For the purposes of this policy, “personal information“ means information that either identifies you on its face, or ties you to other information that, in combination, identifies you. It is possible that third parties may be able to personally identify you by other means, including by associating facially anonymous information about your Internet activity with other records.
If you have questions about this policy or how we treat your personal information, you should contact Terra Laboratories Legal Department at email@example.com
Personal Information We Collect From You
Depending on how we interact with you, we may collect, use, store and transfer different types of personal information about you. This includes:
- Identity Data, such as your name and title. We may also collect your birth date or gender, but only when you choose to provide us with that information, such as in a product review or your account settings.
- Contact Information, such as your mailing address, billing address, email address, and telephone number(s).
- Payment Information, such as credit card, debit card, and other financial payment information.
- Account Profile Information, such as your username or similar identifier, account password, purchase/order history, and your interests provided when signing up for your account.
- Correspondence Information, including anything you may provide to us in your communications with us, for example your intended or actual use of our products, questions about our products, as well as records of your communications with us.
- Health Information, specifically any adverse reaction you might have to one of our dietary supplement products and relevant health information, that you choose to share with us.
- Technical Information, such as your internet protocol (“IP”) address; your web browser software and version; if you arrived at the Services through a link from another website, information about the page you came from; your mobile device identifier and other information about devices you use to access the Services. For more information about how and when we collect this information and what we do with it, please see our Cookies and Tracking Policy.
- Marketing and Communications Information, such as your preferences in receiving marketing, promotions and sales offers from us and our marketing partners, and photographs containing images of you where you choose to provide us with them as part of a sweepstakes or contest.
Information Collected from Individuals Outside the United States
- Our Services are U.S. based and therefore, if you are using the Services from outside the United States, including the European Union or European Economic Area, and provide us with personal information, please note that your personal information will be transferred, stored and processed in the United States. This is done either to ensure we are able to provide our services to you, or where not necessary for the provision of our services (such as in the case of providing you with marketing communications), it is done only with your consent. Please note, however, that the data protection laws in the United States may not be as comprehensive as those in your country of residence. We are, however, unable to provide our services without handling your personal information in the United States.
How We Collect Information About You
We collect information from you and about you in different ways.
- Direct Interactions. We collect most of the personal information about you we use from you directly. For example, you may give us a variety of your Identity Data, Contact Information, Payment Information, Account Profile Information, Health Information, Correspondence Information and Marketing and Communications Data when you:
- Create an account on one of our websites;
- Purchase products from our website or by phone;
- Contact us with questions or provide feedback about our products;
- Subscribe to our mailing lists or otherwise agree to receive marketing communications from us;
- Enter competitions, promotions or surveys we run from time to time; and
- Automated technologies and interactions. As you interact with our websites, we may automatically collect Technical Information about your equipment, browsing actions and patterns. We collect this personal data by using cookies, web beacons, server logs and other similar technologies. [We may also receive Technical Data about you if you visit other websites employing our cookies.] Please see our Cookies and Tracking Policy for further details.
How We Use Your Information
We use your personal information for the following purposes:
- Contact Us.
We use personal information such as your Contact Information to respond to your questions and comments when you communicate with us through links or pages provided by the Services, such as the “Contact Us” feature.
- Email Newsletters and Promotions.
We use personal information about you, including your Contact Information, to send you our newsletters, exclusive offers and promotions, and product news through email, where you have agreed to receive such communications. We also may use personal information about you to administer our promotions.
- Surveys, Sweepstakes, and Message Boards.
We use personal information about you, including your Identity Data and Contact Information, to enable you to participate in features such as surveys, polls, sweepstakes, and message boards, where you have agreed to this. We may sometimes use a third party service provider to conduct these surveys or sweepstakes; if so, that company will be prohibited from using your personally information for any other purpose.
We use information you provide to us regarding our products and services, to provide product feedback to our customers [in aggregated form] through the Services.
- Fraud and Crime Prevention and Detection.
We use your personal information, such as your Technical Information, to help prevent and detect fraud and other crimes that might be committed using or against our Services. We do this to both protect our legitimate interests in protecting our business assets and comply with our legal obligations.
- IT Security and Website Operation.
We use your personal information, such as your Technical Information, to help us protect our legitimate interests in troubleshooting, testing, maintaining, and protecting our IT systems, including this website.
- Compliance with Legal and Regulatory Obligations.
We use your personal information to comply with our legal and regulatory obligations which arise from time to time. For instance, we may use your Contact Information to alert you if a product is recalled. We may also collect your Health Information to maintain records of adverse reactions to our dietary supplement products when you choose to provide this to us.
- Other Uses of Information.
In addition, we may use your personal information as otherwise described to you at the time of collection with your consent.
Our Services offer publicly accessible blogs, community forums or reviews. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Information We Share
External Third Parties. We will only share your personal information with external third parties in the following limited circumstances:
- Service Providers.
