GDPR Addendum

Last Updated: 6 August 2018


  • Who we are

  • How to contact us

  • How we collect personal data

  • Cookies

  • “Do not track” signals

  • How we use your personal data

  • When we share and who can access your personal data

  • Selling of your personal data

  • Children and privacy

  • Security

  • Transfer of personal data outside of the European Economic Area (EEA) and international users

  • How long we store your personal data

  • Where we store your personal data

  • Your rights

  • Changes to this notice

  • Information correction, removal, and opting out

Who we are

This Privacy Policy Addendum explains how CAZENOVIA WEST, LLC (“Cazenovia West, LLC”, “CazWest”, “our”, “we” or “us”) collects and processes your Personal Data. Each time you use our Site, the current version of our Privacy Policy and GDPR Information will apply. Accordingly, whenever you use our Site, you should check the date of this Privacy Policy (which appears at the top) and review any changes since the last version. This Privacy Notice is applicable to all Site visitors, registered users, and all other users of our Site and Services.  The definition of the Service and all other relevant terminology can be found in our Terms of Service.

“Personal Data” is any information that enables us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.  “Subscribers” are companies or organizations that contract with CazWest to provide either consulting or chatbot services or both.  “Users” are individuals that interact with chatbots provided to Subscribers.  More information on both terms can be found in our Privacy Policy.

By visiting or using our SMS chatbots, you acknowledge that you have read and understood the processes and policies referred to in this document and our Privacy Policy.

How to contact us

For the purposes of the General Data Protection Regulation 2016/679 (the “GDPR”), the Data Controller is

Cazenovia West, LLC registered in the US State of Nevada with a registered address at 211 8th Street Unit 112 Las Vegas, NV 89101.

Our nominated representative for the purposes of the GDPR is John O’Brien, currently serving as CazWest’s Technical Director.

Our Data Protection Officer is John O’Brien who can be contacted by sending an email to  To ensure that our team responds in an adequate manner to your GDPR inquiries, please add “GDPR” to the subject line.

How we collect personal data

Personal Data that you give us

In the process of providing the Service, we may collect and process the following Personal Data:

  • From Subscribers

    • Contact information

    • Payment information

    • Purchase information

  • From Users

    • Contact information (phone numbers)

    • Location information (ZIP code)

    • Age/Gender information

Personal data we collect from you

In the process of providing the Service, we may collect and process the following Personal Data:

  • From Subscribers

    • Location information

  • From Users

    • Contact information (phone numbers)

    • Location information (ZIP code)

    • Age/Gender information

    • Perceptual information

Personal data we collect from others

As part of the provision of our Service, we may collect data regarding Users from Subscribers.  Before intake of this data, however, we ask that organizations scrape the data of all extraneous Personal Data.  We anonymize the data further before using it as part of the Service.

Non-Personal Data

We may use non-Personal Data for various business purposes such as providing customer service, fraud prevention, market research, and improving our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.

Our Service may also make use of non-personal data gathered from publicly available government and NGO databases, including the US Census, American Community Survey, and others.


Our website is managed via the Squarespace platform.  For our purposes, WE HAVE DISABLED COOKIES AND ACTIVITY LOGS FOR ALL WEBSITE USERS REGARDLESS OF EUROPEAN UNION CITIZENSHIP OR LOCATION.  Information on any cookies used by Squarespace for their research purposes can be found at

“Do not track” signals

We support “do not track” signals (“DNT”). If you have DNT enabled in your web browser, we will not receive browser-related information from our advertising partners for tailoring advertisements.

How we use your personal data

We will only process your Personal Data, including sharing it with third parties, where (1) you have provided your consent which can be withdrawn at any time, (2) the processing is necessary for the performance of a contract to which you are a party, (3) we are required by law, (4) processing is required to protect your vital interests or those of another person, or (5) processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.

