California Privacy Rights

THE WHITE COAT INVESTOR – CALIFORNIA PRIVACY POLICY

(updated 1-30-2024)

This California Privacy Policy for California residents (“California Privacy Policy”) supplements the information contained in the Privacy Policy for WCI Operations, LLC and its affiliates (“WCI,” “we,” “us,” or “our”). This California Privacy Notice applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”) when you visit WCI’s websites, www.whitecoatinvestor.com, www.wcicourses.com, www.studentloanadvice.com, forum.whitecoatinvestor.com, shop.whitecoatinvestor.com, www.wcievents.com, and/or www.whitecoatinsurance.com (individually and collectively “Website”), or otherwise use our services (“Services”), listed below:

  • our Website and any site of ours that links to our general Privacy Policy or our California Privacy Policy,
  • our pages or ads on social media networks,
  • engagement with us in other ways, including, for example, sales, marketing, podcasts, blogs, courses, emails, conferences, or newsletters, and
  • anywhere we gather information from you and refer you to our general Privacy Policy or our California Privacy Policy.

We adopt this California Privacy Policy to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this California Privacy Policy.

By visiting our Website or using our Services, you agree with our collection, use, and disclosure practices and other activities as described in this California Privacy Policy. Please note that this California Privacy Policy does not apply to any third-party sites that might be linked to, or accessible from, our Website or our Services.

Questions or concerns? Reading this California Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not visit our Website or use our Services. If you have any questions or concerns, please contact us at [email protected].

Special notice for international users: please be aware that this Website and these Services are operated from the United States. If you are visiting this Website or using our Services from outside the United States, any information we obtain through the Website or its Services will be transferred to, processed in, and stored in the United States. The data protection laws and regulations applicable to your personal information transferred to the United States may be different from the laws in your country of residence.

  1. Information we collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C. Protected classification characteristics under California or federal law. Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). YES
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. NO
F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data. Physical location or movements. NO
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. YES
I. Professional or employment-related information. Current or past job history or performance evaluations. NO
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. NO

Personal information does not include:

  • Publicly available information from government records
  • De-identified or aggregated consumer information
  • Information excluded from the CCPA’s scope, like:
    • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data
    • Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA), or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994

We obtain the categories of personal information listed above from the following categories of sources:

  • Personal information you provide to us. In some circumstances, you may elect to provide us with certain personal information when you choose to interact with us through our Website or use of our Services. The personal information you may submit through our Website or use of our Services includes your name, address, phone number, email address, birth date, billing information, delivery information, credit card and other payment information, demographic information, employment information, and any other information you may choose to provide. How you interact with and use our Website and/or our Services determines which information is collected.
  • Information collected automatically. When you visit the Website or use our Services, we may collect certain information automatically from your device using tracking technologies without you taking specific actions to give us the personal information. Typically, this information will be related to your use of the Website or our Services, like pixel tags, first- and third-party cookies, and other tracking tools that will recognize data that may include your IP address, device type, unique device identification numbers, browser type, operating system, advertising identifiers, and other technical information. We may also collect information about how your device interacted with our Website or Services, which helps us analyze users’ practices and preferences.
  • Personal information collected from other sources. We may obtain some personal information about you from our vendors, affiliates, and business partners.
  1. How we use the collected personal information

We may collect and use the information collected for the following purposes:

  • To fulfill or meet the reason for which the information is provided
  • Provide services and products
  • Respond to your questions and other requests for information made through the Website or through our Services
  • Send invitations to webinars, podcasts, conferences, meetings, or other events that we think may be of interest to you
  • Send our newsletter or other communications that you have requested or that may be of interest to you
  • Process any registration and manage your account through an online portal
  • Facilitate your use of the Website and our Services, including by tailoring Website and Services features to you and improving your Website and Services experience
  • Serve you advertisements or conduct other marketing activities
  • Enhance, improve, or modify the Website and our Services, perform data analytics, identify usage trends, determine the effectiveness of our promotional campaigns, diagnose technical problems, and operate and expand our business activities
  • Prevent and address fraud, breaches of policies or terms, and other harm
  • Perform other functions as otherwise described at the time of personal information collection
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

