Dun & Bradstreet Privacy Notice

Dun & Bradstreet Privacy Notice
Applicability - Legal Entities and Websites
Website Visitors and Other Direct Interactions

Dun & Bradstreet
- What Personal Information We Collect and Why
- How We Use and Share Personal Information
MDR Products and Services
- What Personal Information We Collect and Why
- How We Use and Share Personal Information
Your Use of Our Website Is Consent
Cookies, Web Beacons, Pixel Tags, and GIFs

Products and Services

Dun & Bradstreet
- What Personal Information We Collect and Why
- How We Use and Share Personal Information
MDR Products and Services
- What Personal Information We Collect and Why
- How We Use and Share Personal Information

Collection of Sensitive Personally Identifiable Information
You Have Choices

Dun & Bradstreet
MDR Products and Services

Access, Correction, and Deletion

Dun & Bradstreet
MDR Products and Services

Data Security
Data Retention
Children
Changes to Data Privacy Practices
Sale of Assets

Residents of the EU/EEA, the United Kingdom and Switzerland

Transfers of Personal Information from the EU/EEA, the United Kingdom, and Switzerland to the United States
General Data Protection Regulation (GDPR)
Other Data Transfer Mechanisms
Data Subject Rights for residents of the EU/EEA, the United Kingdom and Switzerland
Dispute Resolution
Privacy Shield Independent Dispute Resolution
Arbitration

California Residents

Making CCPA Data Subject Rights Requests
Data Collected Within the Past 12 Months
- Dun & Bradstreet
- MDR Products and Services
CCPA Request Metrics from January 1, 2020 through December 31, 2020

Dun & Bradstreet Privacy Notice

Dun & Bradstreet is the world’s leading source of business information and insight. Since 1841, Dun & Bradstreet has collected information about businesses to deliver products and services that assist our customers in making critical commercial decisions. The Dun & Bradstreet Data Cloud contains data and insights on over 420 million organizations around the globe. Some of the information may be classified as personal information under various laws such as information relating to an individual (for example, a sole trader, a company director, a beneficial owner, a trustee, or a professional contact.)

This privacy notice explains how we collect, share and protect personal information.

Updated September 10, 2021

Applicability - Legal Entities and Websites

This Privacy Notice applies to the following Dun & Bradstreet legal entities: Dun & Bradstreet, Inc., Dun & Bradstreet NetProspex, Inc. ("NPX"), Avention, Inc., Hoovers Inc., Dun & Bradstreet Emerging Businesses ("DBEB"), Dun & Bradstreet Government Solutions, Inc., Mad Objective, Inc., and Orb Intelligence, Inc. This Privacy Notice also applies to Lattice Engines, Inc., a subsidiary of Dun & Bradstreet whose mission is to create an AI platform that enables companies to engage their buyers with 1-to-1 omni-channel experiences and make B2B marketing as personalized as B2C marketing. This Privacy Notice applies to Market Data Retrieval Products and Services (MDR Products and Services), a division of Dun & Bradstreet. MDR Products and Services is the leading U.S. provider of marketing information and services for the K-12, higher education, library, early childhood, and related education markets. MDR Products and Services is powered by the most comprehensive, current, and accurate education databases throughout the industry and is the market’s first choice for direct sales and marketing solutions. These entities and lines of business will be referred to collectively as “Dun & Bradstreet” in this Privacy Notice. This Privacy Notice applies to any Dun & Bradstreet owned website where it is posted.

This Privacy Notice does not apply to Dun & Bradstreet companies based in the European Union or the United Kingdom, or when any Dun & Bradstreet company processes data relating to residents of the European Union under the General Data Protection Regulation (“GDPR”). In such cases please see the EU and UK Privacy Notice External Website. See our section regarding data transfers and Privacy Shield for more information on transfers of data under the GDPR. Our EU and UK Privacy Notice also covers transfers of data relating to residents of the European Union and United Kingdom to the United States pursuant to Dun & Bradstreet’s Privacy Shield certification.

This Privacy Notice does not apply to Dun & Bradstreet legal entities based in the People’s Republic of China, and their collection and sale of such information. In such cases, please see the China Privacy Notice.

This Privacy Notice does not apply to Dun & Bradstreet legal entities based in Canada and their collection and sale of personal information. In such cases, please see the English and French versions of our Canada Privacy Notice.

This Privacy Notice does not apply to Dun & Bradstreet legal entities based in India and their collection and sale of personal information. In such cases, please see our India Privacy Notice.

If you are a resident of California, please see the section entitled “California Residents” of this Privacy Notice for an overview of your California rights, including your right to make a “Do Not Sell My Personal Information” request.

Website Visitors and Other Direct Interactions

Dun & Bradstreet

What Personal Information We Collect and Why

Personal Information You Provide: includes name, address, telephone number, social media handle, email address, employer, job title. We collect personal information from website visitors and when you purchase products and services, apply for Dun & Bradstreet D-U-N-S® Numbers; subscribe to email newsletters and alerts, fill out a form to request additional information; participate in Community Forums; enter a contest; fill out a survey; access video content; receive free incentives.

Personal Information Collected In The Scope Of Marketing Activities: Your personal information may be collected when you enter contests and participate in other promotions; when we conduct webinars, demand generation campaigns, when we disseminate white papers, e-books or similar content, when you click on landing pages, in the course of Pay-Per-Click campaigns, and similar events and methods.

When you sign up to participate in D&B hosted blogs, tutorials, and social media, we will collect personally identifiable information in order to establish your profile. You may choose to make public certain individual profile elements, in which case that information will be available to visitors and possibly to other users of the Internet. Any information that you submit and post may likewise be available to website visitors and viewable to anyone online. Your blog postings will be associated with your username and your voluntarily created public profile. Violation of our Terms of Use agreement may result in the removal of your post(s) and/or the termination of your membership

Information Collected Automatically Through Computer Tracking: We also collect information about website visitors such as IP address, browser type, or operating system, areas of the website visited and the website from which a visitor came. We collect and analyze this information for the continued improvement of the Products, Websites, and our business. We routinely use this web log information to administer and improve our website. While some of this information may be traceable to an individual, we only seek to identify individuals (i) whom we believe are using our website for improper purposes, (ii) when necessary to assist them with their user experience, (iii) for marketing purposes, including third party marketing , (iv) or to otherwise use the information as described in this policy.

