Privacy Policy

[Last Revised: February 20, 2025]

This Privacy Policy (“Privacy Policy”), describe how ryze beyond Ltd. (“Company“, “ryze”, “we”, “us” or “our”) collect and process certain information, including Personal Data (as defined below) when users (“user” or “you”) access, browse and interact with our website available at: https://ryzebeyond.com/ (“website”), and the rights you have with regards to your information.

This Privacy Policy is an integral part of our Terms of Use. Definitions used herein but not defined herein shall have the meaning ascribed to them in the Terms of Use.

We want to enable you to freely decide whether you wish to use our Services or provide us with any information which may be required or obtained, and therefore, we encourage you to read this Privacy Policy carefully and use it to make informed decisions.

Additional Information for Specific Jurisdictions

This Privacy Policy further includes or incorporates specific information required under applicable data protection laws for ‎residents of certain jurisdictions, among others:‎

If you are a located in the EEA or UK – this Privacy Policy further details our lawful basis for processing Personal Data, ‎information regarding cross border data transfer and your rights, as well as additional information we are required to ‎disclose to you under the EU/UK General Data Protection Regulations (“GDPR”). ‎

If you are a California resident – please review our CCPA Privacy Notice, which serves as a Notice at Collection as required ‎under the California Privacy Rights Act (“CCPA”) and further details the categories of information collected and additional ‎information regarding our privacy practices, including your rights. ‎

If you are a resident of certain states in the US – including Colorado, Connecticut, Virginia and Utah, please review paragraph ‎12 of this Privacy Policy – Additional Information for US Residents – for additional information about privacy rights for ‎residents of these U.S. jurisdictions.‎

You are not required by law to provide us with any Personal Data. Sharing your Personal Data with us is entirely voluntary. However, without your data, we would not always be able to provide you with all or some of our services.

1. POLICY AMENDMENTS

We reserve the right to amend this Privacy Policy from time to time, at our sole discretion. The most recent version of this Privacy Policy will always be posted on the website and the update date will be reflected in the “Last Revised” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Privacy Policy will become effective within 30-days upon the display of the modified Privacy Policy. We recommend you to review this Privacy Policy periodically to ensure that you understand our most updated privacy practices

2. DATA CONTROLLER INFORMATION & CONTACT INFORMATION

Ryze, incorporated under the laws of the State of Israel, is the “data controller” (as such term is defined under the GDPR or equivalent privacy legislation) of your Personal Data collected through this website. This basically means that when you access our website, we determine the types of Personal Data to be collected, the purposes for which we collect and use it and the means by which Personal Data is processed.

For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact as follows:

Data Protection Officer:

By Mail:

Ryze Beyond Ltd.

Yitzchak Sade 8, Tel Aviv, IL

By Email:

dpo@ryzebeyond.com

Data Protection Representative – For Data Subjects in The EU And UK:

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact.

Prighter Group provides you an easy way to exercise your privacy-related rights (e.g., requests to access or erase personal data). If you want to contact us via our representative, Prighter Group, or exercise your data subject rights, please visit the following website.

3. DATA COLLECTED BY RYZE & PURPOSE OF USE

We may collect two types of information from you, depending on your interaction with us.

The first type of information is non-identifiable and anonymous information (“Non-Personal Data”). We are not aware of the identity of the individual from who we have collected the Non-Personal Data. The Non-Personal Data which is being collected may include your aggregated usage information and technical information transmitted by your device such as: type of browser, internet service provider (ISP), operating system type and version, mobile network information, device settings (e.g., default language), etc.

The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”).
For the avoidance of doubt, any Non-Personal Data connected or linked to Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.The table below details the types of Personal Data we process, the purpose, lawful basis, and our processing operations:

DATA SET

PURPOSE AND OPERATIONS

LAWFUL BASIS

Online Identifiers

When you interact with our website, we may collect your online identifiers, such as unique ID, Cookie ID, and IP address (“Online Identifiers“).

We process Online Identifiers for operational and technical purposes, such as to enable the website to be uploaded, as well as fraud prevention and data security.

