Last Updated: December 2023
Generate Capital, PBC and its affiliates (collectively, “Generate,” “we,” or “us”) want you to be familiar with how we collect, use, and disclose information. This privacy policy (“Privacy Policy”) describes our practices in connection with information that we collect through:
Collectively, we refer to the Websites, emails, and offline business interactions as the “Services.” This Privacy Policy may change from time to time (see the “Updates to this Privacy Policy” section below), and you should review it periodically.
This Privacy Policy was last updated on the date set forth at the top of this policy.
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual. As part of providing the Services, we may collect Personal Information, including:
and each of the other specific types of Personal Information which are referred to below.
Collection of Personal Information
We and our service providers may collect Personal Information in a variety of ways, including:
If you do not provide the information requested, we may not be able to provide the Services to you. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so for the purposes set out in this Privacy Policy.
Use of Personal Information
We and our service providers may use Personal Information for the following purposes:
– To provide the Services’ functionality to you, such as arranging access to your registered account.
– To respond to your inquiries and fulfill your requests, for example, when you send us questions, suggestions, compliments, or complaints, or when you request information about our offerings and services.
– To complete your transactions, verify your information, and provide you with related client service.
– To send administrative information to you, such as changes to our terms, conditions, and policies.
Generate processes Personal Information for these purposes in order to perform its contractual obligations to you and for Generate’s legitimate interests in providing the Services.
– To send you marketing related emails, with information about our services, new products, and other news about our company.
– To facilitate social sharing functionality that you choose to use.
Generate processes Personal Information for these purposes relying on your consent (or relying on Generate’s legitimate interests in promoting its Services and its business, where consent is not strictly required by law).
– To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services.
– To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with information tailored to your interests.
– To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.
Generate processes Personal Information for these purposes relying on its legitimate interests in improving and promoting the Services.
– We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other information for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.
Generate processes Personal Information for these purposes relying on its legitimate interests in improving the Services (note: no such lawful basis for processing is required once Personal Information is anonymized).
– For data analysis, for example, to improve the efficiency of our Services;
– For audits, to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements;
– For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
– For developing new products and services;
– For enhancing, improving, repairing, maintaining, or modifying our current products and services, as well as undertaking quality and safety assurance measures;
– For identifying usage trends, for example, understanding which parts of our Services are of most interest to users;
– For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
– For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.
Generate processes Personal Information for these purposes relying on its legitimate interests in improving and promoting the Services. Generate also processes Personal Information for these purposes because one or more of the following applies:
– Generate has legal or regulatory obligations that must be discharged;
– Generate may need to do so in order to establish, exercise or defend its legal rights or for the purpose of legal proceedings; or
– the use of your Personal Information is necessary for our legitimate business interests or the legitimate interests of a third party, provided such interests are not overridden by your rights or interest, including (i) allowing Generate to effectively and efficiently administer and manage the operation of its business; (ii) maintaining compliance with internal policies and procedures; (iii) monitoring the use of our copyrighted materials; (iv) offering optimal, up-to-date security solutions for mobile devices and IT systems; or (v) for internal research purposes.
Disclosure of Personal Information
Generate may share or provide access to your Personal Information among its affiliates and business units and third party agents and service providers outside of Generate as follows:
– These can include providers of services such as website hosting, data analysis, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
– On message boards, profile pages, blogs, and other services to which you are able to post information and content. Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
Other Uses and Disclosures
We may also use and disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so:
– This may include laws outside your country of residence.
– To respond to a request or to provide information we believe is necessary or appropriate.
– These can include authorities outside your country of residence.
– For example, when we respond to law enforcement requests and orders.
– To enforce our terms and conditions;
– To detect, investigate, and prevent fraud and other crimes or malpractice;
– To establish, exercise, or defend legal rights; and
– To protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others.
– We have a legitimate interest in disclosing or transferring your Personal Information to a third party in connection with any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
“Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual. The Services collect such Other Information as:
Collection of Other Information
We and our service providers may collect Other Information in a variety of ways, including:
– Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, and Internet browser type and version. We use this information to ensure that the Services function properly.
– Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the Websites, pages visited, language preferences, and other traffic data. We and our service providers use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Websites in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them. We do not currently respond to browser do-not-track signals. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Services.
– Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates.
– Analytics. We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends. This service may also collect information regarding the use of other websites, apps, and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
– Invisible reCAPTCHA. We use Google’s invisible reCAPTCHA application on our Services in order to protect against spam and other automated abuse. The reCAPTCHA tool may make use of cookies, as well as other information such as IP address, date, time, language, screen size and resolution, and mouse movements. The use of the reCAPTCHA tool and any information collected through the tool are subject to Google’s privacy policy, available at https://policies.google.com/privacy and Google’s terms of service, available at https://policies.google.com/terms?hl=en.
Uses and Disclosures of Other Information
We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Policy. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.
We seek to use reasonable organizational, technical and administrative measures designed to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
Your choices regarding our use and disclosure of your Personal Information
We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt out from:
(1) Receiving marketing-related emails from us. If you no longer want to receive marketing related emails from us on a going-forward basis, you may opt out by following the instructions contained in each such message.
(2) Receiving text messages from us. If you no longer want to receive text messages from us on a going-forward basis, you may opt out by replying STOP to any such message.
We will try to comply with your request as soon as reasonably practicable. Please note that if you opt out of receiving marketing related emails from us, we may still send you important administrative and transactional messages, from which you cannot opt out.