Dun & Bradstreet analyzes IP addresses of visitors to our websites and match business information from our various databases and received from third parties against the IP addresses to learn more about what types of businesses are visiting our websites and the browsing preferences of such businesses on our websites. We use the information derived from these analytical activities, which may be combined with non-personally identifiable behavioral information received from third parties, to better model and refine our general marketing activities and may, from time to time and to the extent permitted by law, directly market our products and services to these businesses based on the information we have learned about their browsing activities while on our websites. In addition, Hoover’s analyzes IP addresses from Hoover’s products users to match business information from our various databases and received from third parties against users’ IP addresses for our internal analytical purposes which helps us to increase the accuracy of the information in our various business information databases.

Information collected via Mobile Devices: To provide location-based services on the mobile-optimized versions of products, we may collect and use precise location data, including the real-time geographic location of your mobile device or computer. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your device’s approximate location. Location-based services, such as the mapping features, require collection of your location for the feature to work. You may withdraw consent to its collection, use, transmission, processing and maintenance of location data at any time by not using the products that use location-based features or by turning off Location Services settings (as applicable) on your device and computer.)

Dun & Bradstreet does not respond to Do Not Track Signals

Dun & Bradstreet also collects credit/debit card information in order to process certain customer payments.

How We Use and Share Personal Information

From time to time, Dun & Bradstreet compiles online and offline transaction and registration information for internal analyses, such as market research, quality assurance, customer experience, and operational benchmarking initiatives. Dun & Bradstreet may use IP address information for analytical purposes and in some of our products and services.

When necessary or appropriate, we may disclose information in response to a court order, subpoena, law enforcement proceeding, regulatory inquiry or when otherwise legally required. Also, be advised that Dun & Bradstreet sometimes receives requests (e.g., court order, subpoena, or law enforcement proceeding) for personal information from public authorities to meet national security or law enforcement requirements, or in other legal matters. In responding to those requests Dun & Bradstreet's response will be limited (a) to the extent necessary to meet national security, public interest, or law enforcement requirements or (b) by statute, government regulation or case law that creates conflicting obligations or explicit authorizations.

MDR Products and Services

What Personal Information We Collect and Why

Any personal information collected by MDR Products and Services through the website is for analysis purposes only and will not be sold in any personally identifiable form

How We Use and Share Personal Information

MDR Products and Services uses personal information to carry out transactions that you request or authorize.

Your Use of Our Website Is Consent

By using our website, you hereby consent to our collection, use, management, retention, and disclosure of your information as described in this policy.

Cookies, Web Beacons, Pixel Tags, and GIFs

What are Cookies, Web Beacons, Pixel Tags and GIFs and how are they used?

A cookie is a small text file (which typically includes a piece of computer code) that is stored on your computer's hard drive. Cookies are sent by our website (or the website of a company we have a relationship with) to your computer, mobile phone or other device when you visit our website. When you visit a website, that website's computer asks your computer for permission to store this text file in a section of your hard drive that is specifically designated for cookies. Each website can send its own cookie to your browser if your browser's preferences allow it.

A Web beacon is a graphic image, such as a pixel tag or clear GIF, which is placed on a Web page or in an e-mail message to monitor user activity, such as whether the Web page or e-mail message is accessed or clicked. They are also used on many Web pages for alignment purposes.

We sometimes use Web beacons to provide an independent accounting of how many people visit our website or to gather statistics about browser usage on our website. Some of our Web pages and HTML-formatted e-mail newsletters use Web beacons in conjunction with cookies. It is difficult for you to limit the use of Web beacons because there is no easy way to distinguish their use from alignment and other purposes. Web beacons may also be loaded from a different Web server than the rest of the page.

Some of our e-mails may also contain pixels or code to gather information regarding e-mail behavior and for analytics. We may share this information with third parties

Cookie Uses

We use cookies to store login and other information on your computer, which serves to improve our website functionality and tailor our services to your preferences and interests. Cookies also allow us to display personalized content and relevant D&B product or solution-based advertising on your later visits to our site. Other uses include preventing, detecting and investigating potentially prohibited or illegal activities, including enforcing our Terms of Use agreement. For certain services, we offer users the ability to store a user ID or password within a cookie so that they do not need to re-enter it when they subsequently return to our website. Cookies, in conjunction with our Web server's log files, allow us to calculate the aggregate number of people visiting our website and to assess which parts of the site are most popular. This information helps us to constantly improve our website and better serve our customers. Some of our cookies may be tied to personally identifiable information, such as IP address. We do not store credit/debit card numbers in cookies. Cookies may be used to store a unique identification number tied to your computer so that a website can recognize you as the same user across different visits to the website. For more information about the type of information that is collected on website visitors, see our Privacy Policy section on “What Information We collect”

Types of Cookies

Some cookies are necessary to make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Cookies may either be persistent or session cookies. Persistent cookies are stored on your device to help remember information, settings, preferences, or sign-on credentials and have an expiration date issued by the webserver. Session cookies, also known as in-memory cookies, transient cookies, or non-persistent cookies, exist only in temporary memory while you are browsing the website and are typically deleted when you close your browser.

Preference cookies are persistent cookies which enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. Persistent cookies are also used to enable testing of new website designs, layout and messaging. The intention is to display content that is relevant and engaging for the individual user.

Dun & Bradstreet also uses session cookies to better understand how you interact with our websites. Cookies that provide analytics services can collect IP address or other identifiers, browser information, and information about the content that you view. These analytic services help us to know how many users we have, which parts of our sites are most popular, what browsers are used, the country or region where users are located, and the demographics and interests of users.

First and Third-Party Cookies

First Party Cookies

Cookies can be First Party Cookies or Third-Party cookies. The difference is which website sends the cookie to your device. First party cookies are sent by, or on behalf of, the company whose website you visit. Third party cookies are sent by any other company. D&B uses first and third-party cookies.

Dun & Bradstreet’s first party cookies collect data, such as the date, time, and areas of our website that are visited, as well as the website from which the visitor came. We may use IP addresses to derive certain other information concerning businesses visiting our websites, but we do not analyze this information in a way which would reveal the identity of the individual browsing our websites. When you select one of our products or services, register for a newsletter or e-mail alert, fill out an online form, or complete a survey, we may try to identify your browser and we may combine information from cookies, Web beacons, code and other information collected online with other data that we maintain about you. By improving the features, marketing, and content of our website and by making your online experience more convenient and meaningful, we can better serve our customers' needs.

