Infrastructure & Energy Alternatives Privacy Policy 

Effective Date:  February 28, 2020

Infrastructure & Energy Alternatives (“we,” “us,” “our”) respects your privacy and takes the responsibility of protecting the Personal Information that you provide to us via the Services (defined below) seriously. We encourage you to carefully review this Privacy Policy to have a clearer understanding of our privacy practices. If you do not agree with our policies and practices, do not access, continue to access, or use the Services.

This Privacy Policy is intended to outline our practices regarding the collection, use, disclosure, and protection of information received from users of the Services, including users who are residents of the State of California (collectively, “you” or “user”). We adopt this Privacy Policy to comply with the California Consumer Privacy Act of 2018 (“CCPA”).

Scope

The Privacy Policy applies to the “Services,” which includes our mobile applications, “SAM” and “Elevate” and other mobile applications that may be developed by us or third-party vendors from time to time, are accessed by a user, whether via a web or mobile browser, or via iOS, Android, or other comparable mobile operating systems.

Information We Collect

We collect several types of information from and about users of the Services.

Personal Information: We may collect Personal Information from you in order to provide you with the information or services you may request. “Personal Information” refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or device. When you use, navigate, and/or complete forms on the Services, we may collect Personal Information about you.

The categories and types of Personal Information we may collect, along with the purposes for which we use your Personal Information and what third parties we share your Personal Information with, include:

Personal Information does not include: publicly available information from government records; deidentified or aggregate information; or certain personal information protected by other sector- specific federal or state statutes.

Deidentified Information: We may collect Deidentified Information when you use and navigate the Services. “Deidentified Information” is information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular individual. Deidentified Information may include, without limitation, information regarding your device, the type of internet browser you are using, the type of computer operating system you are using to access the Services, or the internet service provider utilized. We will take reasonable measures to ensure that Deidentified Information we collect is not personally identifiable and may not later be easily used to identify you as otherwise required by applicable law.

Aggregate Information: We may collect “Aggregate Information” which means information that relates to a group or category of individuals, from which an individual’s identity has been removed, that is not linked or reasonably linkable to any individual, including via a device.

Children Under the Age of 16: The Services are not intended for children under 16 years of age. We do not market to and do not knowingly collect, disclose, or sell any Personal Information from, or about a child under the age of 16 without the consent of the child’s parent or legal guardian. If we discover that we have inadvertently collected information from a child under 16 years of age, we will promptly take all reasonable measures to delete such information from our systems.

How We Collect Information

We collect Personal Information, Deidentified Information, and Aggregate Information (collectively, “Your Information”) from the following categories of sources:

Directly From You: We may collect Personal Information from you when you voluntarily provide Personal Information to us, for example, by completing forms or executing reports.

Indirectly From You: We may collect Personal Information and Deidentified Information from you when you interact with the Services. We collect Personal Information (such as browsing history, search history, and information on your interactions with the Services) that your browser transmits when you visit the Services. We may collect Personal Information and Deidentified Information about how you access and interact with the Services through the use of automated tracking technology, such as “cookies” and “web beacons.”

A cookie is a small data file that is transferred to a web browser, which enables the Services to remember and customize your subsequent visits. Most internet browsers automatically accept cookies. You can instruct your browser to block the acceptance of cookies or to provide you with a warning prompt before you accept cookies from the Services. Please refer to your internet browser’s instructions to learn more about these functions. If you reject cookies, the functionality of the Services may be limited and you may not be able to participate in several of the Services’ features. Additionally, we may use web beacons, which are single-pixel, electronic images embedded in the Services that allow us to gather information about your browsing activities on the Services.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

How We Use Your Information

We use Your Information for various business purposes to help enhance your experience. These purposes include, but are not limited to:

Delivery of Services: We may use Your Information to deliver our services, products, and features to you. For example, we may send you emails about transactions and send you notices and information about updates to the Services.

Customer Service and User Communications: We may use your Personal Information to help us respond to your inquiries, questions, requests, and support needs more efficiently.

User Experience Personalization: We may use Your Information to analyze users’ browsing and usage activities and patterns in order to understand users’ interests and preferences with respect to the Services. This will help us optimize the users’ experience on the Services.

Business Optimization: We may use Your Information in managing our everyday business needs. We may also use your feedback to improve the Services.

Account Verification: We may use Your Information to provide you automatic login access to the mobile applications.

