This Privacy and Cookie Policy (this “Policy”) describes the ways in which Cochran, Booth & Company, LLC (“Provider”) collects, uses, and discloses information about you, including personally identifiable information, in connection with your use of the website cochranbooth.com and investors.cochranbooth.com (the “System”). Throughout this Policy, “you” refers to the individual or entity that is visiting the System. By using the System, you consent to the use of your information as set forth in this Policy.

1. This Policy.

a. Scope. Provider utilizes the System to provide certain investment management, investor reporting, and communication services to you (the “Services”). In the course of providing the Services, Provider may collect “Personal Information,” which means any information relating to an identified or identifiable natural person (a “data subject”) (an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person).  

b. Changes to this Policy. Provider reserves the right to update this Policy from time to time by posting a new Policy on this page, and in some cases where changes are material Provider may also contact you via electronic mail or post a notice on the homepage to let you know of such changes. You are advised to consult this Policy regularly for any changes. Your continued use of the System after such changes have been made constitutes acceptance of those changes.

2. Collection of Information.

a. Information that You Provide. Provider collects any information that you voluntarily provide, including when you create an account on the System or when you use the Services available through the System. Information that you may provide includes your email address, name, phone number, location, and online social accounts. Provider may also collect information that you provide by electronic mail, telephone or other means.

b. Automatically Collected Information. Provider may automatically collect certain technical information from your computer or mobile device when you use the System, such as your Internet Protocol address, your web browser type and version, the name and version of your operating system, the pages you view on the System, the pages you view immediately before and after you access the System, and the search terms you enter on the System. This information allows Provider to recognize you and personalize your experience if you return to the System using the same computer or mobile device, and to improve the System and the Services.

c. Information about Legal and Other Materials. In addition, Provider may collect technical information from your computer or mobile device concerning your receipt of communications, access to materials and approval or execution of contracts, consents or other statements or agreements by means of the System, including the System’s Terms of Use and this Policy.

d. Cookies. Provider may collect this information using “cookies,” which are small text files that the System saves on your computer or mobile device, or similar technologies. You can disable cookies in your browser settings, but doing so may affect the functionality of the System. Provider may also collect information using “web beacons,” which are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon or using unique links that can distinguish when individual users click the link. Web beacons and unique links, alone or in conjunction with cookies, may help Provider compile information about your interactions with electronic mail sent to you in connection with the Services. For further information, see the Cookie Policy in Section 5 below. 

e. Cross-Site Tracking. Provider does not utilize technical measures in the System to track your activities across different web sites or online services, whether you configure your browser’s Do Not Track feature or otherwise. The System does utilize third-party application programming interfaces controlled by third parties, such as to display maps and graphs, that may attempt to track your activity across other sites that utilize those interfaces.

f. Reviewing and Correcting Information. You may update or correct contact information and other Personal Information stored about you on the System by accessing your account/profile page, or by sending a written request to the Provider.  

3. Use and Disclosure of Information. Provider may collect, use, share, and otherwise process your personal information for a number of purposes, including, but not limited to:

a. Accessing the System and Providing the Services. Provider uses your Personal Information to provide you with the Services, or products, services or information related to the System or the Services, including: providing you with information about the System, Services or required notices; customizing your experience when using the System, such as by providing interactive or personalized elements on the System; and providing you with content based on your interests. The legal basis for such use are the System’s Terms of Use and this Policy.

b. Analysis. Provider uses your Personal Information for improving the System and/or the Services, including by (i) combining or aggregating any of the information collected through the System or elsewhere for generating and analyzing statistics about your use of the System and user demographics and traffic patterns and (ii) using anonymized data that may or may not be derived from Personal Information but does not personally identify you, both for disclosure to third parties and for the purpose of enhancing the Services and developing new Service offerings. The legal basis for such use are the System’s Terms of Use and this Policy and Provider’s legitimate interest in improving the System and Services.

c. Security. Provider may use your Personal Information for safety and security purposes, including sharing of your information for such purposes, when it is necessary to pursue Provider’s legitimate interests in ensuring the security of the System and Services, including detecting, preventing and responding to fraud, intellectual property infringement, violations of the System’s Terms of Use, violations of law or other misuse of the System; and when Provider believes in good faith that disclosure is necessary (A) to protect Provider’s rights, the rights of other users of the System, the integrity of the System, or your safety or the safety of others, or (B) to detect, prevent or respond to fraud, intellectual property infringement, violations of the System’s Terms of Use, violations of law or other misuse of the System.

d. Service Providers. Provider engages third-party service providers (such as payment processors, hosting providers and analytics and security providers) to assist in operating and marketing the System. Provider’s engagement of third-party service providers is often necessary for Provider to provide the Services to you, particularly where such third-party service providers ensure that the System and Services are operating and secure. In other cases, Provider has a legitimate interest in third-party service providers that can help improve the System and the Service.

e. Other Disclosure. Provider may disclose Personal Information about you to others: (a) with your valid consent to do so; (b) to comply with a valid subpoena, legal order, court order, legal process, or other legal obligation; (c) to enforce any of the terms and conditions or policies; or (d) as necessary to pursue available legal remedies or defend legal claims. Provider may also transfer your Personal Information to an affiliate, a subsidiary or a third party in the event of any reorganization, merger, acquisition or sale, joint venture, assignment, transfer or other disposition of all or any portion of Provider’s business, assets or stock, including, without limitation, in connection with any bankruptcy or similar proceeding, provided that any such entity that Provider transfer Personal Information to will not be permitted to process your Personal Information other than as described in this Policy without providing you notice and, if required by applicable laws, obtaining your consent.

f. Marketing. If you submit your information to a Provider via Juniper Square, Provider may provide you with information about the System, Services or required notices. In addition, Provider may use collected information for delivering marketing communications that may be of interest to you. You have the right to ask Provider not to process your Personal Information for marketing purposes.

4. Storage.

a. Jurisdiction. Information collected through the System will be stored in, processed in and subject to the laws of the United States, which may not provide the same level of protection for your information as your home country, and may be available to the United States government or its agencies under a lawful order made in the United States. By using the System, you consent to such transfer to, storage in and processing within the United States.

b. Security. Provider is committed to protecting your information from unauthorized access, use or disclosure. The system and its operators maintain administrative, technical and physical safeguards designed to protect the information collected through the System. For example, all information you transmit to the System is encrypted using Transport Layer Security technology (TLS). However, no information or communication system can be 100% secure, so Provider cannot guarantee the absolute security of your information. In addition, Provider is not responsible for the security of information that you transmit to the System over networks that Provider does not control, including the Internet and wireless networks.

c. Retention. Provider will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. If you wish to access or correct any information Provider holds about you, you may have your data deleted, blocked or corrected (as long as compliant with applicable law). Provider also collects and retains information through the System in an anonymized form, i.e. tracking the pages you visit and how long was spent on each page.  

5. Cookie Policy.

This section provides Provider’s cookie policy and describes how Provider uses Cookies and similar technologies. For more information on Provider’s general data privacy practices, please see the full Policy.

a. Cookies. Cookies are small pieces of data that are stored on your computer, mobile phone, or other device when you first visit a page. Provider uses cookies, web beacons and similar technologies (“Cookies”) to enhance your user experience, understand your usage of the System and Services and to perform analytics. Cookies may also be set by other websites or services that run content on the page you are visiting. The provision of your data via Cookies is voluntary except for those Cookies that Provider places on your device because it is necessary for the performance of the System or Services. Provider uses “session cookies” and “persistent cookies.” Session Cookies are temporary Cookies that remain on your device until you leave the System or Services. A persistent Cookie may remain on your device for much longer until you manually delete it.

