Last Modified: December 27, 2022
Reviewed On: December 27, 2023

CALIFORNIA SHINE THE LIGHT LAW

Residents of the State of California may ask us to provide them with a list of the types of personal information that we have disclosed during the preceding year to third parties for their direct marketing purposes, and the identity of those third parties. If you are a California resident and would like such a list, please contact us at privacy@nypost.com.

For all such requests, please indicate “CA Shine the Light” in the subject field of your request and include the name of the Service with respect to which you are requesting the information. You must also include your full name, street address, city, state, zip code and email address.

NOTICE TO CALIFORNIA RESIDENTS

The California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act of 2020 (“CPRA”) provide certain rights to residents of California. This section of the Privacy Notice applies if you are a natural person who is a resident of California (“California Resident”) and uses our Services. This notice supplements the information in the Privacy Notice. Certain terms used below have the meanings given to them in the CCPA and CPRA. The CCPA and CPRA shall be collectively referred to herein as the “CPRA.”

The following sets forth the categories of information we collect and purposes for which we may use California Residents’ personal information:

CATEGORIES OF PERSONAL INFORMATION WE COLLECT ABOUT YOU, WHY AND HOW WE COLLECT SUCH PERSONAL INFORMATION

Summarized in the table below are the categories of personal information we may have collected about you over the past twelve (12) months, depending on how you interact with us. The following table also describes how we collect and use such categories of information.

Categories of information collected
(Please see descriptions of the categories
located just below this table)
Purposes of collection Sources of personal information
Identifiers
  • Performing Services
  • Auditing
  • Short-term Use
  • Commercial Interests
  • Data Security, Fraud Prevention, Repairs
  • Internal Uses
  • You
  • Affiliates and Partners
  • Services Use
Commercial Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Commercial Interests
  • Internal Uses
  • You
  • Affiliates and Partners
  • Services Use
Financial Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Internal Uses
  • You
  • Affiliates and Partners
  • Services Use
Internet Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
  • Internal Uses
  • Services Use
Geo-Location Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Commercial Interests
  • Internal Uses
  • Affiliates and Partners
  • Services Use
Inference Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
  • Internal Uses
  • Affiliates and Partners
  • Services Use
Profile Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
  • Internal Uses
  • You
  • Affiliates and Partners
  • Services Use
Associated Data
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
  • Internal Uses
  • You
  • Affiliates and Partners
  • Services Use

More details on the categories of personal information, the purposes for which we collected such information and the sources from which we obtain your personal information are outlined below, and otherwise set forth in the Information We Collect and Obtain and How We Use the Information We Obtain Sections of our Privacy Notice.

Categories of Personal Information Collected:

  • Identifiers (such as your contact information (name, email address, postal address, phone number), or unique personal identifiers (wireless device ID, cookies, IP address, username, password) (“Identifiers”);
  • Commercial information (such as transaction data, purchase history, or delivery information) (“Commercial Data”);
  • Financial information (such as credit or debit card information, verification number, and expiration date) (“Financial Data”);
  • Internet or other network or device activity (such as browsing history, browser type and language, operating system or app usage) (“Internet Data”);
  • Geo-location information (such as city, state and zip code associated with your IP address or derived through Wi-Fi triangulation; and with your permission in accordance with your mobile device settings, precise geolocation information from GPS-based functionality on your mobile devices (“Geo-location Data”);
  • Inference information about you (such as preferences, characteristics, and behaviors) (“Inference Data”);
  • Profile data about you and any inferences drawn from the profile data (such as characteristics, behaviors, attitudes) (“Profile Data”); and
  • Information that identifies or can be reasonable associated with you (“Associated Data”).

Business or Commercial Purposes for which We Collected or Disclosed Personal Information:

  • performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services (“Performing Services”);
  • auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance (“Auditing”);
  • short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction (“Short-term Use”);
  • detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity, debugging to identify and repair errors that impair existing intended functionality (“Data Security, Fraud Prevention, Repairs”);
  • to advance the commercial or economic interests of the Company, such as by inducing another to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction (“Commercial Interests”); and
  • to conduct internal (i) reporting, including analytics, keeping of financial books and records, financial, technical auditing and legal compliance and (ii) research and quality control for technological development and demonstration (“Internal Uses”).

Categories of Sources from which We Collected Personal Information:

  • Directly from you (“You”);
  • From other sources (such as Company affiliates and/or business partners; advertising providers; analytics providers; marketers; public data bases; consumer data resellers; social media networks, in accordance with your privacy preferences on such services; researchers; payment processors; and surveys)(“Affiliates and Partners”); and
  • Through your use of the Services (“Services Use”).

Retention Periods for Personal Information which We Collected

The period of time that we keep certain personal information about you depends on the type of customer you are as well as the purposes for which that information is used. All information is kept for the entire period that you are an active user of our Services. Once you are no longer an active user of our Services, we keep your information for the following time periods:

Type of Customer Purpose of Collection Retention Period
(post active status)
Unregistered Digital User
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
13 months
  • Internal Uses
Up to 6 years
Registered Digital User
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
Up to 45 days
  • Internal Uses
Up to 45 days
Digital Subscriber
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
Up to 6 years
  • Internal Uses
Up to 10 years
Home Delivery Subscriber
  • Performing Services
  • Auditing
  • Short-term Use
  • Data Security, Fraud Prevention, Repairs
  • Commercial Interests
Up to 6 years
  • Internal Uses
Up to 10 years

We will actively review the personal information we hold and delete it securely, or in some cases anonymize it, when there is no longer a legal, business or consumer need for it to be retained.

