Privacy Policy
Data Services & Website Privacy Policy
As of April 1, 2025
Response Marketing Group, LLC and the Response Marketing Website rmg-usa.com (hereinafter the “Response Marketing Group”, “RMG”, “Company”, “Controller”, “Us”, “We”, “Website”) provides data analysis and marketing services (the “Services”) designed to help for-profit and not-for-profit organizations, and companies that work with them, to enhance their marketing and customer engagement. Our solutions, many of which are described on this website, are used principally to support digital and print marketing.
We take data privacy very seriously, and strive to protect the information we receive, process, and send in accordance with this Policy. We provide this Privacy Policy (hereinafter referred to as the “Policy”) to explain how we use and manage information, and what rights consumers have to control how their information is used.
To review the information addressing disclosures required under the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), and the Virginia Consumer Data Protection Act (“VCDPA”), please review the section titled “Policy Addendum.”
About This Policy
1. All Personal Data of the Data Subject (hereinafter referred to as “Subject”, “User”), as applicable, is processed with aim of compliance with a legal obligation under U.S. Law and Regulation (EU) 2016/679 (General Data Protection Regulation (“GDPR”)), Article 6(1) lit. of GDPR under which the Controller is obliged to receive consent of a Subject before processing their Personal Data.
2. This Policy sets forth the general rules of collection, processing, distribution, use, and storage of Subject and Website User’s Personal Data including any dispute concerning privacy under current Laws of the United States and the European Union, and in accordance with the data protection regulations applicable to Response Marketing Group and the RMG Website. For information related to our data management partner BettrData their Privacy Policy information can be found at https://bettrdata.io/privacy-notice-2/
3. It is understood and agreed that by the fact of use of the Website and its Services, the User gives Consent that he/she/they has fully read, understood, and accepted this Policy. If any User does not agree with this Policy in general or any part of it, such and must immediately stop use of the Website and its Services.
4. The following definitions and rules of interpretation apply in this Policy:
(a) Automated Decision-Making (ADM) is made which is based solely on Automated Processing (including profiling) which produces legal effects or significantly affects an individual. The GCPR prohibits Automated Decision-Making (unless certain conditions are met) but not Automated Processing.
(b) Automated Processing is any form of automated processing of Personal Data consisting of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to an individual, in particular to analyze or predict aspects concerning that individuals’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. Profiling is an example of Automated Processing.
(c) Consent: Consent of the Subject is any freely given, specific, informed, an unambiguous indication of the Subject’s wished by which he/she/they, by a statement.
(d) Data Controller: Data Controller (“Controller”) is a natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing of Personal Data.
(e) Data Subject: Data subject is any identified or identifiable natural person, whose Personal Data is processed by the Controller responsible for the processing. An identifiable natural person is an individual that can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, address, or other identification data.
(f) Explicit Consent: Explicit Consent is consent which requires a very clear and specific statement (that is, not just action).
(g) Personal Data: Personal Data means any information relating to a Data Subject as defined under U.S. privacy laws or GDPR, respectively, and as applicable. For U.S. Subjects. Personal Data excludes publicly available information and de-identified data.
(h) Processing: Processing is any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
(i) Processor: Processor is a natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Controller.
(j) Profiling: Profiling means any form of automated processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
(k) Recipient: Recipient is a natural or legal person, public authority, agency, or another body to which the Personal Data are disclosed, whether a third party or not. However, public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with applicable U.S. and/or EU laws shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
(l) Sensitive Personal Information: Any information about an individual that reveals their racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic information, biometric information for the purpose of uniquely identifying an individual, information concerning health, or information concerning a natural person’s sex life or sexual orientation. We do not collect or store such information.
(m) Third Party: Third Party is a natural or legal person, public authority, agency, or body other than the Subject, Controller, Processor, and persons who, under the direct authority of the Controller or Processor, are authorized to process Personal Data.