b. Use. Cookies can contain the following information about you and your use of the System: browser type, search preferences, data relating to which pages of the System that you have visited and the date and time of your use. Provider uses Cookies for the following purposes:
i. To enable and support security features, prevent fraud, and protect your data from unauthorized access.
ii. To enable features and help us provide you with personalized content.
iii. To analyze how you use the System and to monitor site performance. These Cookies help us to identify and fix errors, understand and improve services, research and test out different features, and monitor how you reached the System.

c. Third-Party Cookies. Provider uses the following third-party Cookies on the System:

i. Google Maps and Google Charts. The System includes mapping and charting services from Google. These services use cookies in their internal operations. See https://policies.google.com/privacy for details.

ii. DocuSign (if applicable). The System provides the option to execute agreements via DocuSign. If you interact with DocuSign via the System, you may encounter cookies used by DocuSign in their internal operations. See https://www.docusign.com/company/privacy-policy for details.

iii. Wistia, YouTube, and Vimeo. The System provides a capability to embed video from Wistia, YouTube, or Vimeo as part of offering marketing materials. If you view marketing materials containing embedded video, the video player may use cookies in its internal operations, including functions such as tracking how many visitors play the video, and how much of the video they play. In addition, Wistia hosts the video content embedded in the System’s help center. See https://wistia.com/privacy, https://policies.google.com/privacy, and https://vimeo.com/privacy for details.

iv. Zendesk. Provider provides help materials via an integration with Zendesk. When you use the help center, you may encounter cookies used by Zendesk in their internal operations. See https://www.zendesk.com/company/customers-partners/privacy-policy/ for details.

d. Opting Out. You can control and/or delete cookies as you wish – for details, see https://www.aboutcookies.org/. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work as intended by Provider. 

6. GDPR.

a. If you are a resident of the European Union, Provider will process your Personal Information in compliance with the EU General Data Protection Regulation (“GDPR”). For information submitted using the System, Provider is the data controller, as defined under GDPR. In accordance with GDPR, as a data subject you will be accorded with any applicable rights, which may include the following:
i. right of confirmation;
ii. right of access;
iii. right to rectification;
iv. right to erasure;
v. right of restriction of processing;
vi, right to data portability;
vii. right to object; 
viii. right to withdraw data protection consent; and
ix. the right to lodge a complaint with a supervisory authority.

7. Third-Party Websites. The System and communications from Provider may contain links to websites operated by third parties. You acknowledge and agree that Provider is not responsible for the collection and use of your information by such websites that are not under Provider’s control. Provider encourages you to review the privacy policies of each website you visit.

8. Children’s Information. The System is not directed to, nor does Provider knowingly collect information from, children under the age of 13. If you become aware that your child or any child under your care has provided information without your consent, please contact Provider immediately using the contact information provided below.

9. Other Agreements. You may from time to time enter into binding legal agreements relating to certain Services available through the System, which may have terms that are different from those of this Policy. In the event of any inconsistency, the terms of such other agreement shall control with respect to such Services.

Role of Juniper Square.

a. Host and Operator. Juniper Square, Inc., a Delaware corporation (“Juniper Square”) hosts and operates the System on behalf of Provider as a data processor. As operator of the System, Juniper Square has access to, stores and processes all Personal Information received and collected about you by means of the System, as well as information that Provider furnishes to Juniper Square about you, for the purpose of hosting and operating the System and facilitating provision of products and services by Provider to you. Juniper Square does not direct or control Provider’s use or storage of Personal Information about you. Juniper Square’s collection, use and disclosure of your Personal Information is described in the Juniper Square privacy policy, which is available at http://www.junipersquare.com/legal/privacy_policy.html.

b. Business Transfer. If Juniper Square, or substantially all of Juniper Square’s assets, are acquired, or in the unlikely event that Juniper Square were to go out of business or enter bankruptcy, user information will be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Juniper Square may continue to use your Personal Information as set forth in this Policy (as it may be amended from time to time).

10. Contact Information. If you have any questions about this Policy or the collection or use of information about you, please write to Provider at contact@cochranbooth.com or 129 E. Front Street, Suite 200, Traverse City, MI 49684.

POLICIES