  1. Sharing personal information

We may disclose personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

  • Category A: Identifiers
  • Category B: California Customer Records personal information categories
  • Category C: Protected classification characteristics under California or federal law
  • Category D: Commercial information
  • Category F: Internet or other similar network activity
  • Category H: Sensory Data

We disclose your personal information for a business purpose to the following categories of third parties:

  • Service providers, business partners, printing and mailing companies, marketing and advertising service providers, data processing services, IT providers, suppliers, subcontractors, payment processors, and other parties who provide services to us or act on our behalf so that they can assist us with the provision, upkeep, and maintenance of the Website, our Services, and other related activities
  • Third parties that we are affiliated with to provide marketing, services, and resources
  • Legal compliance, governmental agencies, regulatory bodies, law enforcement, or other parties in order to comply with laws, regulations, court orders, or other legal obligations, or to assist in investigations and help prevent other harms, when we believe it is necessary or appropriate under applicable laws
  • Sale, merger, and other corporate transactions, in connection with a business transaction, including negotiations of such transactions, including but not limited to corporate reorganization, sale, merger, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business assets
  • Fraud prevention and protection of legal rights when we believe it is necessary to enforce our terms and conditions; to investigate, prevent, or respond to suspected illegal or fraudulent activity; to protect the safety, rights, or property of WCI or of our affiliates, users, or others; to exercise or protect legal rights or defend against legal claims; or to allow us to pursue available remedies or limit the damages that we may sustain
  • Other third-parties to whom you or your agents authorize us to disclose your personal information

In the preceding twelve (12) months, we have not sold any personal information.

  1. Your rights and choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to specific information and data portability rights. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months by contacting us at [email protected]. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you
  • The categories of sources for the personal information we collected about you
  • Our business or commercial purpose for collecting that personal information
  • The categories of third parties with whom we share that personal information
  • The specific pieces of personal information we collected about you (also called a data portability request)

Deletion request rights. You have the right to request that we delete any of your personal information we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities
  • Debug products to identify and repair errors that impair existing intended functionality
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.)
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us
  • Comply with a legal obligation
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it

Exercising access, data portability, and deletion rights. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by email at [email protected].

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response timing and format. We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to the registered email associated with the account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

  1. Non-discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you use of our Services
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
  • Provide you a different level or quality of our Services
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services
  1. Children’s privacy and appropriateness of content

Our Website and Services are not intended for, nor targeted to, children, and we do not knowingly collect any personal information from children under 16. If you learn that a child has provided us with Personal Information, then you may contact us through the “Contact Us” section below. If we become aware that an individual submitting information is under 16, we will delete the information in accordance with applicable law.

  1. Authorization to contact

By visiting the Website, using our Services, or providing your personal information to us, you agree that your action constitutes a purchase, inquiry, and/or application for purposes of telemarketing laws. Regardless of the fact that your telephone and/or mobile number may be listed with the Federal Do-Not-Call Registry or your State Do-Not-Call list, you are providing your express written consent to receive future information (including telemarketing) about products and services from us, and you hereby agree and consent to being contacted by us using the information you provided and will provide to WCI. This means we may contact you by e-mail, phone and/or mobile number (including use of automated dialing equipment and/or pre-recorded calls), text (SMS) message, social networks, or any other means of communication that your wireless or other telecommunications device may be capable of receiving (e.g., video, audio, etc.). You further acknowledge that you are not required to agree directly or indirectly or enter into an agreement regarding our telemarketing efforts as a condition of purchasing any services from us.

  1. User-Generated Content

The Website and our Services include features such as message boards, blogs, social networks, and comment boards that facilitate the submission and publication by its users of content, including comments, questions, ideas, suggestions, photos, videos, and links (“User-Generated Content”). In addition to the other policies contained herein, the following policies apply to User-Generated Content.