Strictly necessary cookies which are required for the proper and basic operation of the website, and will be processed based on our legitimate interest.

Other cookies data will be processed subject to your consent, provided through the cookie preference settings.

You may withdraw consent at any time by using the cookie preference settings as detailed in the Cookie section below

Contact Information

If you voluntarily contact us for support or other inquiries, you may be required to provide us with certain information such as your email address, phone number, and additional information you decide to share with us (“Contact Information“).

We will use your Contact Information solely for the purpose of responding to your inquiries.

Our correspondence with you may be processed and stored by us in order to improve our customer service and in the event we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable).

We process Contact Information subject to our legitimate interest.

Career

In the event you apply for a job via our website, we will process your CVs as uploaded by you, including your name, email address, phone number, information regarding your education and skills, employment history, and your photo (to the extent provided by you). In addition, we may collect further information from public and online sources, referees, and former employers and combine such data with your other data (“Recruitment Information“).

We will use your Recruitment Information to process your job application and for our internal recruitment management purposes, for further recruitment steps (e.g., interview), and to enable us to comply with corporate governance and legal and regulatory requirements.

Following the completion of the recruitment process, we may further retain and store the data (including other interactions with us under such process) as part of our internal record keeping, including for legal defense from any future claim, as well as, where we find applicable and subject to applicable law requirements, to contact you in the future for other job position we believe will suit your qualifications.

If you are hired by us, your data may be used in connection with your employment and our corporate management.

We may use third parties’ services and platforms to manage the recruitment process and to receive CV’s, such as Comeet’s recruitment services, which will process your data on our behalf.

We process Recruitment Information subject to our legitimate interest.

Please note, in the event, you send us your CV, your provision of Personal Data in connection with recruiting is voluntary, and you determine the extent of information you provide us.

In some cases, for example, where we will ask you to provide health related data or diversity and inclusion data, we will process these data based on your consent. You may always withdraw consent at any time by contacting us.

Newsletter

In the event you sign up to receive our newsletter or other marketing materials, you will be requested to provide your contact details, such as your email address.

We will use this information solely to provide you with the content that you have requested.

We process such information subject to your consent. You may withdraw consent at any time through the “unsubscribe” link within the email you will receive or by contacting us directly at: dpo@ryzebeyond.com.

If you unsubscribe, we further retain your email address however solely as part of our opt-out list, based on our legitimate interest and solely to ensure we comply with such preference and choice (meaning so we will know not to send you marketing materials).

Partner Form

In the event you are interested in our services and wish to become a partner of us, you may fill in the designated form available on the website (“Partner Form“). By filling the Partner Form, you will be required to provide us with certain information such as: name; company name, email, and website; business model; company size; phone number, and any additional information you decide to share with us (“Partner Information“).

We will use the Partner Information for the purpose of responding to your Partner Form and to examine the possibility of future collaboration.

We process Partner Information subject to our legitimate interest.

Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of Personal Data to third-party countries, as further detailed in the Transfer of Data section below, is based on the same lawful basis as stipulated in the table above.

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the website and to enforce our policies and agreements, as well as to protect the security or integrity of our databases and the website, and to take precautions against legal liability. Such processing is based on our legitimate interests.

4. HOW WE COLLECT INFORMATION

Depending on the nature of your interaction with the website, we may collect information as follows:

Automatically – we may use cookies (as elaborated below) or similar tracking technologies to gather some information automatically when you interact with our website.

Provided by you voluntarily – we will collect information if and when you choose to provide us with the information such as contact us communications, applying for a job, etc.

5. COOKIES & TRACKING TECHNOLOGIES

We use “cookies” (or similar tracking technologies) when you access the website or interact with the Services we offer. The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, for statistical purposes, as well as for advertising purposes. You can find more information about our use of cookies here: www.allaboutcookies.org.

In addition, please see our Cookies Settings page which details the cookies we use on are website, as well as enabling you to change your settings and preferences ant any time.

Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website and Services, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings. Additionally, you may opt out of certain advertisers’ cookies and browser-enabled, interest-based advertising.

