Birdstone takes your privacy very seriously. Please read this Privacy Policy carefully as it contains important information on who we are and how and why we collect, store, use, and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use, and are responsible for certain personal information about you. When we do so we are subject to various laws in the United States and we are responsible as “controller” of that personal information for the purposes of those laws.

1. Key Terms. “We” or “us” or “our” refers to Birdstone. David Lighty, is our data protection officer and can be reached by mail at Birdstone, 7825 Fay Ave, STE 200, San Diego, CA 92109 or by email at

2. Personal Information We Collect About You. We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:

  • Audio/video/visual information such as photographs, recorded calls, voicemails, and video.
  • Customer records as defined under California Civil Code section 1798.80(e), such as digital and electronic signatures, telephone numbers, insurance policy numbers, credit and credit card numbers, financial and credit-related information, physical characteristics and descriptions (e.g., government identification), bank account numbers, and medical and health insurance information.
  • Biometric information such as voice recordings of telephone conversations.
  • Sensory data such as audio information from voicemail messages and/or recorded phone calls with consent.
  • Personal identifiers such as real name, alias, postal address, IP address, email address, online identifier, social security number, driver’s license number, credit information, cookies, pixel tags, and similar identifiers.
  • Inferences that can create a profile about you reflecting your service preferences, psychological trends, predispositions, purchasing tendencies, and behaviors.
  • Internet and network activity such as interactions with our website, applications, and advertisements, your IP address, and the dates and times you access our website.
  • Professional/employment such as job title, occupation, company or business name, and employment history information.
  • Protected classes under California or federal law, such as gender, age, and veteran status.

This personal information is required to provide services to you. If you do not provide the personal information we ask for, it may delay or prevent us from providing services to you.

3. How Your Personal Information is Collected. We collect most of this personal information directly from you—in person, by telephone, text, or email and/or via our website. However, we may also collect information:

  • From publicly accessible sources (e.g., property records);
  • Directly from a third party (e.g., customer due diligence providers);
  • From a third party with your consent (e.g., your bank);
  • From cookies on our website; and
  • Via our IT systems, including door entry systems and reception logs; automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV, and access control systems, communications systems, email, and instant messaging systems.

4. How and Why We Use Your Personal Information. Under data protection laws, we can only use your personal information if we have a proper reason for doing so, for example:

  • To comply with our legal and regulatory obligations;
  • For the performance of our engagement with you or to take steps at your request before entering into a contract;
  • For our legitimate interests or those of a third party; or
  • Where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We use the categories of personal information listed above for one or more of the following business purposes:

  • Advertising and Marketing:  To send advertisements and marketing material via physical and electronic mail relating to our services.
  • Counting Ad Impressions and Website Interactions:  To audit interactions with our website, count ad impressions to unique visitors, verify position and quality of ad impressions, and perform similar activities.
  • Client Service:  To provide client service, respond to your inquiries, provide training for quality assurance purposes, and perform similar activities.
  • Defend Against Claims:  To defend or respond to potential or actual claims or litigation.
  • Fraud Prevention:  To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to prosecute those responsible for that activity.
  • Processing Transactions:  To process or fulfill transactions, verify client information, process payments, and perform similar activities.
  • Safety:  To protect the safety, security, and legal rights of our clients and third-party service providers.
  • Services:  To process, complete, and maintain records on the services we provide.
  • Other Purposes:  To fulfill any other purpose for which you provide information to us or to which you consent.

5. Promotional Communications. We may use your personal information to send updates to you by email, text message, telephone, or mail about our services. We have a legitimate interest in processing your personal information for promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.

We will always treat your personal information with the utmost respect and never sell OR share it with other organizations for marketing purposes. You have the right to opt-out of receiving promotional communications at any time by:

  • Contacting us at; or
  • Using the “unsubscribe” link in emails or “STOP” number in texts or emails.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.

6. With Whom We Share Your Personal Information. We routinely share personal information with:

  • Service providers we use to help deliver our services to you, such as payment service providers and mail carriers;
  • Other third parties we use to help us run our business, such as marketing agencies or website hosts;
  • Our insurers and brokers;
  • Our banks.