(n) Direct Marketing: RMG is subject to certain rules and privacy laws when marketing to or for our customers. For example, a Data Subject’s prior consent may be required for electronic direct marketing (for example, by email, text or automated calls). The exception for existing customers know as “soft opt in” allows organizations to send marketing texts or emails if they have obtained contact details in the course of a sale to that person, they are marketing similar products or services, and they gave the person an opportunity to opt out of marketing when first collecting the details and in every subsequent message. These requirements, like many other requirements under the GDPR apply when RMG is having direct interaction with a person and not necessarily when only providing services to to a third-party who subsequently directly interacts with individuals. If applicable the right to object to direct marketing myst be from other information. A Data Subject’s objection to direct marketing must be promptly honored. If a customer opts out at any time, their details should be suppressed as soon as possible. Suppression involves retaining just enough information to ensure that marketing preferences are respected in the future.
Security
5. We are committed to protecting the confidentiality of your information. We maintain reasonable physical, technical, and administrative safeguards to protect information we process and maintain. Please be aware that although we endeavor to provide reasonable security for the information we process and maintain, no security system can prevent all potential security breaches. Personal Data must be secured by appropriate technical and organizational measures against unauthorized or unlawful Processing, and against accidental loss, destruction or damage. RMG plans to continually develop, implement and maintain safeguards which are appropriate for: (i) a company of this size, scope and business, (ii) the available resources, (iii) the amount of Personal Data that RMG owns or maintains for itself or on behalf of others, and (iv) identified risks (including use of encryption and Pseudonymization where applicable). RMG will regularly evaluate and test the effectiveness of those safeguards to ensure the security of its Processing of Personal Data. Company Personnel are responsible for protecting the Personal Data held by RMG. RMG expects all Company Personnel to implement reasonable and appropriate security measures in accordance or conjunction with the safeguards described above, against unlawful or unauthorized Processing of Personal Data and against the accidental loss of, or damage to, Personal Data. Company Personnel must exercise particular care in protecting Sensitive Personal Data from loss and unauthorized access, use or disclosure.
Company Personnel must follow all procedures and technologies we put in place to maintain the security of all Personal Data from the point of collection to the point of destruction. You may only transfer Personal Data to third-party service providers who agree to comply with the required policies and procedures and who agree to put adequate measures in place, as requested.
RMG’s data security safeguards are intended to protect the confidentiality, integrity and availability of the Personal Date. When interpreting and using this Standard:
i. Confidentiality means that only people who have a need to know and are authorized to use the Personal Data can access it.
ii. Integrity means that Personal Data is accurate and suitable for the purpose for which it is processed.
iii. Availability means that authorized users are able to access the Personal Data when they need it for authorized purposes.
Company Personnel must comply with and not attempt to circumvent the administrative, physical and technical safeguards RMG implements and maintains in accordance with the GDPR and relevant standards to protect Personal Data.
Information We Collect & How We Use It
6. The following information may be collected for general purposes:
(a) the browser type and its version;
(b) the operating system used by the accessing system;
(c) the website from which an accessing system reaches the website;
(d) the sub-websites;
(e) the date and time of access to the Internet site;
(f) an Internet protocol address (IP address);
(g) the Internet service provider of the accessing system; and
(h) any other similar data and information that may be used in the event of attacks on our information technology systems.
7. When using this general data and information, we do not draw any conclusions about the Subject. Rather, this information is needed to:
(a) deliver the content of our website correctly;
(b) optimize the content of our website as well as its advertisement;
(c) ensure the long-term viability of our information technology systems and website technology; and
(d) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.
8. Therefore, we analyze anonymously-collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the Personal Data we may process. The anonymous data of the server log files are stored separately from all Personal Data, if any, provided by a Subject.