HOW WE SELL/SHARE AND DISCLOSE YOUR PERSONAL INFORMATION

We have shared the personal information collected from and about you over the past twelve (12) months as discussed above for various business purposes. The chart below explains the categories of information that we may have shared with third parties and the categories of those parties.

Third Parties with which we share information and why Categories of information shared
Our Subsidiaries and Affiliated Businesses. We may share information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience, consistent with our Privacy Notice. Those businesses may also use your information for their own purposes, including marketing purposes.
  • All categories of information we collect may be shared with our affiliates
Third Party Partners for Marketing Purposes. We may share your information with partners whose offerings we think may interest you. For example, if you sign up for our newsletters, then we may share information with third parties, such as advertisers, for their marketing and other purposes.
  • Identifiers
  • Internet Data
  • Geo-location Data
  • Inference Data
  • Profile Data
  • Associated Data
Third Party Partners to Provide Co-Branded Products and Services. In some cases, we may share information with third-party partners to provide co-branded products or services. For example, when we run a co-sponsored sweepstakes.
  • Identifiers
Third Parties for Legal Requirements and Proceedings. We may disclose information to law enforcement authorities or other government officials if we are required to do so to comply with subpoenas, court orders, legal process or other law enforcement or government measures, and to comply with other legal obligations. We may disclose information if we believe disclosure is necessary or appropriate in connection with an investigation of suspected or actual fraudulent or illegal activity.
  • Any or all categories of information may be shared with third parties for legal requirements and proceedings, depending on the specific legal requirements
Third Parties for the Protection of our Services and Users. We may disclose information to protect and defend the rights, interests, and safety of the Services, our subsidiaries and affiliates, and their employees, contractors and agents; to protect the security and safety of our users of the Services, including when we believe disclosure is necessary to prevent physical harm or financial loss.
  • Internet Data
  • Inference Data
  • Internet Data
  • Profile Data
  • Associated Data
Third Parties in Business Transfers. We may disclose information in connection with a proposed or completed corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets.
  • Any or all categories of information may be shared with third parties in a business transaction, depending on the specific transaction
Third-Party Online Advertisers and Ad Networks. As discussed in the Interest-Based Advertising Section of our Privacy Notice, the Services may rely on third-party advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads.
  • Identifiers
  • Internet Data
  • Geo-location Data
  • Inference Data
  • Profile Data
  • Associated Data
Internet Services Providers. In connection with the provision of the Services, we may share information with companies that provide internet services.
  • Identifiers
  • Internet Data
Data Analytics Providers. We may share information with companies that provide data analytics services in order to operate, evaluate and improve our business.
  • Identifiers
  • Internet Data
  • Geo-location Data
  • Inference Data
  • Profile Data
  • Associated Data
Operating Systems and Platforms. We may share information with software companies that power your devices and companies that provide common tools/information for software or apps about software or app consumers.
  • Identifiers
  • Internet Data
Social Networks. As discussed in the Information We Share Section of our Privacy Notice and our Social Networking Notice, we may share your information with social networking services for their commercial or marketing purposes.
  • Identifiers
  • Internet Data
List Rental Services. We may share information with list rental services, e.g. to parties whose offerings we think may interest you marketing or commercial purposes.
  • Identifiers

CALIFORNIA CONSUMER PRIVACY RIGHTS AND CHOICES

California Residents may have certain rights in connection with the personal information we collect about you, many of which are subject to exceptions under applicable law:

Right to access, disclosure and portability. You may have the right to request, twice during a twelve-month period, the following information about the personal information we have collected about you during the past 12 months:

  • the categories and specific pieces of personal information we have collected about you;
  • the categories of sources from which we collected the personal information;
  • the business or commercial purpose for which we collected or sold the personal information;
  • the categories of third parties with whom we shared the personal information;
  • the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose; and
  • the specific pieces of personal information we obtained from you in a format that is easily understandable, and to the extent technically feasible, in a structured commonly used, machine-readable format.

The right to nondiscrimination. We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.

The right to opt-out of the sale or sharing of your personal information. You have the right to opt out of the sale or sharing of your personal information. California law broadly defines “sale” such that it may include allowing third parties to receive certain information, such as IP address and/or browsing behavior, to deliver targeted advertising.

If you would like to opt out, you may do so as outlined on the following page: click here or by contacting us at 1-800-552-7678

The right to deletion. You may have the right to request that we delete the personal information we have collected from you.

Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.

How to exercise your access, correction and deletion rights.

California residents may exercise their California privacy rights by submitting your request to Submit Request, or by contacting us at 1-800-552-7678.

Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:

  • Where you have requested the categories of personal information that we have collected about you, we will respond by email providing such categories.
  • Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCRA. For instance, we may not disclose government ID or financial account number as such disclosure may create an unreasonable risk to your personal information, your account with us, or our business systems.
  • Where you have requested that we delete personal information that we have collected from you and we will inform you whether or not we are able to comply with your request. Certain information may be exempt from such requests under applicable law. If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.

If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.

Click here to review our CCPA request metrics for 2022.

Authorized Agents

You may also designate an agent to make requests to exercise your rights under CCRA as described above. We will take steps both to verify both (1) the identity of the person seeking to exercise their rights as listed above and (2) that your agent has been authorized to make a request on your behalf by providing us with a signed written authorization or a copy of a power of attorney.

Return to Privacy Notice