Effective Date: January 1, 2023
Welcome! Thank you for your interest in Cox Enterprises, Inc. and our “Affiliates” (other companies within the Cox Enterprises, Inc. corporate family, collectively “CEI” or “we” or “our” or “us”). We respect your privacy when you use our websites, which may include but is not limited to https://www.Coxenterprises.com, https://www.Coxconservesheroes.com, and https://www.Coxalerts.com, and other online products and services (collectively, our “Services”). Certain Affiliates, such as Cox Automotive Inc. (“CAI”), Cox Communications, Inc. (“CCI”), and The Atlanta Journal-Constitution (“AJC”), may be subject to separate privacy notices that should be consulted when you visit their websites or other applicable properties.
This California Privacy Notice (“CA Notice”) applies to California residents that are “Consumers” as defined by the California Consumer Privacy Act (as amended and together with related regulations “CCPA”) and is a supplement to CEI’s other privacy policies or notices, including our main Privacy Policy. This CA Notice also applies to businesses with which we have a prospective or existing business relationship (“B2B Individual”), including corporate clients, business partners, service providers, suppliers, vendors, and other persons in the context of business-to-business activities (“B2B Services”).
This CA Notice reflects our practices regarding the Collection, use, Sale, Sharing, and retention of your Personal Information (“Information Practices”) as a California Consumer when you use our Services. If you are a current employee or contractor (with CEI Systems access) of CEI, you may view our California Workforce Member Privacy Notice (Internal) under “Policies and Guidelines” through InsideCox. If you are a job applicant, you may view our California Applicant Privacy Notice by visiting the CEI Careers page here. If you are a former employee, retiree, beneficiary, dependent, former contractor, or current contractor (without CEI system access) of CEI, you may view our California Workforce Member Notice (External) by visiting our main page here.
In the event of a conflict between this CA Notice and our main Privacy Policy, or our other privacy policies, this CA Notice shall govern as to our rights or obligations under the CCPA. Capitalized terms that are used herein shall have the meaning given to them in the CCPA unless otherwise noted. We may from time-to-time update information in this CA Notice regarding our Information Practices and your rights, modify our methods for responding to your requests, or supplement our responses to your requests as required to reflect updates to the law. You can tell when this CA Notice was last updated by looking at the Effective Date at the top of the CA Notice. Any changes to this CA Notice will become effective upon posting of the revised CA Notice on the Services.
Unless otherwise noted, the disclosures contained within this CA Notice cover our activities in the prior 12 months from the Effective Date as well as our current practices.
Generally, we Collect, use, and disclose your Personal Information (“PI”) to provide you our Services or as otherwise related to the operation of our business, including facilitating any B2B Services. In addition, we may Collect, use, and disclose your PI as required or permitted by applicable law, or as directed by you, in accordance with this CA Notice.
Note that the examples of PI we Collect about you, the Business Purposes, the recipients of your PI, and the sources of your PI, may vary depending on the nature of your interactions with us, and may not include all of the examples listed below. If you’re a B2B Individual, not all of the disclosures below may be applicable to facilitating B2B Services.
Depending on your interaction with us, the table below provides the categories of PI and Sensitive PI we Collect about California Consumers, including B2B Individuals, and examples of the PI we Collect. We Collect, retain, use, and disclose the PI we Collect for the CCPA-defined business purposes in the bulleted list below and for the purposes described in our Privacy Policy (collectively, our “Business Purposes”). We disclose the PI we Collect to the categories of recipients below for the same Business Purposes.
Personal records (any personal information described in subdivision (e) of Section 1798.80 of the California Civil Code) such as financial information.
Facilitating the B2B Services, including providing and receiving products and services, verifying your information, conducting background checks and pre-screening examination, processing payments, and similar functions and services;
Providing our Services, including maintaining and servicing your accounts, verifying your information, processing payments, advertising, marketing, or analytic services, auditing compliance, and similar functions and services;
Facilitating the B2B Services, including providing and receiving products and services, verifying your information, processing payments, and similar functions and services;
Detecting security incidents and protecting against malicious, deceptive, or illegal activity;
Troubleshooting our Services to identify and repair issues;
Internal research and development;
Quality and safety assurance, and improving, upgrading, and enhancing our Services;
Processing and managing interactions and transactions for our Services;
Personalizing your website experience and to deliver content and product and service offerings relevant to your interests.
Internet or other electronic network activity information such as browsing history, referring URLs, search history, interactions with advertising links, and mobile application usage.
Facilitating the B2B Services, including providing and receiving products and services, verifying your information, processing payments, and similar functions and services
Short-term, transient use without disclosing PI to another Third Party or using to build a Consumer profile or altering an individual Consumer’s experience outside the current interaction with us;
Geolocation data such as your location we infer based on your IP address.