We may use Personal Data for the following purposes:

  • Personal Data you give to us

    • For Subscribers

      • to carry out our obligations arising from your subscription, or any other contract entered into between you and us and to provide you with the information, products and services that you request from us

      • to organize events that you have purchased or registered for, and to provide you with information, and other materials, relating to the content of the event, the speakers, sponsors and other attendees

      • to respond to your questions and provide related to the Service

      • to provide you with information about other products and services we offer that are similar to those that you have already purchased, provided you have not opted-out of receiving that information

      • to transfer your information as part of a merger or sale of the business;

      • to notify you about changes to our membership service

      • to ensure that content from our Service is presented most effectively for you and your technological resources

  • Information we collect about you

    • to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes

    • to improve our Site to ensure that content is presented most effectively for you and your computer

    • as part of our efforts to keep our Site safe and secure

    • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you

    • to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.

  • Personal Data we receive from other sources

    • We will combine this information with information you give to us and information we collect about you. We will use this information and the combined Personal Data for the purposes set out above (depending on the types of information we receive).

When we share and who can access your personal data

We may share your Personal Data for the purposes described in this Addendum to our Privacy Notice with:

  • Partners, subscribers, and sub-contractors

  • Third-party organizations that assist us in the improvement and optimization of our Service

  • Trusted third-party companies and individuals

  • In the event that we sell or buy any business or assets, in which case we will disclose your Personal Data to the prospective seller or buyer of such business or assets

    • If Cazenovia West, LLC or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets

We will only transfer your Personal Data to trusted third-parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.  Third-party services that we contract with have been reviewed to ensure compliance with GDPR protocols and are added to our internal list of sub-processors.

Selling of your personal data

FOR SUBSCRIBERS:  We will not sell your Personal Data to third parties for their use without your consent.
FOR USERS: We will never sell your Personal Data to third parties with whom you do not have an existing relationship.  We may provide access to the information which you provide to us through the Service to our Subscribers with whom you have an existing relationship in order for our Subscribers to better target their products and services to you.  Our partners will not have direct access to your Personal Data; as per our Terms of Service, they will receive access to electronic dashboards which provide aggregated, anonymized data.

Children and privacy

Our Services, including this website, are not directed to children under the age of 13.  If you are not 13 years or older, do not use our Services. We do not knowingly collect Personal Data from children under the age of 13. If we learn that Personal Data of persons less than 13 years-of-age has been collected through our Services, we will take the appropriate steps to delete this information.


Although we use security measures to help protect your Personal Data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the internet.

Transfer of personal data outside of the European Economic Area (EEA) and international users

We will not transfer Personal Data, relating to individuals within the European Economic Area (“EEA”), to third parties (i.e., those outside of our group), located outside of the EEA without ensuring adequate protection under European law.  Where a third party is located in a country not recognised by the EU Commission as ensuring an adequate level of protection, we will take appropriate steps, such as implementing standard contractual clauses recognised by the EU Commission, to safeguard your Personal Data.

We are headquartered in the United States. Your Personal Data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or service providers (e.g., sub-processors) who are located worldwide.  If you are visiting our Site or using our Service from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. By using our Service, you consent to any transfer of this information.

How long we store your personal data

We will store your Personal Data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the Personal Data is processed. We may retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically reasonably feasible to remove it. Consistent with these requirements, we will try to delete your Personal Data quickly upon request.

Where we store your personal data

All information you provide to us is stored on our secure servers.  The Personal Data that you provide to us is generally stored and accessed on servers located in the United States and might be transferred through our processors (sub-processors of the Service) for the purpose of carrying out the Service. If you are located in another jurisdiction, you should be aware that once your Personal Data is submitted through our Service, it will be transferred to our servers in the United States.

Any payment transactions will be encrypted using SSL technology.

Unfortunately, the transmission of information via the internet is not completely secure.


Changes to this notice

If we make any material changes to this GDPR Information Addendum subsection of our Privacy Notice or the way we use, share or collect personal Data, we will notify you by revising the “Effective Date” at the top of this Privacy Notice, prominently posting an announcement of the changes on our Site, or sending an email to the email address you most recently provided us (unless we do not have such an email address) prior to the new policy taking effect.

Any changes we make to our Privacy Notice in the future will be posted on this page and, where appropriate, notification sent to you by e-mail. Please check back frequently to see any updates or changes to this Privacy Notice.

Information correction, removal, and opting out

If any of the information that we have about you is incorrect, or you wish to have information (including Personal Data) removed from our records, please contact us at

If you have used a CazWest provided chatbot and have concerns with the privacy of your personal information, please contact us at

To opt out of a chatbot, text STOP to the corresponding phone number.