9. The following information can be collected for Services purposes:
(a) Contact information, such as name, home address, and email address;
(b) Information and actions associated with the User’s email;
(c) Internet protocol address (IP address);
(d) A cookie or device identifier, which uniquely identifies your browser or device;
(e) Usage data related to your email interactions, such as whether you receive, open or respond to an email, and related information;
(f) Usage data related to your website interactions, such as whether you visit or log in to a website, page visits and related information;
(g) Demographic information, such as inferred income or age range, household size, or home ownership;
(h) Information regarding consumer interests, such as what type of products you may be interested in, or what types of hobbies you might have, such as whether you are a likely pet owner or a sports or art enthusiast.
Some of the above information may be inferred. We may combine any of the Personal Data we collect or receive with other Personal Data.
10. We also may share Personal Data with business partners to help support marketing and allow for more refined targeting. We may also do so for analytical purposes, including to help these other parties measure marketing campaign performance, inform future campaigns, or to handle, analyze, or segregate Personal Data on our or our customers’ behalf. We do not otherwise transfer Personal Data to third parties.
11. Our website uses Google Analytics, a web analysis service of Google, Inc. Google Analytics employs cookies that are stored on your computer in order to facilitate an analysis of your use of the website. The information generated by these cookies, such as time, place and frequency of your visits to our website, including your IP address, is transmitted to Google’s location in the US and stored there.
12. The Subject may prevent the setting of cookies through our Website at any time by means of a corresponding adjustment of the web browser he/she/they use and thus permanently deny the setting of cookies. The Subject may also opt out directly through industry groups:
(a) Network Advertising Initiative (NAI): opt out of all partner cookies Partner Cookies Opt out
(b) Digital Advertising Alliance’s Ad Choices program: can opt-out of all tracking http://optout.aboutads.info
13. Our Website may contain links to non-RMG websites. We are not responsible for the practices of those third-party websites. When you access other websites from our sites using the links provided, the operators of these websites may use cookies in accordance with their own cookies policy, which may differ from ours. You should read their privacy and cookie policies carefully before you provide any personal information to them.
14. The Website contains information that enables a quick electronic contact to the Controller, RMG. If a Subject contacts the Controller by e-mail or via a contact form, the Personal Data transmitted by the Subject is automatically stored. Such Personal Data transmitted on a voluntary basis by a Subject to the Controller is stored for the purpose of processing or contacting the Subject. There is no transfer of this Personal Data to third parties. The submission of the Subject, with the voluntary indication of Personal Data, is intended to enable the Controller to contact the Subject regarding our Services. Subjects are free to have their Personal Data completely deleted from the data stock of the Controller. By submitting Personal Data on the Website of the Controller, the IP address—assigned by the Internet service provider (ISP) and used by the Subject—date and time of the submission are also stored. The storage of this data takes place against the background that this is the only way to prevent the misuse of our Services, and, if necessary, to make it possible to investigate committed offenses. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution. The Controller processes and store the Personal Data of the Subject only for the period necessary to achieve the purpose of storage. If the storage purpose is not applicable, or if a storage period expires, the Personal Data is routinely blocked or erased.
Your Rights
15. Subject to certain limitations on certain rights as applicable, you have the following rights in relation to your information, which you can exercise by contacting RMG by sending an email info@rmg-usa.com.
(a) to request access to your information and information related to our use and processing of your Personal Data, including: (i) the purposes of the processing; (ii) the categories of Personal Data concerned; (iii) the recipients or categories of recipients to whom the Personal Data have been or will be disclosed, in particular recipients in third countries or international organizations; (iv) where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period; (v) the existence of the right to request from the Controller rectification or erasure of Personal Data, or restriction of processing of Personal Data concerning the Subject, or to object to such processing; (vi) the existence of the right to lodge a complaint with a supervisory authority; (vii) where the Personal Data are not collected from the Subject, any available information as to their source. Where this is the case, the Subject shall have the right to be informed of the appropriate safeguards relating to the transfer
(b) To request and to obtain from the Controller the confirmation as to whether or not Personal Data concerning him/her/them is being processed.