How you can access, change, or delete your Personal Information
If you would like to request to access, correct, update, suppress, restrict, or delete Personal Information, object to or opt out of the processing of Personal Information, or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “Contact Us” section below. We will respond to your request consistent with applicable law (under which various exemptions or exceptions may apply). If you are a California resident, please refer to the “Additional Information Regarding California” section at the end of this Privacy Policy for more information about the requests you may make under the California Consumer Privacy Act.
In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.
The criteria used to determine our retention periods include:
This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.
In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, including any operating system provider or device manufacturer.
The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and, by using the Services, you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
ADDITIONAL INFORMATION REGARDING THE EEA AND THE UK: Some non-EEA and non-UK countries are recognized by the European Commission and the UK Secretary of State as providing an adequate level of data protection according to EEA and UK standards (the full list of these countries is available here (for the EEA) and here (for the UK). For transfers from the EEA or the UK to countries not considered adequate by the European Commission or the UK Secretary of State (as applicable), we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission (and other contractual mechanisms), to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with the “Contact Us” section below.
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other philosophical beliefs, data concerning health, sex life or sexual orientation, biometric or genetic data used for identification purposes, trade union membership, or Personal Information relating to criminal convictions and offences) on or through the Services or otherwise to us.
The “Last Updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services.
Generate Capital, PBC, located at 560 Davis Street, Suite 250, San Francisco, CA 94111, USA, is the company responsible for collection, use, and disclosure of your Personal Information under this Privacy Policy.
If you have questions about this Privacy Policy, please contact us at [email protected], or 560 Davis Street, Suite 250, San Francisco, CA 94111, USA. Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us regarding this Privacy Policy.
You may lodge a complaint with an EU/EEA or UK data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs. A list of EEA data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. The UK’s data protection authority is the Information Commissioner (https://ico.org.uk).
If you are a California resident and our past, current, or prospective employee or contractor or an emergency contact or benefits beneficiary of any such employee or contractor, please click here for our privacy notice applicable to you.
Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), we provide the following details regarding the categories of Personal Information that we collect, use, and disclose about California residents.
Collection and Disclosure of Personal Information
The following chart includes: (1) the categories of Personal Information, as listed in the CCPA, that we plan to collect and have collected and disclosed within the preceding 12 months; and (2) the categories of third parties to which we disclosed Personal Information for our operational business purposes within the preceding 12 months.
| Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes |
| Identifiers, such as name, contact information, unique personal identifiers, IP address that can reasonably be linked or associated with a particular consumer or household, online identifiers, and government-issued identifiers (e.g., Social Security, passport, or driver’s license number) | affiliates; investors; capital providers, service providers; business partners; legal authorities |
| Personal information as defined in the California customer records law, such as name, contact information, signature; financial, education and employment information | affiliates; investors; capital providers; service providers; business partners; legal authorities |
| Protected Class Information under California or federal law, such as sex, age, gender, and race | affiliates; investors; capital providers; service providers |
| Commercial Information, such as transaction information and history and creditworthiness | affiliates; current and prospective investors, capital providers, and customers; service providers; business partners |
| Internet or network activity information, such as browsing history, search history and interactions with our online properties | affiliates; service providers |
| Geolocation Data, such as device location and approximate location derived from IP address | affiliates; service providers |
| Audio/Video Data. Audio, electronic, visual, and similar information, such as call and video recordings | affiliates; service providers |
| Education Information subject to the federal Family Educational Rights and Privacy Act such as student transcripts, grade point average, grades, and disciplinary records | affiliates; service providers |
| Employment Information. Professional or employment-related information, such as work history, prior employer, and information about business practices | affiliates; service providers |
| Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences, characteristics or suitability for employment | affiliates; service providers |
We do not “sell” or “share” Personal Information, as those terms are defined under the CCPA. Without limitation, we do not sell or share the Personal Information of minors under 16 years of age.
For purposes of the CCPA, a “sale” does not include the transfer of Personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
Sources of Personal Information
Please see the section of this Privacy Policy entitled “Collection of Personal Information” for details on the sources from which we collect Personal Information.
Uses and Disclosures of Personal Information
Please see the sections of this Privacy Policy entitled “Use of Personal Information” and “Disclosure of Personal Information” for details on how we use Personal Information.
Retention Period
Please see the section of this Privacy Policy entitled “Retention Period” for details on our Personal Information retention practices.
Individual Rights
Requests to Know, Delete, and Correct
If you are a California resident, you may make the following requests:
(1) “Request to Know”
You may request that we disclose to you the following information covering the 12 months preceding your request:
(2) “Request to Delete”
You may request that we delete Personal Information we collected from you.
(3) “Request to Correct”
You may request to correct inaccuracies in your Personal Information.
To make a Request to Know, Delete, or Correct, please contact us at [email protected] or 1 (833) 723-3264. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. In some instances, we may decline to honor your request where the law or right you are invoking does not apply or where an exception applies. We may need to request additional Personal Information from you, such as a government issued ID, in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information. If you make a Request to Delete, we may ask you to confirm your request before we delete your Personal Information.
Authorized Agents
If an agent would like to make a request on your behalf as permitted under the CCPA, the agent may use the submission methods noted above. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described above or confirm that you provided the agent permission to submit the request.
Right to Non-Discrimination
You have the right to be free from unlawful discriminatory or retaliatory treatment for exercising your rights under the CCPA.