  • Content policy

User-Generated Content that we determine, in our sole and exclusive discretion, to be offensive, inappropriate, or not otherwise keeping with the spirit of the Website and our Services (including but not limited to spam, advertising, off-topic content, content containing vulgar or offensive language, images, or links, or content that may violate the rights of others) may be removed. We also reserve the right, in our sole and exclusive discretion, to block users for violation of our policies.

  • Use authorization

By submitting or uploading User-Generated Content on our Website or our Services, you are authorizing WCI to use, publish, and otherwise reproduce, modify, and distribute such User-Generated Content with or without the user’s name or the name of your minor children in perpetuity, worldwide in any and all WCI-related media for any lawful purpose. Such use may include, without limitation, information, education, promotion, or advertising of WCI or its products or services via the internet, websites, mobile apps, and social media. Users are not authorized to upload or post any photos or videos of individuals other than the user without the permission of such other individuals (or their parent’s or legal guardian’s permission if a minor). By submitting any User-Generated Content, you represent and warrant that you own such User-Generated Content and that its submission to and publication on the Website or our Services will not violate any rights of third parties or otherwise violate applicable laws.

  • Treatment of User-Generated Content

All User-Generated Content will be treated as non-confidential and non-proprietary. Any submitted User-Generated Content becomes the property of WCI without remuneration or other form of compensation to the user. We may reproduce such User-Generated Content freely and for any purpose. Without limiting the generality of the foregoing, we may use any ideas, artwork, inventions, developments, or concepts embodied or contained in any User-Generated Content.

  1. Linking to other sites or services

From time to time, we may provide links to other websites or services not owned, operated, or otherwise controlled by WCI. These may include social networking platforms such as Facebook, LinkedIn, Reddit, Pinterest, Instagram, X (Twitter), or TikTok, which may permit interactions that you initiate between the Website or our Services and the social networking platform. We do this because we believe such information might be of interest or use to you or where we can provide you with value-added services. While we do our best to ensure your privacy, we cannot be responsible or liable for the content or privacy policies of other websites or services that it does not control. A link to a non-WCI website does not constitute an expressed or implied endorsement by WCI. Additionally, we cannot guarantee the quality or accuracy of information presented on non-WCI websites. We encourage you to carefully review the privacy practices of any linked website or service you visit and discontinue use of any website or service if you do not agree to its privacy policy or terms of service.

  1. How we keep your personal information secure

We use appropriate technical and organizational measures to protect the personal information that we collect and process through the Website and our Services. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Where we share data with third parties pursuant to contracts with those parties, the security of your personal information provided to such third parties is the responsibility of those third parties. We cannot guarantee that such data will be kept secure by the third parties; you are encouraged to consult the data security policies of those third parties and to discontinue the use of those third parties’ website or services if you do not agree to their policies.

  1. Data storage, security, and retention

We take reasonable technical, organization, and administrative measures to protect personal information collected through the Website and our Services against unauthorized or unlawful processing and against accidental loss, destruction, or damage. However, because transmission is via the Internet and online digital storage is not completely secure, we cannot guarantee the security of any information we may have collected from or about you through the Website or our Services.

We retain personal information collected from you when there is an ongoing legitimate business need to do so (for example, to provide you with a service you have requested, to execute on our marketing strategies, etc.).

When WCI has no ongoing legitimate business need to possess your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

  1. Use of cookies and tracking technologies

We use cookies and other types of tracking technologies (collectively, “Cookies”) on the Website and our Services to collect and analyze information about visitors’ interactions with the Website and our Services. The Cookies we use are placed by us or by our vendors. We and our vendors may link the information collected by Cookies to other information collected about you.

What are Cookies? A cookie is a small text file saved by your internet browser when you visit a website. Cookies may carry out various functions; for example, they may (1) store information to help our Site function properly; (2) recognize your device when you visit our Site again; and/or (3) help us understand your use of our Site over time. We may use cookies to:

  • enhance your experience on our Website or our Services by improving navigation speed;
  • recognize your preferences, so that you do not need to enter the information each time you visit the Website or our Services;
  • customize your browsing experience on our Website or our Services by showing you information more likely to be relevant to you; or
  • learn about your visit to our Website or our Services, for example, by collecting information about which pages on our Website or Services you viewed or links you clicked and how you interacted with our content during your visit or over multiple visits.