(c) To request the correction or deletion of your information. Subject, as applicable, can request to delete his Personal Data (the right to be forgotten) in case: (i) the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) the Subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of GDPR, or point (a) of Article 9(2) of GDPR, and where there is no other legal ground for the Processing; (iii) the Subject objects to the Processing pursuant to Article 21(1) of GDPR and there are no overriding legitimate grounds for the processing, or the Subject objects to the processing pursuant to Article 21(2) of GDPR; (iv) the Personal Data have been unlawfully processed; (v) the Personal Data have been collected in relation to the offer of information society services referred to in Article 8(1) of GDPR.
(d) to request that company restrict the processing of your information in cases when: (i) the accuracy of the Personal Data is contested by the Subject, for a period enabling the Controller to verify the accuracy of the Personal Data; (ii) the processing is unlawful and the Subject opposes the erasure of the Personal Data and requests instead the restriction of their use instead; (iii) the Controller no longer needs the Personal Data for the purposes of the processing, but they are required by the Subject for the establishment, exercise or defense of legal claims; (iv) the Subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the Controller override those of the Subject.
(e) to receive information which Subject has provided to us in a structured, commonly used, and machine-readable format and the right to have that information transferred to another Controller (including a third party Controller);
(f) to object to the Processing of your information for certain purposes; and/or
(g) to withdraw your data protection consent to our use of your information at any time the Controller relies on your consent to use or process that information.
16. If one of the aforementioned reasons applies, and a Subject wishes to request the erasure of Personal Data stored, he/she/they may, at any time, contact any employee of the Controller or email info@rmg-usa.com. An employee of – Controller shall promptly ensure that the erasure request is complied with immediately.
17. If one of the aforementioned conditions is met, and a Subject wishes to request the restriction of the Processing of Personal Data stored by the Controller, he/she/they may at any time contact any employee of the Controller or email info@rmg-usa.com. The employee of the Controller will arrange the restriction of the Processing.
Children Under 18
(a) RMG does not knowingly sell personal information about consumers younger than 18 for the purpose of marketing or advertising directly to the minor. RMG does use personal information from minors younger than 18 to suppress matching records from marketing lists and facilitate identify verification.
Amendments & Contact Information
18. Response Marketing Group reserves the right to amend this Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated Policy on the Website and update the Policy’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
19. Contact Information: If you have any questions or comments about this Policy, the ways in which Response Marketing Group collects and uses your information described above, your choices and rights regarding such use, or wish to exercise your under applicable laws, please contact us at:
Phone: +1 804-740-5460
Email: info@rmg-usa.com
Postal Address:
Response Marketing Group
Attn: Privacy Administrator
1145 Gaskins Road, Suite 109
Richmond, VA 23238
Policy Addendum
As of January 1, 2025
This Policy Addendum (“Addendum”) for California, Colorado and Virginia Residents supplements is expressly made part of the information contained in the Response Marketing Group Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California or in the State of Virginia (“consumers” or “you”). We adopt this Addendum to comply with both the California Consumer Privacy Act of 2018 (“CCPA”), the California Privacy Rights Act (CPRA), Colorado Privacy Act (“CPA”), and the Virginia Consumer Data Protection Act (“VCDPA”). The above laws may not apply to each of you in each scenario and are supplied here for your reference. Any terms defined in the Addendum have the same meaning when used in this Policy.
Information We Collect:
RMG collects information that may identify, relate to, describe, reference, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Personal Information”). In particular, we have collected or obtained the following categories of Personal Information about its Subjects within the last twelve (12) months:
Purpose | Collected |
A. Identifiers | YES |
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), and similar applicable provisions of the Virginia Code or Colorado Code. | YES |
C. Protected classification characteristics under California, Virginia, Colorado or federal law | NO |
D. Commercial information | YES |
E. Biometric information | NO |
F. Internet or other similar network activity | YES |
G. Geolocation data | YES |
H. Sensory data | NO |
I. Professional or employment-related information | NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | NO |
K. Inferences drawn from other Personal Information | YES |
“Personal Information” does not include:
· Publicly available information from government records
· De-identified or aggregated consumer information.