We only allow our service providers to handle your personal information if we are satisfied that they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you. We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

7. Where Your Personal Information is Held. Information may be held at our offices and those of our third-party agencies, service providers, representatives, and agents as described above.

8. How Long Your Personal Information Will Be Kept. We will keep your personal information while we are providing services to you. Thereafter, we will keep your personal information for as long as is necessary:

  • To respond to any questions, complaints, or claims made by you or on your behalf;
  • To show that we treated you fairly; or
  • To keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this Privacy Policy. Different retention periods apply for different types of personal information.

9. Your Rights Under the CCPA. When Birdstone is subject to the California Consumer Privacy Act of 2018 (CCPA), you have the right under the CCPA and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Disclosure of Personal Information We Collect About YouYou have the right to know:

– The categories of personal information we have collected about you;
– The categories of sources from which the personal information is collected;
– Our business or commercial purpose for collecting personal information;
– The categories of third parties with whom we share personal information, if any; and
– The specific pieces of personal information we have collected about you.
– Please note that we are not required to:
– Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
– Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
– Provide the personal information to you more than twice in a 12-month period.
Personal Information Used for a Business PurposeIn connection with any personal information we may disclose to a third party for a business purpose, you have the right to know the categories of personal information that we disclosed about you for a business purpose.

You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt out of the disclosure of your personal information. If you exercise your right to opt-out of the disclosure of your personal information, we will refrain from disclosing your personal information, unless you subsequently provide express authorization for the disclosure of your personal information.
Right to DeletionSubject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

– Delete your personal information from our records; and
– Direct any service providers to delete your personal information from their records.
– Please note that we may not delete your personal information if it is necessary to:
– Complete the transaction for which the personal information was collected, provide a service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
– Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
– Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
– Comply with the California Electronic Communications Privacy Act;
– Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
– Comply with an existing legal obligation; or
– Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Protection Against DiscriminationYou have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

– Deny services to you;
– Charge different prices or rates for services, including through the use of discounts or other benefits or imposing penalties;
– Provide a different level or quality of services to you; or
– Suggest that you will receive a different price or rate for services or a different level or quality of services.

Please note that we may charge a different price or rate or provide a different level or quality of services to you if that difference is reasonably related to the value provided to our business by your personal information.

10. Keeping Your Personal Information Secure. We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality. We also have procedures in place to address any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

11. Information Automatically Collected. We also may collect certain information automatically when you visit our website (“Usage Information”), including:

  • Your browser type and operating system;
  • Your Internet Protocol (IP) address, which is the number automatically assigned to your computer whenever you access the Internet and that can sometimes be used to derive your general geographic area;
  • Geolocation information;
  • Other unique identifiers, including mobile device identification numbers;
  • Sites or mobile apps you used before and after using our website;
  • Pages you view and links you click on within our website;
  • Information collected through cookies, web beacons, and other technologies;
  • Information about your interactions with e-mail messages, such as the links clicked on and whether the messages were opened or forwarded; and
  • Standard Server Log Information.

Except to the extent required by applicable law, Birdstone does not consider Usage Information to be Personal Information. However, Usage Information may be combined with your Personal Information. To the extent that we combine Usage Information with your Personal Information, we will treat the combined information as Personal Information under this Privacy Policy.

We may use cookies, pixel tags, Local Shared Objects (sometimes referred to as “Flash Cookies”), and other technologies to automatically collect Usage Information:

Cookies, Pixel Tags, and Local Shared Objects

Cookies are small bits of information that are stored by your computer’s web browser. You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. However, if you choose to reject cookies, you may not be able to use certain online services or features on the website.

Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device.

Local Shared Objects (sometimes referred to as “Flash Cookies”) are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player.  Please note that you may need to take additional steps beyond changing your browser settings to refuse or disable Local Shared Objects and similar technologies.  For example, Local Shared Objects can be controlled through the instructions on Adobe’s Setting Manager page. If you choose to refuse, disable, or delete these technologies, some of the functionality of the website may no longer be available to you.

Embedded Scripts

An embedded script is programming code designed to collect information about your interactions with the website. It is temporarily downloaded onto your device from our web server or a third party with whom we work, is active only while you are connected to the website and deleted or deactivated thereafter.