How We Disclose Information

We may share and disclose Your Information to third parties for a business purpose or to fulfill legal obligations. When we disclose Personal Information for a business purpose, we enter a contract that describes the business purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. We may share and disclose Your Information in the following circumstances:

Law Enforcement, Safety, and Legal Processes (collectively, “Law Enforcement”): Your Information may be shared with law enforcement or other government officials if it relates to a criminal investigation or alleged criminal activity. We may also share Your Information if required or permitted to do so by law, for fraud protection and credit risk reduction purposes, or in the good-faith belief that such action is necessary to protect and defend our property rights or the rights of the users of the Services. We may further share Your Information to act under urgent circumstances to protect the safety of our employees or a member of the public, or to comply with a judicial proceeding, court order, or legal process.

 In a Sale or Acquisition of Assets: If we become involved in a transaction involving the sale of our assets, such as a merger or acquisition, or if we are transferred to another company, we may disclose and/or transfer Your Information as part of the transaction. If the surviving entity in that transaction is not us, the surviving company may use Your Information pursuant to their own privacy policies, and those policies may be different from this Privacy Policy.

We may disclose the following categories of Personal Information for a business purpose: Identifiers; California Customer Records statute personal information categories; Internet or similar network activity; and Geolocation data.

Sale of Personal Information

We do not sell Personal Information to any third parties.

California Resident Rights and Choices

Under certain circumstances, California residents may have specific rights regarding their Personal Information. California residents have the following rights under the CCPA:

• Right to Access Specific Information. You have the right to request that we disclose certain information to you about our data processing practices over the past 12 months.
• Right to Data Portability. You have the right to receive information you request in a portable and readily usable format that allows you to transmit the information to another entity without hindrance.
• Right to Deletion. You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions.
• Right to be Free from Discrimination. You have the right to be free from discrimination for exercising your rights under the CCPA.

Please be aware that under certain circumstances, the CCPA may limit your exercise of these rights.

Exercising Your Rights

Verifiable Consumer Requests: To the extent permitted by applicable law, you may have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. To exercise your rights of access, data portability, and deletion described above, please submit a verifiable consumer request to us by either:

• Calling us at: 1 800 688 3775
• Visiting: www.iea.net
• Emailing us at: viral.sampat@iea.net
• Email as communication.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: (1) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and (2) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request if we cannot verify your identity or authority to make the request. Making a request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format: We endeavor to respond to verifiable consumer requests within forty-five (45) days of receipt. If we require more time, we may take up to an additional forty- five (45) days to respond. We will inform you of the reason for the extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at our option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with your request, if applicable.

Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of Personal Information we collected about you;
• The categories of sources for the Personal Information we collected about you;
• Our business or commercial purpose for collecting that Personal Information;
• The categories of third parties with whom we share that Personal Information;
• The specific pieces of Personal Information we collected about you; and
• If we disclosed your Personal Information for a business purpose, a separate list of disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

For deletion requests, we will delete your Personal Information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us pursuant to enumerated exceptions detailed in the CCPA.

We do not charge a fee to process a verifiable consumer request, unless it is excessive, repetitive, or manifestly unfounded. If a request warrants a fee, we will provide you with an explanation and a cost estimate for completing your request.

Additional California Privacy Rights

California’s “Shine the Light” law permits users of the Services that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please contact us at the contact information provided below.

Data Security

The Services use commercially reasonable security measures to protect Your Information. However, no data transmitted over, or accessible through, the internet can be guaranteed to be 100% secure. As a result, while we attempt to protect Your Information, we cannot ensure or warrant that Your Information will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network.

Spam

We do not participate in bulk email solicitations that you have not consented to receiving (i.e., “spam”). We do not sell or disclose customer lists or email address lists to unrelated third parties. Except as otherwise provided herein, we do not share Personal Information with any third party advertisers.

Modifications

This Privacy Policy was last reviewed and modified as of the Effective Date first printed above. Please note that we may update this Privacy Policy from time-to-time in our sole discretion. It is your responsibility to review this Privacy Policy for any changes each time that you use the Services.

External Links

The Services may contain links to other websites. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on external websites, even if one or more pages of the external websites are framed within a page of the Services. Please be aware that we are not responsible for the privacy practices or policies of such other websites.

Accessing and Updating Information

If you ever wish to access Your Information or have Your Information deleted, updated, changed, or modified, you may do so by contacting us at the contact information provided below. To cancel your account and have your information returned to you, please contact us at the contact information provided below. We will make commercially reasonable efforts to handle requests to update or modify Your Information within thirty (30) days.

Contact for More Information

If you would like to contact us with questions or comments concerning the accuracy and/or privacy of Your Information, or if you believe that we have not adhered to this Privacy Policy, please notify us by contacting the following:

Attn: Viral Sampat

Infrastructure & Energy Alternatives 6325 Digital Way
Suite 460
Indianapolis, IN 46278 

Website: www.iea.net 
Phone: 1 (800) 688-3775
Email: viral.sampat@iea.net

We welcome your questions and comments.