PRIVACY POLICY
Last updated: March 5, 2025
NOUR SOLAR, LLC (“we,” “us,” or “our”) respects your privacy and is committed to protecting it through our compliance with this Privacy Policy. This Privacy Policy describes how we collect, use, disclose, and protect your personal information, particularly in compliance with California law, including the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and other applicable privacy regulations.
TABLE OF CONTENTS
(A) Personal Information You Provide to Us 3
(B) Sensitive Personal Information 3
(C) Information Automatically Collected 3
(D) Information from Third Parties 3
(A) Vendors, Consultants, and Other Third-Party Service Providers 5
(C) Compliance with Legal Obligations 6
(D) Protecting Our Business Interests 7
(E) Aggregated or De-Identified Information 7
(A) Right to Know and Access 7
(C) Right to Correct Inaccurate Information 8
(D) Right to Opt-Out of the Sale or Sharing of Personal Information 8
(E) Right to Limit the Use and Disclosure of Sensitive Personal Information 9
(F) Right to Non-Discrimination 9
(G) How to Exercise Your Rights 9
(I) Response Time and Process 10
(A) General Retention Principles 11
(B) Specific Retention Periods 11
(C) Consumer Rights Regarding Retention 12
(D) Secure Deletion Practices 12
(A) Organizational Security Measures 13
(B) Technical Security Measures 13
(C) Consumer Rights Regarding Data Security 14
(D) Security Incident Response and Data Breaches 14
(A) No Intentional Collection of Children’s Data 15
(B) Parental Consent for Users Under 13 (COPPA Compliance) 15
(C) No Sale or Sharing of Data for Users Under 16 (CCPA/CPRA Compliance) 15
(D) Minor’s Right to Delete Content (California “Eraser” Law) 15
(A) Your Right to Request Information 16
(B) How to Submit a Request 16
(C) Exceptions to the “Shine The Light” Law 17
(A) Virginia Consumer Data Protection Act (CDPA) 17
(B) Colorado Privacy Act (CPA) 17
(C) Connecticut Data Privacy Act (CTDPA) 18
(D) Utah Consumer Privacy Act (UCPA) 18
(F) Illinois, Texas, and Washington – Biometric Data Laws 18
(G) Data Breach Notification Laws (All 50 States) 19
(H) How to Exercise Your State-Specific Rights 19
We collect personal information in the following ways:
We collect personal information that you voluntarily provide when using our services. This may include:
When necessary, with your consent or as permitted by law, we may process the following sensitive personal information:
We automatically collect certain data when you interact with our website or services, such as:
We may collect data from third-party sources such as:
We process your personal information for legally permissible business purposes including but not limited to:
We may also use your personal information for purposes that are reasonably compatible with those outlined in this Privacy Policy, including but not limited to improving our services, enhancing user experience, conducting internal research, ensuring security, and complying with legal obligations. If we intend to use your information for a materially different, unrelated, or incompatible purpose, we will provide prior notice and obtain your consent where required by law.
We may disclose your personal information to third parties as permitted under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), for business purposes or as required by law. We do not sell personal information, but we may share it as outlined below.
We may share your data with third-party vendors, service providers, contractors, or agents (“third parties”) who perform services for us or on our behalf and require access to personal information to carry out their work. These third parties are contractually obligated to protect your personal data and are prohibited from using it for any purpose other than those specified by us.
The categories of third parties we may share personal information with include:
If we engage in a merger, acquisition, restructuring, or sale of assets, personal information may be transferred as part of that transaction. In such cases, we will ensure that the recipient of your data continues to honor the commitments made in this Privacy Policy.
We may disclose personal information if required by law or in response to valid legal requests, such as:\n
We may disclose information when necessary to:\n
We may share aggregated, anonymized, or de-identified information with third parties for analytical, research, or business development purposes. This data cannot be linked back to individual users.
We do not share personal information for materially different, unrelated, or incompatible purposes without providing prior notice and obtaining consent where required by law.
As a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These rights provide greater transparency, control, and protections over how your data is collected, used, and shared.
You have the right to request:
You may submit a request for this information twice within a 12-month period free of charge.
You may request that we delete your personal information, subject to certain exceptions. We may deny deletion requests if retaining the data is necessary to:
If we deny your deletion request, we will provide the specific reason in our response.
If you believe that any personal information we maintain about you is inaccurate, you have the right to request that we correct it. We will take reasonable steps to verify the accuracy of the updated information and correct any errors.
We do not sell personal information. However, we may share data for purposes such as targeted advertising. Under CPRA, you have the right to opt out of such sharing.
To opt out, you may:
If you opt out, we will not share your personal information for targeted advertising purposes.
If we collect sensitive personal information (e.g., financial data, precise geolocation, racial or ethnic origin), you have the right to limit its use to what is strictly necessary for providing our services.
To exercise this right, you may:
You have the right to equal service and pricing when exercising your privacy rights. We will not:
However, if you participate in a financial incentive program (such as discounts in exchange for personal data), we will provide clear terms and ensure compliance with CPRA’s fair value assessment.
To submit a request to access, correct, delete, or opt out of the sale/sharing of your personal information, you may:
To protect your privacy, we will verify your identity before processing your request. You may need to provide:
If an authorized agent submits a request on your behalf, we may require:
We will confirm receipt of your request within 10 business days and respond within 45 calendar days. If an extension is needed, we will notify you within the initial timeframe and provide an explanation.