Please note that once you choose to opt out or disable cookies, some features of the Services may not operate properly and your online experience may be limited. In addition, even if you do opt-out, you may still receive some content and advertising, however, it will not be targeted content or advertising.

Please note that, where we use third-party advertising cookies, such third-party may independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, as well as additional data sets, including to combine such information with other information they have independently collected relating to your online activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to your use and interaction with our website (for example, by using Microsoft cookie which will be also subject to Microsoft Privacy Statement), and the performance of our advertising campaign you interacted with. These third parties collect and use this information under their own privacy policies, and are responsible for their practices.

For additional information, please see the Your Rights Related to Your Personal Data section below.

6. SHARING PERSONAL DATA

We share your Personal Data with third parties, including our partners or service providers that help us provide our Services. You can find in the table below information about the categories of such third-party recipients.

CATEGORY OF RECIPIENT	DATA THAT WILL BE SHARED	PURPOSE OF SHARING
Trusted agents and service providers	All types of Personal Data	We may disclose Personal Data to our trusted agents and service providers (including, but not limited to, our Cloud Service Provider, our Analytics Service Provider, etc.) so that they can perform the requested services on our behalf. Thus, we share your data with third party entities, for the purpose of storing such information on our behalf or for other processing needs. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services.
Any acquirer of our business	All types of Personal Data	We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.
Enforcement of our rights and security detections.	All types of data	We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required.
Legal and law enforcement	Subject to law enforcement authority request.	We may share certain data when we believe it is appropriate to do so in order to comply with the law enforcement, governmental agencies or authorized third parties, or protect the rights, property, or security of ryze or others.

7. YOUR RIGHTS RELATED TO YOUR PERSONAL DATA

We respect your privacy and acknowledge that different users may have different privacy preferences. We enable you to exercise certain choices, rights, and controls in connection with your Personal Data that we hold. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to request certain limitations or rights to be executed.

The principal rights that may apply to your Personal Data (subject to your jurisdiction and additional conditions) may include:

Right to be informed, right to know	You have the right to be provided with information regarding our Personal Data collection and privacy practices. All is detailed under this Privacy Policy.
Right to access	You have the right to know which Personal Data we specifically hold about you, and receive a copy of such or access it. If you wish to receive a copy of the Personal Data, please submit a Data Subject Request form (“DSR”) form as available here.
Right to correction	You have the right to correct inaccuracies in your Personal Data, taking into account the nature and purposes of each processing activity. Please submit a DSR form as available here.
Right to be forgotten, right to deletion	You have the right to request the deletion of certain Personal Data we process, if specific conditions are satisfied, for example, if you think we no longer need to use it for the purpose we collected it; in the event that the collection was based on your consent; where we have used it unlawfully, or; where we are subject to a legal obligation to delete your Personal Data. Deletion request will be subject to our rights and obligations under applicable law (for example, our legitimate interests to maintain record keeping, completing transactions, providing a service that you have requested, taking actions reasonably anticipated within the context of our ongoing business relationship with you, fulfilling the terms of a written warranty, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; debugging; exercising right provided for by law; engaging in public or peer-reviewed scientific, historical, or statistical research in the public interest, etc.). You are not required to create an account with us to submit a deletion request. In order to exercise your right to deletion please submit a DSR form as available here.
Right to portability	You have the right to obtain the Personal Data in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. We will select the format in which we provide your copy. If you wish to exercise this right, please submit our DSR as available here.
Right to opt out under the EU, and specifically in the US the right to opt out from: (i) selling personal data; (ii) right to opt out from targeted advertising; and (iii) right to opt out from profiling and automated decision making	Direct Marketing or Newsletter: You have the right to opt-out from receiving any marketing communication from us by unsubscribing through the email received. Newsletter: You have the right to withdraw consent when you no longer wish to be in our newsletter list. Cookies: When you no longer wish for cookies to track your behavior on the website for analytic and marketing purpose, change your preferences through the cookie settings available on our website footer. Sale of Personal Data for targeted advertising, monetary gain or profiling, or Share or Sale of Personal Information for analytic or marketing: If and to the extent applicable, you have the right to opt out of the sale of your Personal Data, for the purposes of targeted advertising, sale to a third party for monetary gain, analytic, etc. as detailed under the DSR form available here or through the cookie settings available on our website footer. Last, you are able to install privacy-controls in the browser’s settings to automatically signal the opt-out preference to all websites you visit (like the “Global Privacy Control”). We honor the Global Privacy Control, where applicable, subject to your jurisdiction, as a valid request to opt-out of the sharing of information linked to your browser. Note you may have the right to authorize another person acting on your behalf to opt out (including by technical tools and opt out signals). In any event, please keep in mind that opt-out tools are limited to the browser or device you use because they work off your browser ID and device ID and, accordingly, you will need to opt-out on each browser and device you use. Your browser may save some information in its cookies and cache to maintain your privacy preferences. Clearing these may remove opt-out preferences, requiring you to opt-out again.
Right to Object to the Processing of your Personal Data	You have the right to object to any use of your Personal Data which we have justified by our legitimate interest if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest.
Right to Restrict Processing of Your Personal Data	You have the right to ask us to restrict or limit the purpose for which we process your Personal Data, where certain conditions are satisfied (for example, where you contest the accuracy of the Personal Data, for a period enabling us to verify its accuracy).
Right to appeal or complaint	If we decline to take action on your request, we shall so inform you without undue delay as required under applicable laws. The notification will include a justification for declining to take action and instructions on how you may appeal, if applicable. Within the timeframe set under applicable law as of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the applicable authority. Where the GDPR applies, you have the right to lodge a complaint with the applicable Data Protection Authority in the EU or the Information Commissioner in the UK. If you are a US resident, please see section 12 below to know your rights.
Non-discrimination	Such discrimination may include denying a service, providing a different level or quality of service, or charging different prices. We do not discriminate our customers or users.