Location-identifying Technologies

GPS (global positioning systems) software, geo-filtering, and other location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting relevant content based on your location.

Device Fingerprinting

Device fingerprinting is the process of analyzing and combining sets of information elements from your device’s browser, such as JavaScript objects and installed fonts, in order to create a “fingerprint” of your device and uniquely identify your device and applications.

In-App Tracking Methods

There are a variety of tracking technologies that may be included in mobile applications, and these are not browser-based like cookies and cannot be controlled by browser settings. Some use device identifiers, or other identifiers such as “Ad IDs” to associate app user activity to a particular app and to track user activity across apps. You can stop all collection of information via our mobile applications by uninstalling them. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain location-based services, by adjusting the permissions in your mobile device.

12. Social Networking Services. Birdstone may work with certain third-party social media providers to offer you their social networking services through our website. For example, you can use third-party social networking services, including but not limited to Facebook, Twitter, and others to share information about your experience on our website with your friends and followers on those social networking services.  These social networking services may be able to collect information about you, including your activity on our website. These third-party social networking services also may notify your friends, both on our website and on the social networking services themselves, that you are a user of our website or about your use of our website, in accordance with applicable law and their own privacy policies. If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services.

13. Links to Third Party Sites and Services. The website may contain links to other websites or online services that are operated and maintained by third parties and that are not under the control of or maintained by Birdstone. Such links do not constitute an endorsement by Birdstone of those other websites, the content displayed therein, or the persons or entities associated therewith. This Privacy Policy does not apply to this third-party content. We encourage you to review the privacy policies of these third-party websites or services.

14. Analytics and Advertising Tracking Technologies. We may allow third parties to place and read their own cookies, web beacons, Local Shared Objects, and other technologies to collect information through our website. For example, our third-party service providers may use these technologies to collect information (i) that helps us with traffic measurement, research, and analytics, and (ii) that is used to serve advertisements on our website and across the Internet and on other apps tailored to your apparent interests. To the extent we combine information from third-party services with Personal Information we collect directly from you on the website, we will treat the combined information as Personal Information under this Privacy Policy. Otherwise, the information collected and stored by third parties remains subject to their policies and practices, including whether they continue to share information with us, the types of information shared, and your choices on what is visible to others on third-party services.

We use Google Analytics, a web analytics service provided by Google, Inc. The cookies and other technologies used by Google may collect Personal Information, but Birdstone does not use Google Analytics to gather information that personally identifies you. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. You may exercise choices regarding the use of cookies from Google Analytics by going to or downloading the Google Analytics Opt-out Browser Add-on.

You may choose whether to receive interest-based advertising by submitting opt-outs. Some of the advertisers and service providers that perform advertising-related services for us and our partners may participate in the Digital Advertising Alliance (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. Some of these companies may also be members of the Network Advertising Initiative (“NAI”). You can also opt-out of interest-based advertising within mobile apps based on advertising identifiers on your device (for example, through cross-app tracking). Please be aware that, even if you are able to opt-out of certain kinds of interest-based advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain interest-based advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Birdstone is not responsible for the effectiveness of, or compliance with, any third parties opt-out options or programs or the accuracy of their statements regarding their programs.

Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, Birdstone currently does not take action in response to these signals.

15. How to Exercise Your Rights. If you would like to exercise any of your rights as described in this Privacy Policy, please contact us via the information provided below. Please note that you may only make a CCPA-related data access request twice within a 12-month period.

16. International Users. The website is directed toward users who reside in the United States. By using the website, you consent to the collection, storage, processing, and transfer of your information in and to the United States, or other countries and territories, pursuant to the laws of the United States. Some of these countries may not offer the same level of privacy protection as your own. Any such transfers will comply with safeguards as required by relevant law.

17. Changes to this Privacy Policy. We may change this Privacy Policy from time to time. When we do, we will inform you via our website or other means of contact such as email.

18. How to Contact Us. Our contact details are shown below:

  • Email us at; or
  • Write to us at Birdstone, 7825 Fay Ave, STE 200, San Diego, CA 92109.

19. Do You Need Extra Help? If you would like this Privacy Policy in another format (for example: audio, large print, braille) please contact us (see “How to Contact Us” above).