.
- Professional or employment-related information.
- Education information (as defined in 20 U.S.C. section 1232g, 43 C.F.R. Part 99).
We will not collect additional categories of personal data other than those categories listed above. If we intend to collect additional categories of personal data, we will provide you with a new notice at or before the time of collection.
-
- How We Use Your Personal Data
We collect and process your personal data for the following business and commercial purposes:
- Providing, predicting, or performing services, including onboarding new accounts, maintaining or servicing accounts, providing customer service, processing trade instructions and transactions, verifying customer information, and processing payments.
- Communicating with you by email, mail, telephone, and other methods of communication, about products, services, and information tailored to your requests or inquiries.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of the services or devices owned or controlled by us, and to improve, upgrade, or enhance the services or devices owned or controlled by us.
- Complying with applicable laws, regulations, rules and requests of relevant law enforcement and/or other governmental agencies, or for other purposes, as permitted or required by law.
- As necessary or appropriate to protect the rights, property, and safety of our users, us, and other third parties.
We will not use the personal data we collected for materially different, unrelated, or incompatible purposes without providing you with notice and obtaining your consent.
-
- How We Obtain Your Personal Data
We collect your personal data from the following categories of sources:
- Directly from you. When you provide it to us directly whether online, by email, phone, or in-person. We may collect your name, Social Security Number, mailing address, email address, phone number and bank account information. In addition, users who create an account through our Registered User Portal will be asked to provide name, email address and phone number to establish the account. Registered User Portal accountholders may change and update the information stored in or associated with their account through their account settings. The information accessible to Registered User Portal accountholders is personally tailored, and only available to, each such accountholder.
-
- Who We Disclose Your Personal Data To
We disclose your personal data to the following categories of third parties:
- Our Service Providers, including without limitation, our professional advisors (such as accountants, consultants and attorneys).
- Financial institutions from which payments are deducted or to which payments are deposited.
- Our affiliated entities.
- Government agencies or regulators when permitted or required to do so by law; in response to a request from a law enforcement agency or authority or any regulatory authority; and/or to protect the integrity of the Services or our interests, rights, property, or safety, and/or that of our users and others.
We do not and will not knowingly sell or share (as such terms are defined under applicable law) the personal data of any users without affirmative authorization.
- Your Rights Regarding Personal Data
You have certain rights regarding the collection and processing of personal data. You may exercise these rights, to the extent they apply to you, by contacting us at the information provided at the end of this Privacy Notice, or by following instructions provided in this Privacy Notice or in communications sent to you.
Your rights vary depending on the laws that apply to you, but may include:
- The right to know whether, and for what purposes, we process your personal data;
- The right to be informed about the personal data we collect and/or process about you;
- The right to learn the sources of personal data about you that we process, if any;
- The right to access, modify, and correct personal data about you (see the “Accessing, Modifying, Rectifying, and Correcting Collected Personal Data” section below for more information) [Insert internal hyperlink to that section.];
- The right to know with whom we have shared your personal data with, for what purposes, and what personal data has been shared (including whether personal data was disclosed to third parties for their own direct marketing purposes);
- The right to withdraw your consent, where processing of personal data is based on your consent; and
- The right to lodge a complaint with a supervisory authority located in the jurisdiction of your habitual residence, place of work, or where an alleged violation of law occurred.
See “Your California Privacy Rights” [Insert internal hyperlink to that section.], “Your Nevada Privacy Rights” [Insert internal hyperlink to that section.], and “Your Other U.S. State Privacy Rights” [Insert internal hyperlink to that section.] for more information about certain legal rights.
-
- Accessing, Modifying, Rectifying, and Correcting Collected Personal Data
We strive to maintain the accuracy of any personal data collected from you, and will try to respond promptly to update our records when you tell us the information in our records is not correct. However, we must rely upon you to ensure that the information you provide to us is complete, accurate, and up-to-date, and to inform us of any changes. Please review all of your information carefully before submitting it to us, and notify us as soon as possible of any updates or corrections by sending an email to investorrelations@cardinalcapital.com.
Depending on the laws that apply to you, you may obtain from us certain personal data in our records. If you wish to access, review, or make any changes to personal data you have provided to us through the Services, please contact us at the information provided at the end of this Privacy Notice. We reserve the right to deny access as permitted or required by applicable law.
-
- Your California Privacy Rights
California’s “Shine the Light” law, permits our users who are California residents to request and obtain from us a list of what personal data (if any) we disclosed to third parties for their own direct marketing purposes in the previous calendar year and the names and addresses of those third parties. Requests may be made only once per year per person, must be sent to the email address below, and are free of charge. However, we do not disclose personal data protected under the “Shine the Light” law to third parties for their own direct marketing purposes.
-
- Your Nevada Privacy Rights
Nevada law permits our users who are Nevada consumers to request that their personal data not be sold (as defined under applicable Nevada law), even if their personal data is not currently being sold. Requests may be sent to the email address below, and are free of charge.
-
- Your Other U.S. State Privacy Rights
If you are located in Virginia, Colorado, Connecticut, Oregon, Texas or Utah, you have certain rights regarding your Personal Data. The section describes how we collect, use, and share your Personal Data under the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“PDPOM”), the Oregon Consumer Privacy Act (“OCPA”), the Texas Data Privacy Act (“TDPA”) and the Utah Consumer Privacy Act (“UCPA”) and your rights with respect to that Personal Data.
As a Virginia, Colorado, Connecticut, Oregon, Texas or Utah resident, you have some or all of the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by law. You can ask to appeal any denial of your request in the same manner through which you may submit a request.