For California residents, please see our CCPA Privacy Notice.

Certain rights can be easily executed independently by you without the need to fill out the DSR Form:

If you have a User Account, you can correct certain data provided therein (such as contact information) through the account settings;
You can you can opt-out from receiving our marketing emails by clicking “unsubscribe” link;
You can use the cookie settings tool on our website to change your preferences;

You may opt-out directly from third party retargeting cookies or other ad-technology trackers through self-regulatory services. For more information, please visit: Digital Advertising Alliance (US) HERE; Digital Advertising Alliance (Canada) HERE; Digital Advertising Alliance (EU) HERE; Network Advertising Initiative HERE; Use the Global Privacy Control (“GPC”) signals. You can also opt out of interest-based advertising with some of the service providers we use, such as Google HERE , Google Analytic HERE.

8. DATA RETENTION

We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out, where applicable.

Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.

9. SECURITY

Data security is of high priority to us. We make efforts to protect Personal Data we process from unauthorized access or unauthorized alteration, disclosure or destruction. We have implemented physical, technical and administrative security measures for the website that comply with applicable laws and industry such as restricting access to Personal Data to our personnel, minimize the data that we store on our servers, etc. Note that, we cannot be held responsible for unauthorized or unintended access that is beyond our control, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.

Please contact us at: dpo@ryzebeyond.com if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

10. TRANSFER OF DATA

We may store or process your Personal Data in the EU, the United States or in other countries. Thus, any information you provide us may be transferred to and processed in countries other than the country from which you accessed our website. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer. When Personal Data that was collected within the EEA is transferred outside the EEA, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data. You may exercise your rights, where applicable, to receive information regarding the transfer mechanism that was used during such transfer. Personal Data transferred outside the EEA is transferred, in all cases pursuant to standard contractual clauses approved by the European Union (“SCCs“). Additionally, following the withdrawal of the United Kingdom (UK) from the European Union on January 31, 2020, the UK is no longer considered to be a part of the EEA and therefore, the transferring of Personal Data from the EEA to the UK will also be subject to the SCCs or other contractual clauses that will ensure the security of the Personal Data (pending an adequacy decision from the European Commission).

11. CHILDREN

This website is not intended for use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law which with respect to the EEA is under the age of 16 and with respect to the US, under the age of 13) and we do not knowingly process children’s information. We will discard any information that we receive from a user that is considered a “child” immediately upon our discovery that such a user shared information with us. Please contact us at: dpo@ryzebeyond.com if you have reason to believe that a child has shared any information with us.