Third Party Cookies

Some of our business partners, such as third-party advertisers, use cookies that originate from their websites. The third parties with whom we partner provide certain features on our site to display advertising based upon your web browsing activity. In the course of serving advertisements, our third-party advertisers and partners may place or recognize a unique third-party cookie on your browser. These companies may use information about your visits to Dun & Bradstreet’s and other websites to provide advertisements on this site and other sites about goods and services that may be of interest to you. These third-party partners monitor how guests use our website and determine which of our online features they prefer. We may report information to our partners about our customers and the products and services they order, as well as aggregated, non-identifiable information about our guests' use of our website.

Third Party Advertisers

We use third party advertising companies to serve our Internet ad banners on our website and other websites on which we advertise. The use of third-party cookies and other tracking technologies is not covered by our privacy policy. We do not have access to or control over any third-party tracking technologies. Third party advertisers may also use a third-party analytics provider to place third party cookies on your browser to collect anonymous and aggregated session data, such as the ads that are viewed. If you view a Web page where our ads appear, the advertising company may place a cookie on your computer or use a Web beacon to access a cookie that they previously placed on your computer. These companies do not collect information that can personally identify you, but they may use information about your visits to our website and other websites to measure the effectiveness of ads. We do not disclose any personally identifiable information to these companies. We share aggregate website usage information with third party advertisers and partners for the purpose of effectively targeting our online advertisements. Unless you are previously notified, these advertising companies do not link any online behavior or cookies with other information that can be used to personally identify you, such as your name, address, telephone number or e-mail address, when working with Dun & Bradstreet.

These third-party advertising networks also track visitors' online usage and behavior patterns. These companies may use information about your visits to Dun & Bradstreet and other websites to provide advertisements on this site and other sites about goods and services that may be of interest to you. The result of these efforts is the creation of an online profile that attempts to predict individual user interests, preferences and purchasing habits. The third-party advertising networks then accordingly customize the advertising content served to users when visiting other websites.

What are your choices regarding Cookies

Most Internet browsers allow users to decide whether to accept cookies. The Help function within your browser should tell you how to do this. The website AboutCookies.org contains comprehensive information on how to do this on a wide variety of desktop browsers. You may reset your browser to refuse cookies and still use our website, although website access and functionality may be slower and less convenient.

Regarding Third Party Advertisers, the Network Advertising Initiative (NAI) is a self-regulatory cooperative of online marketing and analytics companies. The NAI provides educational content and opt-out tools to help Internet users learn about and address online behavioral marketing practices. Through the NAI's online options, you may opt out of particular NAI network members' behavioral advertising programs or you may opt out of all NAI network members' programs. Opting out will prevent the given network from which you opted out from using your Web preferences and usage patterns to deliver targeted online ads. The NAI opt-out only works with participating third-party advertising networks that use cookies and Web beacons to execute their advertising initiatives. If you would like additional information about online behavioral marketing and your options regarding these standard Internet practices, please visit the NAI website. Dun & Bradstreet also follows the Self-Regulatory Principles for Online Behavioral Advertising as administered by the Digital Advertising Alliance (DAA). Visit Digital Advertising Alliance WebChoices Browser Check to exercise your option to opt-out of targeted ads provided by certain listed companies.

Products and Services

Dun & Bradstreet

What Personal Information We Collect and Why

Dun & Bradstreet collects information on businesses and business professionals, including personal information, so we can supply our customers with data about organizations and people. Our purpose is to enable businesses, organizations, and public sector entities to manage their financial risks, protect against fraud and dishonesty, know who they are dealing with, meet their compliance and regulatory obligations, market their products and services, and better understand organizations, industries, markets, and people.

We also collect personal information so that we can license and sell professional business contact information and personal contact information for marketing and data management purposes.

We also collect personal information to continually improve our AI platform and enable companies to engage their buyers with 1-to-1 omni-channel experience and make B2B marketing as personalized as B2C marketing.

This includes information we collect offline and online from business owners and principals, from businesses' creditors, vendors, third parties and suppliers including our customers (with the customer’s consent), and from public records such as business registrations, Uniform Commercial Code filings and bankruptcy filings. We also collect information based on business and individual online activity, information on educational institutions and professionals. Dun & Bradstreet has a right to provide information on businesses that may be a factor in our customers’ decision making involving credit, insurance, marketing, compliance, and other activities. The information that we collect includes, but is not limited to, the following:

Company and business professional information, including business contact information such as name, title, address, phone number, fax number, and e-mail address, domain names, FEIN numbers, trade associations, utility bills, incorporation and tax records and information on minority, women, and veteran owned businesses. In addition, we corroborate and build business contact emails by way of various verification methods and data points;
Detailed company profiles and statistics, including number of employees;
Background information regarding company management and employees, including beneficial ownership/persons of significant control, the educational and career histories of company principals, company and individual browsing history, and adverse media history including but not limited to any history of criminal acts or misconduct, where collection of such data is permitted and where such data is not deemed sensitive under applicable laws;
Company operational histories, including territories, subsidiaries, affiliates, and lines of business;
Detailed trade and business credit information, including payment histories and patterns;
Summary business information regarding profitability, debts, assets, net worth, and business relationships;
Business violations, publicly available disclosures and other compliance information from public source government and professional records, media and business publications;
Website and online data relating to IP addresses, geolocation, comments on social media are collected and used to analyze trends regarding Dun & Bradstreet products and services and to increase accuracy of our business data sets, as well as to assist us in matching IP addresses to business contact information.

As part of our US employee hiring and onboarding process, we collect information relating to potential employees’ education, background and work history. This Privacy Notice does not apply to personal information of current Dun & Bradstreet employees.

We do not typically collect information that is deemed to be sensitive under applicable laws to be included in our products and services.

Personal Information Collected through D&B Email IQ

The D&B Email IQ application helps users have more informed conversations, save time, and better prepare for meetings with seamless access to business intelligence from the Dun & Bradstreet Data Cloud, accessible through the user's email. The application uses innovative technology powered by machine learning and natural language processing to scan the prospects and customers you are interacting with to provide company firmographics, recommendations on additional contacts, and suggestions for similar companies to pursue.

When a user opts into the installation of D&B Email IQ, the application will access limited data from the emails and calendar invites the user sends and receives in their email environment. The data collected will be limited to email addresses found in the “To” and “From” fields of the emails, as well as the business card information contained in an email signature. The signature of an email may include data elements such as name, job title and department, company name, email address, telephone number, fax number, company address, corporate URL, and social networking URL. Data collected via the application may be incorporated into the Dun & Bradstreet Data Cloud and be used to enhance and improve our products by enabling businesses to manage their financial risks, protect against fraud and dishonesty, know who they are doing business with, meet their compliance and regulatory obligations and better understand organizations, industries and markets. Where permitted under applicable law, this information may also be used for sales and marketing purposes. Based on the country of origin of the data subject, we have implemented safeguards to address additional legal obligations so that we are in compliance with applicable laws. In certain instances, the data collected will be used purely for internal compliance with applicable laws, unless further notice or consent requirements have been fulfilled.

Anyone whose data was collected via the D&B Email IQ application may opt out of the use of their data by calling Dun & Bradstreet at 1-800-234-3867 or emailing custservprivacy@dnb.com For more information on D&B Email IQ, please visit our D&B Email IQ FAQs page.

How We Use and Share Personal Information

Dun & Bradstreet uses the information that we collect to operate our websites and offer customers a variety of business and personal contact information products and services. This information may be used to help our customers make decisions related to business credit, risk management, supplier due diligence, and investigations, and marketing decisions. We also use the information we collect to carry out transactions that our customers request or authorize. Dun & Bradstreet licenses professional business contact information to authorized resellers and third party businesses for marketing and data management purposes.

We may use your professional business contact information to match it with other public and private sources in order to create segments of information, such as demographic, behavioral and technical information, extracted from the underlying data, for use by Dun & Bradstreet and/or third parties to target advertising messages to you on third party sites and services. You have advertising opt-out options. You may exercise these options by following the instructions in the sections entitled "What are your choices regarding Cookies", and "You Have Choices"

Dun & Bradstreet collects and shares personal information to help our customers with their due diligence investigations on businesses and individuals. However, Dun & Bradstreet does not permit our customers to use our information as a factor in establishing an individual’s eligibility for credit or insurance to be used primarily for personal, family, household or employment purposes.

Dun & Bradstreet shares information with third party service providers, such as credit card processors, auditors, attorneys, consultants, live help/chat providers and contractors, in order to support Dun & Bradstreet's websites and business operations. Dun & Bradstreet contractually requires that these recipients only use the information for the intended purpose of the disclosure and that they destroy or return the information when it is no longer needed. We may also disclose the information as required or appropriate in order to protect our website, business operations or legal rights, or in connection with a sale or merger involving Dun & Bradstreet assets or businesses.

From time to time, Dun & Bradstreet compiles online and offline transaction and registration information for internal analyses, such as market research, quality assurance, customer experience, and operational benchmarking initiatives. Dun & Bradstreet may use IP address information collected from customers for analytical purposes and in some of our products and services.

D&B Hoovers maintains a separate professional contacts directory in which your company and individual business contact information may be listed. Hoover's licenses business and professional contact information to authorized resellers and third party businesses for marketing purposes. Aggregated website visitor data may be used to determine usage patterns or interests of visitors to the website and users of our products, or for purposes related to technical support or security of the website, products and computer systems. Usage information, such as number of reports, types of reports and functions accessed by a particular UserID, may be tracked within the products. We do this to monitor authorized usage of the products, respond to questions from the user, for market research, and to improve the design and functionality of the products. We may also aggregate corporate or industry information accessed by all of our customers. We do this in order to appreciate the types of companies and industries for which our customers require information, which in turn improves the quality of the products. We do not correlate the accessed corporate or industry information to a specific user or to a particular organization.

We may share your business contact information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your business relevant information only as necessary to provide these services to us. For example, some services include the following or similar services:

Fulfilling orders and delivering packages
Payment processing
Providing customer service
Sending marketing communications
Web applications, firewalls and other security measures

Cloudflare may have access to application traffic of Lattice Engines public websites and service offerings. This permits Cloudflare to provide Lattice Engines with the services of a web application firewall, providing protection against malicious use and distributed denial of service attacks.

We use Sure Shot and typically, Sure Shot does not have access to the authorized contents of our customer’s business contacts in their licensed use of either the Marketo or Eloqua marketing platforms, although there may be exceptions from time to time.

MDR Products and Services

What Personal Information We Collect and Why

MDR Products and Services collects information on educational institutions and professionals. We also collect individual and business identifiable information from website visitors when you register to be a member of MDR Products and Services, purchase products and services through our website, subscribe for email newsletters and alerts, enter a contest, fill out a survey, or fill out a form to request and/or register for research materials, programs, events, white papers, and other information. We also collect information offline from educational institutions, business partners, and vendors. The information that we collect includes the following:

Company and business professional contact information, including name, title, address, phone number, fax number, and email address
Educational institutional and professional contact information, including name, title, address, phone number, fax number, and email address
Educational institutional profiles and statistics, including educational subject matter specialties and number of employees
Background information regarding educational institutional management, such as the educational and career histories of school deans and principals
Educational professional data as it relates to their professional lives, such as name, institution, title, job function, business contact information, and trade associations Credit/debit card information in order to process certain customer payments
As part of our employee hiring and onboarding process, we collect information relating to potential employees’ education, background and work history. This Privacy Notice does not apply to personal information of current Dun & Bradstreet employees

How We Use and Share Personal Information

MDR Products and Services uses the individual and business identifiable information that we collect to operate our website, to communicate with website visitors and customers, to offer a variety of educational information products and services for use in making prudent business decisions, and to carry out transactions that you request or authorize. From time to time, MDR Products and Services compiles online and offline transaction and registration information for internal analyses, such as market research, quality assurance, customer experience, and operational benchmarking initiatives.

Collection of Sensitive Personally Identifiable Information

Dun & Bradstreet may collect sensitive personally identifiable information such as individuals' Social Security Numbers and dates of birth, in order to provide certain product and service offerings. We will only collect this kind of information if it is necessary and only when voluntarily provided by the customer. We will only use it for the limited, permissible purpose for which it is collected and we will take commercially reasonable steps to adequately secure the information. We may also share this sensitive information with trusted third parties for the limited, specific permissible purpose for which it was shared. Additionally, sometimes we receive sensitive personally identifiable information without our asking. When we become aware of this, we will delete the sensitive personally identifiable information.

You Have Choices

Dun & Bradstreet

Dun & Bradstreet respects your privacy preferences and offers the following ways through which you may control how we contact you and disclose your information.

To no longer receive marketing communications of any kind, please contact Dun & Bradstreet Customer Service at 1-800-234-3867 or visit Dun & Bradstreet Communication Preferences.

To unsubscribe from specific types of marketing communications, please see the relevant section below.

Please note, we may continue to call you for transactional or service-related purposes despite your desire to not receive marketing communications.

E-mail Marketing

To no longer receive Dun & Bradstreet promotional e-mails, newsletters, and updates about new Dun & Bradstreet features, products and service, please contact Dun & Bradstreet Customer Service at 1-800-234-3867 or visit Dun & Bradstreet Communication Preferences. You may change your preferences at any time.

If you have any questions about which addresses, telephone numbers or email addresses you provided to Dun & Bradstreet for marketing purposes, please review your account information in your product dashboard or call Dun & Bradstreet at 1-800-234-3867

Please note, we may continue to send you transactional or service-related e-mails despite your desire to not receive promotional or marketing e-mail messages. Also please note that if you elect to opt-out of receiving promotional e-mails from one of our websites, you may continue to receive promotional emails from our other websites

Telemarketing, Texting or Calling

To no longer receive telemarketing calls, please contact Dun & Bradstreet Customer Service at 1-800-234-3867 or visit Dun & Bradstreet Communication Preferences. You may change your preferences at any time.

Please note, we may continue to call you for transactional or service-related purposes despite your desire to not receive telemarketing calls.

Direct Mail Marketing

To be placed on our company's internal Do Not Mail list should you no longer wish to receive marketing or promotional mailers, please contact Dun & Bradstreet Customer Service at 1-800-234-3867 or visit Dun & Bradstreet Communication Preferences. You may change your preferences at any time.

Please note, we may continue to send you transactional or service-related correspondence despite your desire to not receive marketing mailers.

Third Party Marketing

Individuals whose contact information is in our professional contacts Data Cloud may request to be excluded from the professional contacts Data Cloud, by calling Dun & Bradstreet at 800-234-3867 or emailing custservprivacy@dnb.com

While we may remove your individual business contact information from our professional contacts Data Cloud, please be aware that we will continue to provide your company's or educational institution’s contact information in our Business Information and Educational Institutional Reports and other products and services. Note that if your professional contact information is in a different third party's marketing directory, you will need to request removal with such third party directly.

MDR Products and Services

MDR Products and Services respects your privacy preferences and offers the following ways through which you may control how we contact you and disclose your information. We will honor your requests accordingly.

Email Marketing

We provide individuals with the opportunity to opt out of receiving MDR Products and Services promotional emails, newsletters, and updates about new MDR Products and Services features, products, and services. You may opt out of receiving such promotional communications by sending an email to mdrinfo@dnb.com, or by calling MDR Products and Services Customer Service at 800-333-8802. You may change your preferences at any time. We may continue to send you transactional or service-related emails, such as communications regarding your account or subscription service, despite your desire to not receive promotional or marketing email messages.

Telemarketing

We provide businesses and organizations with the opportunity to place themselves on our company’s internal Do Not Call list should they no longer wish to receive telemarketing calls from us. You may be placed on this list by sending an email to mdrinfo@dnb.com, or by calling MDR Products and Services Customer Service at 800-333-8802. We may continue to call you for transactional or service-related purposes despite your desire to not receive telemarketing calls.

Direct Mail Marketing

We provide businesses and organizations with the opportunity to place themselves on our company’s internal Do Not Mail list should they no longer wish to receive marketing or promotional mailers. You may be placed on this list by sending an email to mdrinfo@dnb.com, or by calling MDR Products and Services Customer Service at 800-333-8802. We may continue to send you transactional or service-related correspondence despite your desire to not receive marketing mailers.

Third-Party Marketing

Individuals and educational professionals whose business contact information we have in our educational professional contacts Data Cloud may request to be excluded from business lists that MDR Products and Services licenses or sells for marketing purposes. An individual who wishes to be removed from our marketing list sales may request to be removed either in writing or by calling MDR Products and Services Customer Service, resulting in that individual’s business contact record removal from our marketing directories, publications, and mailing lists. For additional information or to request removal, please contact MDR Products and Services Customer Service at 800-333-8802 or send an email to mdrinfo@dnb.com. While we may remove your individual business contact information from our educational professional contacts directories and marketing lists, please be aware that we will continue to provide your educational institution’s contact information in our institutional reports and other products and services.

Access, Correction, and Deletion

To help ensure data quality and accuracy, Dun & Bradstreet provides businesses organizations and business professionals with access to their business information within the D&B databases and with an opportunity to review such information, correct verified inaccuracies, or delete any personal information within such business information if required by law. Authorized business representatives may request a complimentary copy of their company's business report.

To obtain a copy of your company’s business report or your information or, to correct or update your information:

Dun & Bradstreet

For all D&B Products and Services:

Dun & Bradstreet Customer Service at 1-800-234-3867 or send an email to custservprivacy@dnb.com

For Hoovers:

Hoovers/Avention: Customer Support at 1-800-486-8666 or by sending an e-mail to customersupport@hoovers.com

When a business owner or principal contacts Dun & Bradstreet about a potential data error, we promptly investigate the issue, confirm the information in question, correct verified inaccuracies or delete any personal information within such business information if required by law, and respond to the original inquiry. In such a case, we may apply a "stop distribution" order regarding the relevant business report, as well as ancillary products that may be affected by the verified inaccuracy, until the matter is properly resolved. When the investigation is complete, we will also send a correction or deletion notice to businesses or others whom we know to have received the inaccurate data, as appropriate. However, some third parties and third party sites may continue to display inaccurate Data until their databases and display of data are refreshed in accordance with their update schedules.

MDR Products and Services

To help ensure data quality and accuracy, MDR Products and Services provides businesses, organizations, and professionals with access to their business information within MDR Products and Services’ databases and with an opportunity to correct verified inaccuracies. Registered users and professionals may view and update their registration and contact information, as well as correct inaccuracies, by calling MDR Products and Services Customer Service at 800-333-8802 or by sending an email to mdrinfo@dnb.com. Registered users and professionals may also request access to all of their personally identifiable information that we collect and maintain in our Data Cloud by visiting the MDR Products and Services Customer Service center for additional information. When a business professional, educational professional, or registered user contacts MDR Products and Services about a potential data error, we will promptly investigate the issue, confirm the information in question, correct verified inaccuracies, and respond to the original inquiry.

If you have a question regarding MDR products, services, or information management practices; if you would like to contact us; or if you would like to provide us with your valued feedback, please visit the MDR Products and Services Customer Contact Center for additional information. Data may also be deleted by sending an email to mdrinfo@dnb.com, or by calling MDR Products and Services Customer Service at 800-333-8802.

Data Security

Dun & Bradstreet maintains commercially reasonable security measures to protect personal information against unauthorized access and disclosure that are consistent with our business operations and generally accepted industry standards. These measures include the implementation of technical, physical and administrative security safeguards. Dun & Bradstreet requires employees to complete privacy and security training. Dun & Bradstreet also implements a third party service provider due diligence program to ensure that our vendors likewise employ adequate data collection, processing, transfer, management and security measures in carrying out their services on our behalf.

We do not necessarily control how you send us your personal information. Therefore, we cannot always ensure or warrant the security of any information that you transmit to us. You agree that you provide this information and engage in such transmissions at your own risk. Once we receive information from you, we will endeavor to maintain its security on our systems. Dun & Bradstreet has established policies and procedures for securely managing information and protecting personal information against unauthorized access and we continually assess our data privacy, information management and data security practices. We do this in the following ways:

Establishing policies and procedures for securely managing information and as may be further addressed in our contractual relationship with a customer;
Limiting employee access to sensitive information;
Protecting against unauthorized access to customer data by using data encryption, authentication and virus detection technology, as required;
Requiring service providers with whom we do business to comply with relevant data privacy legal and regulatory requirements;
Monitoring our websites through recognized online privacy and security organizations;
Conducting background checks on employees and providing Data Privacy training to our team members;
Continually assessing our data privacy, information management and data security practices

Data Retention

Dun & Bradstreet will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, contact Dun & Bradstreet Customer Service at 1-800-234-3867 or custservprivacy@dnb.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Children

Dun & Bradstreet websites, products and services are for business purposes only. They are not targeted, intended or expected to be of use to children. User provided contributions of content or contact information regarding or about children are expressly prohibited. We do not knowingly collect information on minors under 16 years of age. If we become aware that information we collected may be associated with a minor under 16 years of age, we will delete that information.

Changes to Data Privacy Practices

If we make material changes to our data privacy practices, this policy will be updated and posted on our website in order to keep you informed of how we collect, use, manage, disclose, and protect information. The policy effective date will be updated accordingly.

Sale of Assets

In the event that Dun & Bradstreet is purchased or sells parts or all of the business, the information collected will be considered an asset that can be transferred.

Residents of the EU/EEA, the United Kingdom and Switzerland

Transfers of Personal Information from the EU/EEA, the United Kingdom, and Switzerland to the United States

Please note that, despite the Court of Justice of the European Union’s invalidation of the EU-US Privacy Shield Framework as a mechanism for transfers of personal data between the EU and the U.S. Dun & Bradstreet is currently maintaining our self-certification under the EU-US Privacy Shield Framework and remains committed to protect personal information in accordance with the Privacy Shield Principles which offer meaningful privacy protections for EU individuals. While we will continue our participation in the Privacy Shield Framework, we will at this time only rely on Standard Contractual Clauses to cover the transfer of personal information from the EU, the UK, and Switzerland to other jurisdictions.

For more information on the U.S. Department of Commerce’s continued administration of the Privacy Shield program, please visit the Privacy Shield website.

Dun & Bradstreet and its legal entities participate in and have certified compliance with the EU-U.S. Privacy Shield Framework and the Swiss U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and/or Switzerland (as applicable) to the United States, respectively, in reliance on Privacy Shield. Dun & Bradstreet is committed to subjecting personal information received from European Union (EU) member countries, the United Kingdom, and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce Privacy Shield website.

Dun & Bradstreet is responsible for the processing of personal information it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Dun & Bradstreet complies with the Privacy Shield Principles for all onward transfers of personal information from the EU, the United Kingdom, and Switzerland, including the onward transfer liability provisions.

In certain situations, Dun & Bradstreet may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Under certain conditions, more fully described on the Privacy Shield website you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

To learn more about the Privacy Shield program, and to view our certification, please visit the Privacy Shield website.

Dun & Bradstreet is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

General Data Protection Regulation (GDPR)

We recognize that some of the information we collect may be classified as “personal data” under European Union (EU) law as it is information relating to an individual (e.g. a sole trader, a partnership, a company director, a beneficial owner, a trustee, a professional contact, etc.) residing in the European Union. For additional information in relation to the processing of personal data under EU law, and specifically the General Data Protection Regulation 2016/679, please visit our EU and UK Privacy Notice.

Other Data Transfer Mechanisms

Dun & Bradstreet also complies with other various jurisdictional cross border transfer requirements by using data transfer agreements or other approved mechanisms for global transfers of personal information.

Data Subject Rights for residents of the EU/EEA, the United Kingdom and Switzerland

You have the right to request from us confirmation of whether we are processing your personal data, and if so access to that information. Please see the links on the left for further information about how to request access to your information. This may take up to 28 days, however you may be able to obtain specific information about your personal data immediately by contacting Customer Services.

If any of your personal data is inaccurate you have a right to request rectification. We are very keen to ensure the data we hold is accurate and up to date. Please contact Customer Services.

You have the right to object to our processing and/or request it is deleted or restricted. In considering our response we undertake to ensure your interests, fundamental rights and freedoms are properly balanced against our legitimate interests. We will also look at whether it is still necessary to process your data for the purpose it was collected. Please contact Customer Services for more information.

Before we are able to provide you with any information or correct any inaccuracies we may ask you to verify your identity and to provide other details to help us identify you and respond to your request.

Objecting to receiving direct marketing:

We will always observe your objection to receiving either our Dun & Bradstreet marketing or to us passing on your contact details to third parties for their direct marketing purposes: You can either contact Customer Services including the name, business name, address, telephone number and email address that you wish to have excluded, or you can do this yourself by following these links:

Click here to opt out of receiving information about Dun & Bradstreet products and services

Click here to opt out of receiving information from our customers

You are also able to contact D&B’s data protection officer at any time on EUDPO@dnb.com.

Dispute Resolution

This dispute resolution program covers both offline Data collection (e.g. personal information collected through our call centers or via postal mail) and online Data collection (e.g. personal information collected via the Internet). If you are a citizen of the EU and you have any complaints regarding our compliance with relevant aspects of the Data transfer laws and regulations surrounding Data transfers from the EU you should contact us at: EUDPO@dnb.com.

If you are not a citizen of the EU and you have a question or concern regarding Dun & Bradstreet's data privacy practices, please contact the Chief Privacy Officer at privacyofficer@dnb.com or call the Customer Service center at 1-800-234-3867 or send an email to custservprivacy@dnb.com. We will do our best to resolve any complaints or issues as quickly as possible.

If we cannot resolve your complaints, you may have rights to independent dispute resolution or arbitration under certain circumstances as described below in the sections titled “Independent Dispute Resolution” and “Arbitration.”

Privacy Shield Independent Dispute Resolution

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Arbitration

In accordance with the Privacy Shield, individuals may invoke binding arbitration as a final recourse for claims that a Privacy Shield organization has violated its obligations under the Principles and the claim is not fully resolved by other Privacy Shield recourse mechanisms. The arbitration will be implemented in accordance with the rules established under the Privacy Shield.

California Residents

California Civil Code Section 1798.83 also known as the “Shine the Light” law permits customers who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please see the Access and Correction section above for contact information.

Making CCPA Data Subject Rights Request

Starting January 1, 2020, under the California Consumer Privacy Act (the CCPA) residents of the state of California have the following rights:

Right to Know and Right to Access

You have the “Right to Know” or the “Right to Access Information About Collection, Disclosure and Sale of your Personal Information” over the past 12 months. Refer to the additional details below. Fill out the form to complete your Right to Information about Collection, Disclosure and Sale of your Personal Information request. The information you provide will only be used to fulfill your CCPA request.

The “Right to Know” or the “Right to Information About Collection, Disclosure and Sale of your Personal Information” gives you the right to request the following information:

Categories of personal information D&B has collected about you;
Categories of sources from which the personal information was collected;
Categories of your personal information that D&B sold or disclosed for a business purpose;
Categories of third parties to whom the personal information was sold or disclosed for a business purpose;
The business or commercial purpose for collecting or selling personal information; and
The specific pieces of personal information that D&B has about you

Right to Deletion

You have the Right to Deletion of information you have shared with us, subject to certain exceptions. Refer to the additional details on these exceptions below. Fill out the form to complete your Right to Deletion request. The information you provide will only be used to fulfill your CCPA request.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Right to Opt Out

You have the Right to Opt Out of the Sale of Your Personal Information, unless such personal information was collected from a government source.

Visit the Communication Preferences to opt out of marketing
Fill out the form to complete your Right to Opt Out of the Sale of Your Personal Information request. The information you provide will only be used to fulfill your CCPA request.
If you have opted out of the sale of your personal information but would like to Opt Back in, please fill out the CCPA Opt-In form. The information you provide will only be used to fulfill your CCPA request.

Right Not to be Discriminated Against

You also have a Right Not to be Discriminated Against for exercising your CCPA rights. You do not need to request this right, this a is a right we will always give you in regard to any CCPA rights request.

Making CCPA Requests Over the Phone

If you would like to exercise your CCPA rights over the phone, please call us at 1-855-549-8900 and clearly state that you are a resident of the state of California and wish to exercise your CCPA rights. We will ask for additional information to verify your identity.

An authorized agent may make a CCPA request on your behalf. The authorized agent will need to provide the information necessary to confirm your identity, as well as written and signed permission to act on your behalf. An “authorized agent” must also be a natural person or business registered with the Secretary of State in California.

We reserve the right to use a third party to verify your identity and this third party may require additional information for verification purposes. The data you provide will only be used to fulfill your CCPA request.

Please see below for the categories of personal information about California consumers that we have collected, sold and disclosed for a business purpose over the past 12 months.

Data Collected Within the Past 12 Months

Categories of Personal Information we have collected, sold and disclosed for a business purpose over the past 12 months
Category	Examples	Collected, sold and disclosed
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	We may have collected some of these data elements on California Residents, such as: Real Name Postal Addres Email Telephone
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	We may have collected some of these data elements on California Residents, such as: Name Address Telephone Number
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	We may have collected some of these data elements on California Residents.
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	We may have collected some of these data elements on California Residents, such as: Products or services purchased Purchase history
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	We do not collect this type of information.
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.	We may have collected some of these data elements on California Residents, such as: “Intent” data that is built on browsing history by webpage topic.
G. Geolocation data.	Physical location or movements.	We may have collected some of these data elements on California Residents, such as: Physical Location
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	We may have collected some of these data elements on California Residents.
I. Professional or employment-related information.	Current or past job history or performance evaluations.	We may have collected some of these data elements on California Residents.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	We may have collected some of these data elements on California Residents in the course of searching for potential new employees. We do not sell this type of data.
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	We may have collected some of these data elements on California Residents.

Please see below for additional information on how Dun & Bradstreet collects, sells and discloses personal information on California Residents.

The specific pieces of personal information we have collected about California Consumers.	Please see the "What Personal Information We Collect” sections above.
The categories of sources from which the personal information was collected.	We collect personal information from the following sources: Government Sources Third Party Vendors and Data Providers Data Subjects Publicly available websites and news agencie
The business or commercial purpose for collecting personal information	Dun & Bradstreet collects personal information so that we can supply commercial data about organizations to other organizations. Our purpose is to enable businesses to manage their financial risks, protect against fraud and dishonesty, know who they are doing business with, meet their compliance and regulatory obligations and better understand organizations, industries and markets. We also collect personal information so that we can license and sell professional business contact information for marketing and data management purposes. Personal information is also collected to continually improve our AI platform and enable companies to engage their buyers with 1-to-1 omni-channel experience and make B2B marketing as personalized as B2C marketing.
The categories of third parties to whom we sell personal information	We sell personal information to the following third parties: Our customers for credit, sales and marketing, supply and compliance decisions and customers who participate in our data exchange programs Our World Wide Network Partners, which are businesses we partner with across the world Our strategic partners who incorporate Dun & Bradstreet data into their own solutions For more information, please see the “How Do We Use and Share Personal Information” section above.
The business or commercial purpose for selling personal information	Please see the Privacy Notice above under the section "Our Purpose for Collecting Information”.
The categories of third parties with whom we share personal information	See the “How Do We Use and Share Personal Information” section of our Privacy Notice. For a list of third parties with whom we use to process personal information, see Schedule 1 “Sub-Processors” at www.dnb.co.uk/dpa
The business or commercial purpose for sharing such personal information	The business or commercial purpose for sharing such personal information is to utilize third parties to help us in our purpose of enabling businesses to manage their financial risks, protect against fraud and dishonesty, know who they are doing business with, meet their compliance and regulatory obligations and better understand organizations, industries and markets. We also share personal information with third parties so that we can license and sell professional business contact information for marketing and data management purposes. Personal information is also shared to utilize third parties to help us to continually improve our AI platform and enable companies to engage their buyers with 1-to-1 omni-channel experience and make B2B marketing as personalized as B2C marketing.

