atto2

California Privacy Notice

Effective Date: 02 Jun 2025 • Last Updated: 03 Jun 2025

This Notice supplements our main Privacy Policy (the “Main Policy”). If anything here conflicts with the Main Policy, this Notice controls for California residents.

 
1. Scope
This Notice applies only to personal information (“PI”) collected online via atto.ai and its sub-pages (the “Site”). When you click Apply on a job posting and are redirected to Workable.com, that third-party site’s privacy practices apply.

 
2. Notice at Collection
We do not sell or share (for cross-context behavioural advertising) any PI.

CPRA Category: Identifiers
Examples: Name, email, IP address
Sources: You (via contact form), cookies
Purpose: P1 – respond to inquiries; P2 – operate, secure, improve the Site
Disclosed To: Hosting, email, lawful recipients
Collected? Yes

CPRA Category: Internet / Network Activity
Examples: Device type, pages viewed
Sources: Cookies, reCAPTCHA
Purpose: P2 – analytics, security
Disclosed To: Analytics providers
Collected? Yes

CPRA Category: Geolocation (coarse)
Examples: Country/region from IP
Sources: Cookies
Purpose: P2 – analytics
Disclosed To: Analytics providers
Collected? Yes

Purposes (see §3):
P1 – respond to inquiries
P2 – operate, secure, improve the Site

Sensitive PI Definition: We do not intentionally collect “Sensitive Personal Information” as defined in Cal. Civ. Code §1798.140(ae).
Retention criteria appear in §7.

 
3. How & Why We Use PI

P1 – Respond to inquiries. Customer support, communications.
P2 – Operate, secure, & improve the Site. Debugging, analytics, fraud prevention.
We run no loyalty or financial-incentive programs tied to PI.

 
4. Cookies & Similar Technologies

Banner on first visit lets you Accept or Reject non-essential cookies.
Only strictly necessary cookies load by default.
We honour the Global Privacy Control (GPC) signal and provide a persistent footer link “Your Privacy Choices.”
 
5. Sharing & Disclosure

Scenario: Service Providers
Recipients: Hosting, analytics, email, security vendors
Safeguards: Written contracts; no sale/share; process only under our instructions

Scenario: Legal Compliance & Protection
Recipients: Courts, regulators, law enforcement
Safeguards: Disclosed only when required or to protect rights/property/safety

Scenario: Business Transfers
Recipients: Successor entity (merger, acquisition)
Safeguards: Subject to confidentiality and this Notice

We do not sell PI or use it for cross-context behavioural advertising.

 
6. Security & Security Breach Notice
We apply administrative, technical, and physical safeguards (encryption in-transit, least-privilege access, patch management). No system is perfectly secure.

Security Breach Notice: If a breach involving PI occurs, we will notify affected consumers and regulators in accordance with Cal. Civ. Code §1798.82 and other applicable laws.

 
7. Data Retention & Criteria

Category: Contact-form PI
Default Period: 2 years
Criteria Used: Business need; legal obligations; or the minimum period required by law

Category: Analytics / cookie IDs
Default Period: 14 months
Criteria Used: Same as above

Category: Server logs
Default Period: 12 months
Criteria Used: Same as above

Back-ups or archives may be retained longer for legal or security reasons.

 
8. Consumer Rights
Under the CPRA you may exercise the following, subject to verification:

Know / Access, Delete, Correct, Portability, Opt-out of Sale/Share, Limit Sensitive PI, Non-Discrimination
Opt-out of Automated Decision-Making: We do not currently deploy automated decision-making. When required by law, we will honour any opt-out request.
Minors 13–16 “Right to Opt-In” for any sale/share of PI (Cal. Civ. Code §1798.120(d)). We do not sell/share PI, but we honour this right.
Authorized Agents (§1798.135(c))
You may designate an authorised agent to submit a request by:
(i) providing the agent with signed permission;
(ii) having the agent verify their identity; and
(iii) either having the agent present your signed permission or us contacting you directly to confirm.

Verification Standard (§7061 CPRA Regs)

Non-sensitive PI: we match two reliable data points.
Sensitive or high-risk PI: we match three reliable data points and obtain a signed declaration.
Submitting Requests
Email [email protected] with subject “California Privacy Request.” We respond within 45 days (one 45-day extension possible).
Appeals: Reply to any denial within 60 days; we will respond within 45 days.

 
9. Children’s Privacy
The Site is not directed to children and we do not knowingly collect PI from anyone under 18.

 
10. Third-Party Sites & Services
Links to third-party sites (e.g., Workable.com) are provided for convenience. We are not responsible for their privacy practices.

 
11. “Shine the Light” & Do Not Track

Shine the Light (§1798.83): We do not disclose PI to third parties for their direct-marketing purposes.
Do Not Track: Aside from GPC, we do not respond to other DNT signals.
 
12. Changes to This Notice
We may update this Notice periodically. The revised version will appear here with a new “Last Updated” date. Continued use of the Site after an update constitutes acceptance.

 
13. Contact Us

For questions about the Site or the California Privacy Notice, please contact us at:

Atto Trading Technologies LLC
5966 South Dixie Hwy, Ste. 300 Miami, FL, 33143, USA
Email: [email protected]

 

This website uses cookies