Facilitating the B2B Services, including providing and receiving products and services, verifying your information, facility access, processing payments, and similar functions and services;
In addition, each of the above referenced categories of PI may be Collected, used, and disclosed with the government, including law enforcement, or other parties to comply with law or legal process, to the Consumer or other parties at the Consumer’s request, for the additional purposes explained in our Privacy Policy, for other operational or business purposes reasonably necessary and proportionate to achieve the purposes for which the PI is Collected, and to assignees as part of a merger or asset sale.
Further, we may Deidentify or Aggregate your PI, and as permitted by applicable law, we do not treat Deidentified or Aggregate Consumer information as PI. Similarly, as permitted by the CCPA, we may not treat publicly available information as PI.
We Collect the above categories of PI directly from you, your device or browser, Vendors, suppliers, public databases, social media platforms, data append services, Affiliates, and for B2B Individuals, the Business that we have a prospective or existing business relationship with.
Except as otherwise permitted or required by applicable law or regulation, we will only retain your PI (which includes the categories of PI set forth in the charts above) for as long as necessary to fulfill the purposes we Collected it for, as required to satisfy any legal, obligations, or as necessary to resolve disputes. To determine the appropriate retention period for PI, we consider applicable legal requirements, the amount, nature, and sensitivity of the PI, the potential risk of harm from unauthorized use or disclosure of your PI, the purposes we Process your PI for, and whether we can achieve those purposes through other means. For certain types of PI, we will only maintain it for a limited duration.
We only sell or share the following categories of PI: identifiers, internet or other electronic network activity information, and geolocation data, and will only share or sell this information through our use of cookies and other tracking technologies (such as web beacons) to our analytics and advertising partners for advertising purposes. To understand more about our use of cookies and tracking technologies on our Services, please carefully review Section 11 – Choices: Tracking and Communications Option in our Privacy Policy.
If you are a resident of California, you have the right to submit certain requests relating to your PI as described below.
We do not use or disclose Sensitive PI for the purpose of inferring characteristics about you, or for any other reasons besides the permitted purposes including: to provide our goods and services, or as needed: to ensure security and integrity; to prevent fraud or illegal activity; for physical safety; for short-term, transient use, including for non-personalized advertising; to perform services on behalf of the business; and to verify or maintain the quality or safety of a service or device owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance such services or devices. For this reason, we do not treat the Sensitive PI we process as subject to a limit use and disclosure request and, therefore, we do not offer a way for you to submit such a request.
California Consumers have the right to exercise certain privacy rights under the CCPA. Any Request to Know, Request to Delete, and Request to Correct you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”). We will not fulfill your CCPA request unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we Collected PI.
If you are unable to provide us with certain information about yourself or, in some cases, about your transaction history with us, we will be unable to verify your identity to fulfill a request to know , delete, or correct. In some cases, we may verify identity by confirming that you are the owner of the email address we have on file. For your specific pieces of information, as required by the CCPA, we will apply heightened verification standards, and reserve the right to request further information from you, in addition to the information mentioned above.
Some personal information we maintain about Consumers is not sufficiently associated with a Consumer for us to be able to verify that it is a particular Consumer’s personal information (e.g., clickstream data tied only to a pseudonymous browser ID). As required by the CCPA, we do not include that personal information in response to Verifiable Consumer Requests. Under the CCPA they are exceptions to your request rights. If we do not comply fully with a request, we will explain the reasons in our response.
We will make commercially reasonable efforts to identify Consumer PI that we Collect, Process, store, disclose, and otherwise use and to respond to your California Consumer privacy rights requests. We will typically not charge a fee to fully respond to your requests, but we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome.
You may use an Authorized Agent to submit a Consumer rights request. If you use an Authorized Agent to submit a request, we may require proof that the agent has been authorized by you to do so, and take other steps permissible under the CCPA, to ensure it is a proper request by an authorized agent.
Separate from your CCPA rights, California’s “Shine the Light” law permits California residents to request certain information regarding our disclosure of personal information to third parties for their own direct marketing purposes. We do not share personal information with third parties for their own direct marketing purposes. If you are a California resident, you may request information about our compliance with Shine the Light by contacting us at privacy@coxinc.com or by sending a letter to:
Cox Enterprises Inc. ATTN: Chief Privacy Officer: Shine the Light Request 6205-A Peachtree Dunwoody Road Atlanta, GA 30328
Any such request must include “California Shine the Light Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this email address or mail address.
As these rights and your CCPA rights are not the same and exist under different laws, you must exercise your rights under each law separately.
If you have any questions about this CA Notice, please contact CEI at privacy@coxinc.com. Requests under Section 4 California Privacy Rights will not be accepted via email.