We may use a type of tracking technology called web beacons (or pixel tags or clear GIFs). Web beacons are an often invisible way to see if someone has used or accessed certain content. We primarily use web beacons to help us understand which areas of our Website or our Services are most popular with our visitors and to improve and update the content on our Website or our Services in response. Additionally, web beacons can help us measure the effectiveness of our advertising, for example, by counting the number of individuals who visit our Website or Services or click a link within it.

We also may use tracking scripts. A tracking script is piece of programming code designed to collect information about your interactions with the Website or our Services. It is temporarily downloaded onto your device and is active while you are connected to the Website or our Services. The tracking script is typically deleted or deactivated thereafter.

What information do Cookies collect and store? Cookies frequently store the name of the website and a unique ID associated with your browser or device. This information allows the relevant website to retrieve or provide the correct information. Each Cookie, for example, retrieves information it stores or provides information related to the Cookie.

Cookies are typically used to collect and store your personal preferences (such as your time zone or font size preferences), information needed to authenticate you as a valid website visitor, your IP address, the type of device you use and its operating system, and information about your use of a website, such as the links you click, how often you visit the website, and how you arrive at the website.

How do you opt out of Cookies? Depending on your browser and geographical location, you may be able to block the use of Cookies when you visit our Website or our Services. Please note that blocking some types of Cookies may adversely affect your ability to use our Website or our Services, or hinder certain functionality on the Website or our Services.

  • Opting Out of Cookies Using a Browser – You may be able to disable Cookies using your browser settings. Please review your browser’s instructions, or visit All About Cookies (an unaffiliated website) for general information. Your browser settings may allow you to transmit a “Do Not Track” signal when you visit websites. Given the current lack of industry consensus regarding “Do Not Track” signals, our Site does not currently recognize them.

Vendor-specific disclosures. You may choose whether to permit Cookies from Google Analytics by using Google’s Opt-Out Browser Add-On. You may visit Google’s privacy policy for additional information about how Google collects and uses personal information from the Google products we use, such as Google Analytics and the YouTube Player. Please note that if you use the YouTube Player through our Website or Services, you remain bound by YouTube’s terms of service.

  1. Do-not-track features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

  1. Your choices and your data protection rights

If you no longer want to receive emails or marketing-related materials from us, you may opt out of receiving these materials by following the unsubscribe or “opt out” instructions in such messages or by contacting us as indicated in the “Contact us” section below. To opt out of other forms or marketing (such as postal marketing or telemarketing), please contact Customer Service in the “Contact us” section below. Please note that even if you opt out of receiving promotional emails from us, we may continue to send you transactional or informational communications, including via email.

If we have collected and possess your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any collection or use prior to your withdrawal, nor will it affect your personal information used in reliance on lawful grounds other than consent.

You have the right to opt-out from receiving text alerts that you previously opted in to receive. You can unsubscribe from delivery of text alerts by following the instructions in any such text message.

We will respond to all requests wishing to exercise their data protection rights in accordance with applicable data protection laws.

  1. Changes or updates to this California Privacy Policy

We may amend or update this California Privacy Policy or other Terms of Use at any time. You should check this page regularly to review changes to the California Privacy Policy. Any such revision, modification or amendment shall be effective immediately upon either posting it to the Website or otherwise notifying you. Your continued use of the Website and/or our Services after we have posted changes to this California Privacy Policy will indicate that you agree with our changes. If any change to this California Privacy Policy is unacceptable to you, please discontinue your use of the Website and/or our Services.

  1. Contact us

If you have any questions or concerns regarding this California Privacy Policy or our personal information handling practices, please contact Customer Support at the following:

E-mail: [email protected]

Postal address:
PO Box 520421
Salt Lake City, UT 84152