We use cookies and similar technologies to enhance your experience, analyze trends, and track website activity. You can manage your cookie preferences via your browser settings or through our Cookie Policy.
We honor Global Privacy Control (GPC) signals as a mechanism to exercise opt-out rights under California law.
We retain personal information for no longer than is reasonably necessary to fulfill the purposes for which it was collected. The retention period depends on the type of data, legal requirements, and business needs.
We determine how long to retain personal information based on the following factors:
Unless otherwise required by law, we retain personal information according to the following guidelines:
Category of Personal Information |
Retention Period |
Identifiers (e.g., name, email, phone) |
As long as necessary for service delivery or until an account is deleted. |
Financial Information (e.g., payment details) |
Retained for the duration of the transaction, plus any legally required retention period (e.g., tax or audit purposes, typically 7 years). |
Commercial Information (e.g., purchase history) |
Retained for 5 years after the last transaction or interaction with our services. |
Internet/Network Activity (e.g., browsing history) |
Retained for 1 year for analytics and security purposes. |
Geolocation Data |
Retained for 90 days unless required for fraud prevention or legal compliance. |
Employment-Related Information |
Retained for 7 years post-employment or application per labor law requirements. |
Sensitive Personal Information |
Retained only as long as necessary to provide requested services and fulfill compliance obligations. |
Inferences (e.g., profiles and preferences) |
Retained for 1 year, unless actively used for personalization, in which case retention is extended. |
California residents may request:
When personal information is no longer needed, we:
We review our retention policies at least annually to ensure compliance with CCPA/CPRA and industry best practices.
We implement reasonable and appropriate security measures to protect personal information from unauthorized access, disclosure, alteration, and destruction. However, no security system is completely infallible, and we cannot guarantee absolute protection.
We maintain policies and procedures to ensure that personal information is handled securely and access is restricted to authorized personnel only. These measures include:
We employ industry-standard technical safeguards, including:
Under CCPA/CPRA, consumers have the right to:
In the event of a data breach affecting personal information, we will:
When personal information is no longer needed, we:
We regularly review and update our security policies to comply with evolving legal requirements and industry standards, ensuring full compliance with CCPA/CPRA and best practices for data protection.
We do not knowingly collect, use, or disclose personal information from children under the age of 13, in compliance with the Children’s Online Privacy Protection Act (COPPA), and do not knowingly sell or share personal information of consumers under the age of 16, in accordance with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
Our services are not directed to children under 13, and we do not knowingly collect personal information from them. If we become aware that we have inadvertently collected data from a child under 13, we will take immediate steps to delete it.
If a situation arises where we must collect personal information from a child under 13, we will:
Parents or guardians who believe their child has provided personal information without consent should contact us immediately at [email protected], and we will promptly investigate and delete any such data.
We do not sell or share personal information of users under 16 years of age for targeted advertising or other commercial purposes. If we become aware that a user under 16 has opted into data sharing without proper consent, we will immediately revoke such sharing and delete the data upon request.
If a California resident under the age of 18 has publicly posted content on our platform, they may request deletion by contacting [email protected]. While we will make reasonable efforts to remove such content, this does not ensure complete removal, particularly if:\n
Under California Civil Code Section 1798.83, also known as the “Shine The Light” Law, California residents have the right to request information about how their personal information is shared with third parties for direct marketing purposes.
If you are a California resident, you may request:
We do not share personal information with third parties for their direct marketing purposes unless you have provided explicit consent.
To request this information, you may contact us once per calendar year by:
Email: [email protected]
Mail: NOUR SOLAR, LLC, 2108 N St, Ste N, Sacramento, CA 95816, United States
In your request, please include:
We will respond within 30 days of receiving a verified request.
This law does not apply if a business:
In addition to our compliance with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), we recognize and adhere to other state privacy laws applicable to residents of various U.S. states. If you are a resident of one of the states listed below, you may have additional rights regarding your personal information.
Under the Virginia CDPA, residents have the right to:
If you are a Colorado resident, you have the following rights under the Colorado CPA:
Under the Connecticut Data Privacy Act (CTDPA), Connecticut residents have rights similar to those under the Colorado and Virginia privacy laws, including the right to:
The Utah Consumer Privacy Act (UCPA) provides Utah residents with the right to:
Under Nevada’s privacy law, residents have the right to opt out of the sale of their personal information. However, we do not sell personal information.
If you are a resident of Illinois, Texas, or Washington, you are protected under biometric privacy laws. These laws require that businesses:
We comply with state-specific data breach notification laws across all U.S. states, including California, New York, Texas, and Florida. If your personal information is involved in a data breach, we will notify you as required by law.
If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Nevada, Illinois, Texas, Washington, or any other state with applicable privacy laws, you can submit a request to:
Email: [email protected]
Mail: NOUR SOLAR, LLC, 2108 N St, Ste N, Sacramento, CA 95816, United States
We will process verified requests within 45 days (with a possible 45-day extension where necessary).
We may update this Privacy Policy periodically. Any changes will be posted with an updated “Last Updated” date. If material changes are made, we will notify you via email or website notice.
For any privacy-related inquiries, you may contact us at:
NOUR SOLAR, LLC
2108 N St, Ste N
Sacramento, CA 95816
United States
Email: [email protected]