· Information excluded from the CCPA/CPRA’s, VCRPA’s, CPA’s scope, like health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), similar applicable laws on Virginia and Colorado, or clinical trial data
· Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
RMG obtains the categories of Personal Information listed above from the following categories of sources:
· Directly from you. For example, from forms you complete or products and services you purchase.
· Indirectly from you. For example, from observing your actions on our Website.
· From third-party business partners such as contracted business entities, social media sites, ad networks, and analytics providers.
Use of Personal Information
We may use or disclose the Personal Information we collect for one or more of the following business purposes:
· To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
· To provide, support, personalize, and develop our Website, products, and Services.
· To create, maintain, customize, and secure your account with us.
· To process your requests, purchases, transactions, and payments and prevent transactional fraud.
· To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
· To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
· To help maintain the safety, security, and integrity of our Website, products and Services, databases and other technology assets, and business.
· For testing, research, analysis, and product development, including to develop and improve our Website, products, and Services.
· To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
· As described to you when collecting your Personal Information or as otherwise set forth in the CCPA/CPRA, VCDPA, and CPA.
RMG will not collect additional categories of Personal Information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
RMG may disclose your Personal Information to a contracted client for a business purpose for which we received your Personal Information. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.
We share your Personal Information with the following categories of contracted third parties:
· Service providers;
· Data aggregators.
RMG will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosures of Personal Information for a Business Purpose
In the preceding twelve (12) months, Company has disclosed the following categories of Personal Information for a business purpose:
· Category A: Identifiers.
· Category B: California, Virginia, and Colorado Personal Information categories.
· Category D: Commercial information.
· Category F: Internet or other similar network activity.
· Category G: Geolocation data.
· Category K: Inferences drawn from other Personal Information.
We disclose your Personal Information for a business purpose to the following categories of contracted of third parties:
· Service providers.
Sales of Personal Information
In the preceding twelve (12) months, Company has not sold Personal Information.
RMG takes and addresses its Users’ privacy concerns with utmost respect and attention. If you believe that there was an instance of non-compliance with this Policy with regard to your Personal Information or you have other related inquiries or concerns, you may write or contact us via email at: info@rmg-usa.com. In your message, please describe in as much detail as possible the nature of your inquiry or the ways in which you believe that the Policy has not been complied with. We will investigate your inquiry or complaint promptly. Please note that if you provide RMG with inconsistent privacy preferences, RMG cannot guarantee that your most recent privacy preference will be honored.
It’s important to understand that when you opt out with RMG, we don’t delete your information. We mark it on our databases as “Do Not Share.” We do this because if your information is deleted, in the future, we would have no way to know that you requested that your information not be shared. When you’re marked as “Do Not Share,” we’ll know that you didn’t want your information shared in case your information is later resubmitted. We want to be sure that consumers’ requests are honored until we’re told of a change.
Virginia, California & Colorado Users: Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
· Calling us at +1-804-740-5460
· Sending a letter to us at Response Marketing Group, 1145 Gaskins Road, Suite 109, Richmond, Virginia, 23238
Only you, or a person registered with the respective Virginia, California, or Colorado Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA/CPRA, VCDPA, CPA rights. Unless permitted by the CCPA/CPRA, VCDPA, CPA we will not:
· Deny you goods or Services.
· Charge you different prices or rates for goods or Services, including through granting discounts or other benefits, or imposing penalties.
· Provide you a different level or quality of goods or Services.
· Suggest that you may receive a different price or rate for goods or Services or a different level or quality of goods or Services.
Changes to Our Privacy Addendum
We reserve the right to amend this Addendum at their discretion and at any time. When we make changes to this Addendum, we will post the updated Addendum on the Website and update the Addendum’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.