- Right to Access and Portability. You have right to access your Personal Data and/or receive a copy of the Personal Data that we have collected about you.
- Right to Correct. You have the right to correct inaccurate Personal Data that we have collected about you.
- Right to Delete. You have the right to delete the Personal Data we have obtained about you or that you have provided to us with certain exceptions.
- Right to Opt-out of Tracking for Targeted Advertising Purposes. You have the right to opt-out of certain tracking activities for targeted advertising purposes.
- Right to Opt-out of Profiling. If we process your Personal Data for profiling purposes as defined by the VCDPA, CPA, PDPOM, OCPA, TDPA and/or UCPA, you can opt-out of such processing.
- Right to Non-discrimination. You have the right to be free from discrimination as prohibited by the VCDPA, CPA, PDPOM, OCPA, TDPA and/or UCPA.
- Your Choices
You have choices about certain information we collect about you, how we communicate with you, and how we process certain personal data. When you are asked to provide information, you may decline to do so; but if you choose not to provide information that is necessary to provide some of our Services, you may not be able to use those Services. In addition, it is possible to change your browser settings to block the automatic collection of certain information.
-
- Communications Opt-Out. You may opt out of receiving marketing or other communications from us at any time through a given communications channel (such as email or telephone) by following the opt-out link or other unsubscribe instructions provided in any email message received, or by contacting us as provided at the end of this Privacy Notice. If you wish to opt out by sending us an email to the address provided below, please include “Opt-Out” in the email’s subject line and include your name and the email address you used to sign up for communications in the body of the email.
Note that if you do business with us in the future, you may not, subject to applicable law, opt out of certain automated notifications based on business transactions.
-
- Cookies, Web Tracking, and Advertising. We do not use any cookies or other web tracking technologies to collect information about you.
- Protecting Personal Data
We use reasonable and appropriate physical, technical, and organizational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability, and resilience of personal data. Those safeguards include: (i) taking steps to ensure personal data is backed up and remains available in the event of a security incident; and (ii) periodic testing, assessment, and evaluation of the effectiveness of our safeguards.
However, no method of safeguarding information is completely secure. While we use measures designed to protect personal data, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that Internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
- Retention of Personal Data.
We retain personal data for so long as necessary to provide our services to you, as well as to the extent we deem necessary to carry out the processing activities described above, including but not limited to compliance with applicable laws, regulations, rules and requests of relevant law enforcement and/or other governmental agencies, and to the extent we reasonably deem necessary to protect our rights, property, or safety, and the rights, property, and safety of our users and other third parties.
- Other Important Information About Personal Data and the Services.
- Collection of Personal Data from Children. Children under 16 years of age are not permitted to use the Services, and we do not knowingly collect information from children under the age of 16. By using the Services, you represent that you are 18 years of age or older, or are 16 years of age or older and have valid parental consent to do so.
- Third-Party Websites and Services. As a convenience, we may reference or provide links to third-party websites and services, including those of unaffiliated third parties, our affiliates, service providers, and third parties with which we do business (including, but not limited to, Yardi Systems, Inc.). When you access these third-party services, you leave our Services, and we are not responsible for, and do not control, the content, security, or privacy practices employed by any third-party websites and services. You access these third-party services at your own risk. This Privacy Notice does not apply to any third-party services; please refer to the Privacy Notices or policies for such third-party services for information about how they collect, use, and process personal data.
- Business Transfer. We may, in the future, sell or otherwise transfer some or all of our business, operations or assets to a third party, whether by merger, acquisition or otherwise. Personal data we obtain from or about you via the Services may be disclosed to any potential or actual third-party acquirers and may be among those assets transferred.
- Do Not Track. We do not currently process or comply with any web browser’s “do not track” signal or similar mechanisms.
- International Use. Your personal data will be stored and processed in the United States, and may be stored and processed by our Service Providers using data centers located outside of the United States. If you are using the Services from outside the United States, by your use of the Services you acknowledge that we will transfer your data to, and store your personal data in, the United States (at a minimum), which may have different data protection rules than in your country, and personal data may become accessible as permitted by law in the United States, including to law enforcement and/or national security authorities in the United States.
- Modifications and Updates to this Privacy Notice
This Privacy Notice replaces all previous disclosures we may have provided to you about our information practices with respect to the Services. We reserve the right, at any time, to modify, alter, and/or update this Privacy Notice, and any such modifications, alterations, or updates will be effective upon our posting of the revised Privacy Notice. We will use reasonable efforts to notify you in the event material changes are made to this Privacy Notice, such as by posting a notice on the Services or sending you an email. Your continued use of the Services following our posting of any revised Privacy Notice will constitute your acknowledgement of the amended Privacy Notice.
- Applicability of this Privacy Notice
This Privacy Notice is subject to the Terms and Conditions [Insert hyperlink] and the Registered User Portal Terms of Service [Insert hyperlink] that govern your use of the Services. This Privacy Notice applies regardless of the means used to access or provide information through the Services.
This Privacy Notice does not apply to information from or about you collected by any third-party services, applications, or advertisements associated with, or websites linked from, the Services. The collection or receipt of your information by such third parties is subject to their own privacy policies, statements, and practices, and under no circumstances are we responsible or liable for any third party’s compliance therewith.
- Additional Information and Assistance
If you have any questions or concerns about this Privacy Notice and/or how we process personal data, please contact us at:
Attn: Investor Relations
3131 Turtle Creed Blvd., 11th Floor
Dallas, Texas 75219
214 – 696 – 3600
investorrelations@cardinalcapital.com
For more information about how users with disabilities can access this Privacy Notice in an alternative format, please contact us by sending an email to investorrelations@cardinalcapital.com.