12. JURISDICTION- SPECIFIC NOTICES

Additional Notice to California Residents

This section applies only to California residents, pursuant to the California Consumer Privacy Act of 2018 (“CCPA”) effective November 2020, and as amended by the CPRA, effective January 1, 2023.

Please see the CCPA Privacy Notice which discloses the categories of personal information collected, purpose of processing, source, categories of recipients with whom the personal information is shared for a business purpose, whether the personal information is sole or shared, the retention period, and how to exercise your rights as a California resident.

Additional Notice to US Residents

Residents of certain U.S. states (depending on the applicable state law, acting as an individual or in the household context only and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context or as representative of a business), may have additional rights under applicable privacy laws and be entitled to additional disclosures. “Personal Data” under applicable US privacy laws, generally means any information that is linked or reasonably linkable to an identified or identifiable individual (and usually does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the states laws scope, such as: HIPAA, GBPA, non-profit entities, etc.)

“Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal Data collected from a known child; Precise geolocation data.

We are required to provide you with a clear and accessible privacy notice that includes the categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categories of Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.

Categories of Personal Data & Categories of third parties with whom Personal Data is shared:

In Section 3 to the Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collected or processed, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without obtaining your consent, unless we are otherwise entitled, required or permitted under applicable laws.

Additionally, Section 6 to this Privacy Policy details and discloses the categories of third-parties we share for business purposes.

“Sale” of Personal Data:

Under US privacy laws, in principle, the term “sale” is referring to disclosing or making available Personal Data to a third-party in exchange for monetary or other valuable consideration, including for targeted advertising purposes. We do not “sell” information as this term is commonly understood, meaning – we do not, and will not, disclose your Personal Data in direct exchange for money or some other form of payment. However, subject to the definition of the term “sale” under applicable US privacy laws, our practice of using “cookies or other third-party advertising services and sharing Personal Data for such purpose is considered as a “sale”.

Such practice includes the following Personal Data categories shared with these third parties:

Identifiers – online identifiers such as IP and Cookie ID;

Internet and electronic network activity information – such as your engagement with our website and ads.

Geolocation data – derived from IP (country level).

Section 7 to this Privacy Policy details and discloses your rights and Personal Data shared or sold for targeted advertising.

Consumer Rights Related to Their Personal Data:

Residents of certain U.S. states may have additional rights under applicable privacy laws, subject to certain limitations, which may include:

Access – the right to confirm whether we are processing their Personal Data and to obtain a copy of their Personal Data in a portable and, to the extent technically feasible, readily usable format.

Delete – the right to request us to delete their Personal Data provided to or obtained by us.

Correct – the right to request us to correct inaccuracies in their Personal Data, taking into account the nature and purposes of the processing of the Personal Data.

Opt-Out – the right to opt out of certain types of processing, including: (i) to opt out of the “sale” of their Personal Data; (ii) to opt out of targeted advertising by us; and (iii) to opt out of any processing of Personal Data for purposes of making decisions that produce legal or similarly significant effects.

Section 7 to this Privacy Policy provides additional information regarding your principal rights.

Exercising Consumer Privacy Rights:

You may submit a request to exercise most of your privacy rights under U.S. state privacy laws by submitting a DSR as available here or contacting us at: [add email address].We will take steps to verify your identity and your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for denial and how to remedy any deficiencies, where applicable.

Authorized agents may initiate a request on behalf of another individual, provided that such will be required to provide proof of their authorization, and we may also require that the individual directly verify his/her identity and the authority of the authorized agent.

We will respond to your request within the timeframe required under applicable law, and we reserve the right to extend the response time subject to applicable law requirements. If we refuse to take action on a request, we will notify you and our notification will include a justification for declining to take action and instructions on how you may appeal. Within the timeframe set out under applicable law of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the applicable authority or Attorney General of your jurisdiction (including – Colorado AG at https://coag.gov/file-complaint/; Connecticut Attorney General at: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318; Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform).