Moxy Solutions, LLC Privacy Policy for California Residents

Effective Date: September 4, 2025

Last Updated: September 4, 2025

This California Privacy Policy (“Policy” or “Privacy Policy”) describes how Moxy Solutions, LLC (“Moxy,” “Company,” “we,” “our”, or “us”) collect and process personal information about our consumers who reside in California. The California Consumer Privacy Act (“CCPA”) requires us to provide our California consumers with a privacy policy that contains a comprehensive description of our online and offline practices regarding our collection, use, sharing, and retention of their personal information, along with a description of the rights they have regarding their personal information. This Privacy Policy provides the information the CCPA requires, together with other useful information regarding our collection and use of personal information. Any terms defined in the CCPA have the same meaning when used in this Policy.

This Privacy Policy does not apply to our collection and use of personal information in an employment capacity. Employees, job applicants, contractors, interns, or other workers seeking more information our employment-related personal information policies and practices should contact our Human Resources department at sarnett@apcisg.com.

This Privacy Policy does not apply to our collection and use of personal information from residents outside of California. Consumers residing in other locations should see our general privacy notice at: https://moxysolutions.com/privacy-policy/.

Personal Information Collected

We collect and use information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information“). Personal information does not include:

• Publicly available information, including from government records, through widely distributed media, or that the consumer made publicly available without restricting it to a specific audience.
• Lawfully obtained, truthful information that is a matter of public concern.
• Deidentified or aggregated consumer information.

Personal Information Categories Chart

The chart below identifies which categories of personal information we collected from our consumers within the last 12 months and the expected retention period.

 

Category	Examples	Collected	Maximum Retention Period
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.	YES	7 years
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records“).	Demographic information, including name, address (such as home address, work address, or other address), email address, phone number, cellphone number, and other contact information you provide us. Some personal information included in this category may overlap with other categories.	YES	7 years
C. Automobile Information.	Vehicle year, make, model, and Vehicle Identification Number (VIN).	YES	7 years
D. Commercial information.	Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES	7 years
E. Internet or other similar network activity.	Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites.	YES	7 years
F. Geolocation data.	Physical location or movements, such as the time and physical location related to use of our internet website, application, or device, and GPS location data from mobile devices of consumers who visit our websites or use our mobile apps.	YES	7 years
G. Sensory data.	Audio, electronic, visual, or similar information, including customer service and/or claims center call monitoring.	YES	7 years

Sources of Personal Information

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you, such as from the forms or other information you provide to the Company.
• Indirectly from you, such as from your interactions with the Company’s websites, mobile applications, or social media platforms.
• From our service providers, such as order fulfillment and shipping providers, customer service support providers, data analytics providers, data brokers, or advertising networks.
• Government databases.

How We Use Personal Information

Personal Information Collection, Use, and Disclosure Purposes

We may use and disclose the personal information we collect to advance the Company’s business and commercial purposes, specifically to:

• Develop, offer, and provide you with our products and services.
• Meet our obligations and enforce our rights arising from any contracts with you, including for billing or collections, or to comply with legal requirements.
• Fulfill the purposes for which you provided your personal information or that were described to you at collection, and as the CCPA otherwise permits.
• Improve our products or services, marketing, or customer relationships and experiences.
• Invoice and collect payment from you.
• Respond to your requests and questions.
• Test, research, analyze, and develop products.
• Notify you about changes to our products or services.
• Administer our systems and conduct internal operations, including for troubleshooting, data analysis, testing, research, statistical, and survey purposes.
• Enable your participation in our websites’ or mobile apps’ interactive, social media, or other similar features.
• Protect our Company, employees, or operations.
• Measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you.
• Make suggestions and recommendations to you and other consumers about our goods or services that may interest you or them, including developing profiles.
• In any way we may describe when you provide the information.
• Manage your consumer relationship with us, including for:
  • online account creation, maintenance, and security; and
  • reaching you, when needed, about your account.
• Perform data analytics and benchmarking.
• Administer and maintain the Company’s systems and operations, including for safety purposes.
• Engage in corporate transactions requiring review of consumer records, such as for evaluating potential Company mergers and acquisitions.
• Comply with all applicable laws and regulations.
• Exercise or defend the legal rights of the Company and its employees, affiliates, customers, contractors, and agents.
• Respond to law enforcement requests and as required by applicable law or court order.

 

Additional Categories or Other Purposes

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. If required by law, we will also seek your consent before using your personal information for a new or unrelated purpose.

We may collect, process, and disclose aggregated or deidentified consumer information for any purpose, without restriction. When we collect, process, or disclose aggregated or deidentified consumer information, we will maintain and use it in deidentified form and will not to attempt to reidentify the information, except to determine whether our deidentification processes satisfies any applicable legal requirements.

 

Disclosing, Selling, or Sharing Personal Information

 

Business Purpose Disclosures

We may disclose the personal information we collect to third parties for the business purposes described in the Personal Information Collection, Use, and Disclosure Purposes section and in the table below, such as to engage third parties to support our business functions. For example, we may disclose information from your visits to the Company’s website to a cybersecurity consultant to help secure the website or disclose your address to our shipping carrier to deliver your order.

We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, prohibit using the disclosed information for any purpose except performing the contract, and meet the CCPA’s other contract requirements for engaging service providers or contractors.

The chart below identifies the categories of entities to whom we have disclosed our consumers’ personal information for a business purpose over the preceding 12 months, along with the personal information categories disclosed and the disclosure’s business purposes.

Business Purposes Disclosure Recipient Category, Personal Information Category, and Purposes Chart

 

Category of Business Purpose Disclosure Recipients	Personal Information Categories Disclosed	Business Purpose Disclosures
Order Fulfillment and Shipping Providers	A. Identifiers. B. California Customer Records. C. Automobile information. D. Commercial information.	To deliver products you purchased from us.
Customer Service Support Providers	A. Identifiers. B. California Customer Records. C. Automobile information. D. Commercial information. E. Internet or other similar network activity. G. Sensory data.	To support customers with using our products and services, including online account management and troubleshooting.
Advertising networks	A. Identifiers. B. California Customer Records. C. Automobile information. D. Commercial information. E.  Internet or other similar network activity. F. Geolocation data. G. Sensory information.	To deliver location-based advertising.
Information technology service providers	A. Identifiers. B. California Customer Records. C. Automobile information. D. Commercial information. E.  Internet or other similar network activity. F. Geolocation data. G. Sensory information.	To engage internet technology service providers to improve the Company’s products and services and to ensure the privacy and security of the Company’s data.

Selling or Sharing Personal Information

We do not sell your personal information to third parties and have not sold it in the preceding 12 months. We do not share your personal information with third parties for cross-context behavioral advertising purposes and have not shared your personal information in the preceding 12 months.

Our personal information sharing does not include information about consumers we know are under age 16.

Your Rights and Choices

If you are a California resident, the CCPA grants you the following rights regarding your personal information:

Right to Know and Data Portability Requests

You have the right to request that we disclose certain information to you about our collection and use of your personal information (the “right to know“), including the specific pieces of personal information we have collected about you (a “data portability request“). Our response will cover the 12-month period preceding the request, although we will honor requests to cover a longer period that do not extend past September 4, 2024, unless doing so would be impossible or involves disproportionate effort. You may make exercise your right to know twice within in any 12-month period. Once we receive your request and confirm your identity (see How to Exercise Your Rights), we will disclose to you:

• The categories of:
  • personal information we collected about you; and
  • sources from which we collected your personal information.
• The business or commercial purpose for collecting your personal information and, if applicable, sharing your personal information.
• If applicable, the categories of persons, including third parties, to whom we disclosed your personal information, including separate disclosures identifying the categories of your personal information that we:
  • disclosed for a business purpose to each category of persons; and
  • shared to each category of third parties.
• When your right to know submission includes a data portability request, a copy of your personal information subject to any permitted redactions.

For more on exercising this right, see Exercising the Rights to Know, Delete, or Correct.

Right to Delete and Right to Correct

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions and limitations (the “right to delete“). Once we receive your request and confirm your identity, we will delete your personal information from our systems unless an exception allows us to retain it. We will also notify our service providers, contractors, and other recipients to take appropriate action.

If you request that we delete your personal information, our deletion of your personal information could make it difficult or impossible for us to verify that you have product warranty, vehicle protection product warranty, vehicle service contract, or guaranteed asset protection product coverage in the future.  If you make a claim under such product warranty, vehicle protection product warranty, vehicle service contract, or guaranteed asset protection product and we are unable to verify your coverage, then your claim may be denied.  

You also have the right to request correction of personal information we maintain about you that you believe is inaccurate (the “right to correct“). We may require you to provide documentation, if needed, to confirm your identity and support your claim that the information is inaccurate. Unless an exception applies, we will correct personal information that our review determines is inaccurate and notify our service providers, contractors, and other recipients to take appropriate action.

For more on exercising these rights, see Exercising the Rights to Know, Delete, or Correct.

Personal Information Sales or Sharing Opt-Out and Opt-In Rights

You have the right to request that businesses stop sharing your personal information at any time (the “right to opt-out“), including through a user-enabled opt-out preference signal.

We cannot share your personal information after we receive your request to opt-out unless you later consent to the sharing of your personal information. For more on exercising your opt-out rights, see Exercising the Right to Limit or Opt-Out.

Right to Non-Discrimination

You have the right not to be discriminated or retaliated against for exercising any of your privacy rights under the CCPA.

How to Exercise Your Rights

Exercising the Rights to Know, Delete, or Correct

To exercise the right to know, data portability, delete, or correct described above, please submit a verifiable request to us by either:

• Calling us at 1-800-218-7709.
• Emailing us at helpdesk@moxysolutions.com
• Visiting https://moxysolutions.com/contact-us/

Please describe your request with sufficient detail so we can properly understand, evaluate, and respond to it. You or your authorized agent may only submit a request to know, including for data portability, twice within a 12-month period.

Exercising the Right to Limit or Opt-Out

You can submit your request to limit or opt-out through:

• Calling us at 1-800-218-7709.
• Emailing us at helpdesk@moxysolutions.com
• Visiting https://moxysolutions.com/contact-us/

Verification Process and Authorized Agents

Only you, or someone legally authorized to act on your behalf, may make a request to know, delete, or correct related to your personal information. We may request specific information from you or your authorized representative to confirm your or their identity before we can process your right to know, delete, or correct your personal information.

We cannot respond to your request to know, delete, or correct if we cannot verify your identity or authority to make the request and confirm the personal information relating to you. We will only use personal information provided in the request to verify the requestor’s identity or authority to make the request.

For requests to limit or opt-out, we ask for the information necessary to complete the request, which may include, for example, the consumer’s name, email address, or account username.

Responding to Your Requests to Know, Delete, or Correct

We will confirm receipt of your request within ten business days. If you do not receive confirmation within the ten-day timeframe, please contact helpdesk@moxysolutions.com .

We endeavor to substantively respond to a verifiable request within 45 days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response to your verified email address or as otherwise reasonably requested by you. Our substantive response will tell you whether or not we have complied with your request. If we cannot comply with your request in whole or in part, we will explain the reason, subject to any legal or regulatory restrictions. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, deleted, or made your personal information anonymous in compliance with our record retention policies and obligations.

Any disclosures we provide will cover information for the 12-month period preceding the request’s receipt date. We will consider requests to provide a longer disclosure period that do not extend past September 4, 2024, unless providing the longer timeframe would be impossible or involves disproportionate effort.

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Response and Timing on Rights to Limit or Opt-Out

In response to your request to limit or opt-out, we will process your request, as soon as feasibly possible, but no later than 15 business days from the date we receive the request. We will only use personal information provided from your request to comply with the request.

We will also notify our service providers, contractors, and certain other downstream recipients of your request to limit or opt-out and instruct them to both:

• Comply with your request.
• Forward the request to their own downstream recipients, if applicable.

Moxy will take reasonable steps to transmit such requests but is not responsible or liable for the actions, omissions, or compliance of any service provider, contractor, or downstream recipient.  We may deny opt-out requests if we have a good-faith, reasonable, and documented belief that the request is fraudulent and will clearly explain our denial decision to the requestor.

How We Protect Your Personal Data

We use commercially reasonable administrative, physical, and technical measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, e-mail, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk.

The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access.

Privacy Policy Changes

We reserve the right to update this Privacy Policy at any time. If we make any material changes to this Privacy Policy, we will update the policy’s effective date and post the updated policy on our website at https://moxysolutions.com/california-privacy-policy/. We encourage you to check https://moxysolutions.com/california-privacy-policy/ to review the current Privacy Policy in effect.

Contact Information

If you have any questions or comments about this policy, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 1-800-218-7709

Website: https://moxysolutions.com/contact-us/

Email: helpdesk@moxysolutions.com

Postal Address:

Moxy Solutions, LLC

Attn: Legal Department

27261 Los Ramblas, Suite 200

Mission Viejo, CA 92691

 

If you need to access this Privacy Policy in an alternative format due to a disability, please contact helpdesk@moxysolutions.com