Home

Limit the Use of My Sensitive Personal Information

Your Rights Regarding Sensitive Personal Information

Key Information

You have the right to limit our use of your sensitive personal information to only those purposes necessary to provide our services. This page explains what constitutes sensitive information and how to exercise your rights.

Legal Basis for These Rights

These rights are granted under several privacy laws, with specific provisions for sensitive data:

  • California Privacy Rights Act (CPRA): Provides California residents with the right to limit use of sensitive personal information to specified business purposes.
  • Virginia Consumer Data Protection Act (VCDPA): Requires opt-in consent for processing sensitive data categories.
  • General Data Protection Regulation (GDPR): Establishes special protections for "special categories" of personal data under Article 9.
  • Colorado Privacy Act (CPA) and Connecticut Data Privacy Act (CTDPA): Similar protections for sensitive data in these states.

What Constitutes Sensitive Personal Information?

Government Identifiers

  • Social Security number
  • Driver's license number
  • Passport number
  • State ID card number

Financial Information

  • Bank account numbers
  • Credit/debit card numbers
  • Account access credentials
  • Precise financial geolocation

Health & Biometric Data

  • Medical conditions
  • Health insurance information
  • Biometric data (fingerprints, faceprints)
  • Genetic data

Demographic Characteristics

  • Racial or ethnic origin
  • Religious/philosophical beliefs
  • Union membership
  • Sexual orientation

Communications & Location

  • Mail/email contents (unless we're the recipient)
  • Precise geolocation (within 1,750 feet)
  • Private communications

Other Sensitive Data

  • Citizenship/immigration status
  • Mental/physical health diagnoses
  • Contents of private messages
  • Login credentials

Important Notes

Some information may be considered sensitive under one law but not another. We apply the broadest protections regardless of your location. Certain data elements (like ZIP code alone) typically don't qualify as sensitive.

How We Use Sensitive Information

Without your explicit consent, we only use sensitive personal information for these permitted purposes:

Service Provision

  • Processing payments for purchases
  • Providing healthcare services (if applicable)
  • Delivering core product functionality

Security & Fraud Prevention

  • Detecting security incidents
  • Protecting against fraud
  • Verifying identity

Legal Compliance

  • Complying with federal/state laws
  • Responding to law enforcement
  • Exercising legal rights

Internal Business Purposes

  • Maintaining service quality
  • Short-term transient use
  • Performing services on your behalf

Prohibited Uses Without Consent

We will never use your sensitive information for:

  • Cross-context behavioral advertising
  • Building advertising profiles
  • Training AI models without de-identification
  • Any purpose beyond what's necessary for our services

How We Protect Sensitive Information

Technical Safeguards

  • End-to-end encryption
  • Tokenization of payment data
  • Strict access controls
  • Multi-factor authentication

Organizational Measures

  • Limited employee access
  • Mandatory privacy training
  • Data minimization policies
  • Regular audits

Third-Party Protections

  • Strict contractual obligations
  • Purpose limitations
  • Data protection assessments
  • Prohibitions on secondary use

Manage Your Sensitive Data Preferences

What Changes When You Limit Use

Immediate Effects:

  • We stop using sensitive data for non-essential purposes
  • Existing sensitive data is restricted to permitted uses
  • Future collection is minimized to only what's necessary

What Doesn't Change:

  • Essential service functionality requiring this data
  • Legal/regulatory compliance requirements
  • Fraud prevention measures

How to Exercise Your Rights

Option 1: Online Request Portal

Our secure portal allows you to submit and track requests regarding your sensitive data:

Option 2: Email Request

Send an email to privacy@yourcompany.com with:

  • Subject line: "Sensitive Data Request"
  • Your full name
  • Account information (if applicable)
  • Specific request details

Option 3: Phone Request

Call our dedicated privacy line:

1-800-555-PRIV (7748)

Available Monday-Friday, 9am-5pm EST

Option 4: Mail Request

Send written requests to:

YourCompany Privacy Office
Attn: Sensitive Data Request
123 Data Protection Lane
Privacyville, CA 90210

Verification Process

To protect your information, we require verification of your identity before processing sensitive data requests. This may involve:

  • Account authentication
  • Government ID verification (for certain requests)
  • Answering security questions
  • Email confirmation

Response Timeline & Process

1

Request Submission

We acknowledge receipt of your request within 10 business days and provide information about our verification process.

2

Verification

Most requests are verified within 3-5 business days. Complex cases may take up to 10 days. We'll notify you if additional information is needed.

3

Processing

We complete processing within 45 days of verification. For complex requests, we may extend this period by an additional 45 days with notification.

4

Completion

You'll receive a detailed report of actions taken. For limitations, we'll specify the business purposes for which we retain certain sensitive data.

Exceptions & Limitations

In certain circumstances, we may deny your request if:

  • We cannot verify your identity
  • The request is manifestly unfounded or excessive
  • Retention is required by law or for legal claims
  • Data is de-identified or aggregated
  • Maintaining the data is necessary for our core services

If we deny your request, we'll explain why and provide information about appealing the decision.

Additional Protections

For Minors

We never knowingly sell or share sensitive data of consumers under 16 without affirmative authorization. Parents/guardians may make requests on behalf of minors.

Data Retention

Sensitive data is retained only as long as necessary for the permitted purposes, typically:

  • 7 years for financial records
  • Duration of service plus 3 years for health data
  • Immediate deletion of unused biometric data

Consumer Privacy Rights Request Form

Not all persons are eligible for all data requests. This form will be used to determine your eligibility. To protect your privacy, you will be required to verify that you either are a person about whom we collected information or are someone authorized to act on such a person's behalf. Requests are fulfilled as soon as practical, usually within 45 days.

*REQUIRED FIELDS

0/1000 Characters

Please verify that you're not a robot

We'll never share your information. Read our Privacy Policy.

Icon 2Logo

Our mission is to help you take your team, your business, and your career to the next level.

Whether you're here for product recommendations, research, or career advice, we're happy you're here!

What We Cover

Our Company

Legal

Social