MDR Products and Services

Please see below for the categories of personal information about California consumers that MDR has collected, sold and disclosed for a business purpose over the past 12 months.
Category	Examples	Collected, sold and disclosed
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	We may have collected some of these data elements on California Residents: Real Name Postal Address-professional and home Email Address-professional and home
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	We may have collected some of these data elements on California Residents:  Name Address Telephone Number Work Telephone Number Work Address Work Email Home Email Degree Level Part Time/Full Time Work Status Years at a School Years of Experience First Year Teacher New to Your Job Job Titles Job Level (examples: clerical, coordinator) Employment
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	Degree level Gender Age Marital Status Children/Age Range and Gender Ethnic Group
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	Direct Mail Buyer Sales Agent Buye Seminar Attendee Buyer of Books Buyer of Classroom Materials Home Ownership Charitable Contributions Investor Travel Interest Internet Ad Receptivity Magazine Ad Receptivity News Ad Receptivity Radio Ad Receptivity TV Ad Receptivity Facebook User LinkedIn User Twitter User YouTube User Mobile Social Networker Photo Poster Text Poster Post Responder Video Poster Social Influencer Socially Influenced Brand Follower
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	We do not collect this type of information.
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.	We do not collect this type of information. For example, receive “intent” data that is built on browse history by webpage topic.
G. Geolocation data.	Physical location or movements.	We do not collect this type of information
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	We do not collect this type of information.
I. Professional or employment-related information.	Current or past job history or performance evaluations.	Current and past professional location and job role.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	We may have collected some of these data elements on California Residents in the course of searching for potential new employees. We do not sell this type of data.
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	Direct Mail Buyer Sales Agent Buye Seminar Attendee Buyer of Books Buyer of Classroom Materials Home Ownership Charitable Contributions Investor Travel Interest Internet Ad Receptivity Magazine Ad Receptivity News Ad Receptivity Radio Ad Receptivity TV Ad Receptivity Facebook User LinkedIn User Twitter User YouTube User Mobile Social Networker Photo Poster Text Poster Post Responder Video Poster Social Influencer Socially Influenced Brand Follower

Please see below for additional information on how we collect, sell and disclose personal information on California Residents:

What Information Do We Collect?

The specific pieces of personal information we have collected about California Consumers.	Please see the Privacy Notice above under the section What Information We Collect?
The categories of sources from which the personal information was collected.	We collect personal information from the following sources: Government sources Third Party Vendors and Data providers Data subjects Publicly Available Websites Education Institution
The business or commercial purpose for collecting personal information.	Market Data Retrieval (MDR Products and Services), a Dun & Bradstreet (D&B) division, is the leading U.S. provider of marketing information and services for the K-12, higher education, library, early childhood, and related education markets. MDR Products and Services is powered by the most comprehensive, current, and accurate education databases throughout the industry and is the market’s first choice for direct sales and marketing solutions. MDR Products and Services provides comprehensive and relevant business contact information (such as mailing lists), e-marketing programs, sales contacts, actionable leads, custom market research, and market trend analysis. MDR Products and Services products and services enable our customers to meet their business strategy, operational, and growth objectives.
The business or commercial purpose for selling personal information.	Market Data Retrieval (MDR Products and Services), a Dun & Bradstreet (D&B) division, is the leading U.S. provider of marketing information and services for the K-12, higher education, library, early childhood, and related education markets. MDR Products and Services is powered by the most comprehensive, current, and accurate education databases throughout the industry and is the market’s first choice for direct sales and marketing solutions. MDR Products and Services provides comprehensive and relevant business contact information (such as mailing lists), e-marketing programs, sales contacts, actionable leads, custom market research, and market trend analysis. MDR products and services enable our customers to meet their business strategy, operational, and growth objectives.
The categories of third parties with whom we share personal information.	Please see the “How Do We Use and Share Information” section of our Privacy Notice.
The business or commercial purpose for sharing such personal information:	Market Data Retrieval (MDR Products and Services), a Dun & Bradstreet (D&B) division, is the leading U.S. provider of marketing information and services for the K-12, higher education, library, early childhood, and related education markets. MDR Products and Services is powered by the most comprehensive, current, and accurate education databases throughout the industry and is the market’s first choice for direct sales and marketing solutions. MDR Products and Services provides comprehensive and relevant business contact information (such as mailing lists), e-marketing programs, sales contacts, actionable leads, custom market research, and market trend analysis. MDR products and services enable our customers to meet their business strategy, operational, and growth objectives.

CCPA Request Metrics from January 1, 2020 through December 31, 2020

Right to Know Requests:

Received: 48
Complied with (in whole or in part): 48
Denied: 0
Mean: 29
Median: 30

Right to Delete Requests:

Received: 90
Complied with (in whole or in part): 90
Denied: 0
Mean: 28
Median: 28

Right to Opt-Out Requests:

Received: 122
Complied with (in whole or in part): 122
Denied: 0
Mean: 28
Median: 27

Total Median Number of Days Within Which the Business Substantively Responded to Requests: 28

Total Mean Number of Days Within Which the Business Substantively Responded to Re8quests: 28

Contact

For more information regarding this Privacy Notice, you can contact:

Privacy Officer
Dun & Bradstreet, Inc.
101 JFK Parkway 5th Floor
Short Hills, NJ 07078
privacyofficer@dnb.com

If you are an EU citizen and have questions regarding your personal information or about Dun & Bradstreet's EU Privacy Policy, you can contact:

EU Data Protection Officer at EUDPO@dnb.com

Effective Date:

Effective Date of this Privacy Notice: September 10, 2021

This update to the Privacy Notice outlines updates to the type of information collected and expanded use cases for personal information. The previous update made public CCPA request metrics.

This Privacy Notice was previously updated July 1, 2021.