We may share your personal information with service providers that perform certain functions or services on our behalf in order to fulfil the services you request from us. These include third parties which host our websites, manage databases, perform analyses, send communications for us, process payments on our behalf, ship your orders, provide you with live chat service, or provide certain other components of our websites. We do not authorize service providers to use or disclose the information, except as necessary to perform services on our behalf.
We may allow third parties to collect information in order to provide us with analytics. For instance, the Services use analytics tools provided by Google to help us understand how people use the Services. You can learn more about how Google collects and uses information as a part of its tools at http://www.google.com/analytics/.
- Marketing Partners.
We may share your personal information with select marketing partners that we believe would be of interest to you [where you have given us permission to do so]. We describe below how you may choose to instruct us not to share personal information about you with our marketing partners.
- Legal Process.
We may disclose your personal information to the extent necessary to respond to subpoenas, court orders, or other legal process in response to a request for cooperation from law enforcement or another government agency, in order to comply with our other legal and regulatory obligations.
- Protect Our Services and Users.
It may sometimes be necessary for the advancement of our legitimate commercial interests to share your personal information with our professional advisers in connection with a corporate transaction, such as a sale, assignment, divestiture, merger, bankruptcy, consolidation, reorganization, liquidation, or other transfer of the business or its assets. When we do this, we will always take measures to ensure the ongoing protection of your personal information.
- Other Circumstances.
We may also use your personal information in other circumstances, but we will also explain them to you at the point of collection and, where necessary, get your agreement.
We Provide You Choices
You can subscribe to receive marketing offers or solicitations from us through email email@example.com. If you prefer not to receive marketing emails from us, please contact us at firstname.lastname@example.org. Please note that these requests may take up to 10 days to be effective.
Please note that your request not to receive unsolicited commercial emails from us will not apply to messages that you request or that are not of a marketing nature. For example, we may contact you concerning any purchases you have made with us even if you opt out of receiving unsolicited commercial messages.
If you have established a user account in connection with one of our Services, you may be able to review and request changes to some information that the Company maintains about you through your account settings or by contacting us at email@example.com. We will respond to your request for access within 30 days. Upon request we will provide you with information about whether we hold any of your personal information.
We will only retain your personal information for as long as necessary (generally 7 years) to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements we are subject to, as well as to resolve disputes, and enforce our agreements. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at firstname.lastname@example.org.
Third Party Websites
Our Services may provide links to websites operated by third parties for your convenience and information. All of these websites and applications operate independently from us, and we do not control their privacy practices. We encourage you to review the privacy policies of any third-party websites and applications that you use to better understand their
How We Protect Personal Information
We maintain reasonable security procedures to help protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of the information you provide through our Services. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Among other safeguards, we use Secure Sockets Layer (“SSL”) technology to help protect transmissions over the internet of your payment card data.
Unfortunately, no data transmission over the internet or stored on a server can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and cannot be responsible for the theft, destruction, or inadvertent disclosure of your personal information. If you prefer not to transmit your credit card number over the internet, you can contact us using the toll-free number listed on the website from which you want to order. If you have any questions regarding security, you can contact us at email@example.com.
Cookies and Tracking
You may be able to disable cookies by changing a setting in your web browser. Please note, however, that without cookies you may not be able to take full advantage of all the Services features. Please note we do not currently support any browser based Do Not Track (DNT) settings or participate in any DNT frameworks, and we do not assign any meaning to any potential DNT track signals you may send or alter any of our data collection or use practices in response to such signals.
If you wish to not have your browsing information used for the purpose of serving you ads, you may opt-out by firstname.lastname@example.org. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.
Our Services are not directed to persons under the age of 18. We do not knowingly collect personally identifiable information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us via the contact details listed below. If we become aware that a child under 13 has provided us with Personal Information, we will delete such information from our files.
Information Collected from Individuals in the European Union
Your Rights. Under the European Union General Data Protection Regulation, you have certain rights regarding your personal information:
- Right to access your information: You have the right to confirm whether and how we use your personal information, why we use it, how long we keep it, and who we share it with. You also have the right to request a free copy of what we have.
- Right to have your information shared: You have the right to request a copy of your personal information for your personal use, including sharing with other entities.
- Right to rectify your information: If you believe that we hold personal information about you that is inaccurate, misleading, or incomplete, you have the right to request that we correct that information in our records.
- Right to request that we remove your information: You have the right to request that we remove your personal information from our records.
- Right to request that we limit use of your information: You also have the right to request that our use of your personal information be restricted.
- Right to withdraw consent: Where you provide consent to our use of your personal information, you can withdraw your consent at any time by contacting us at email@example.com. It may take us some time to process your request, but we will update your preferences within a reasonable period of time or inform you there will be a delay and explain why.
- Right to complain to a supervisory authority: Where you are unhappy with how we treat or handle your personal information, you have the right to make a complaint to the data protection supervisory authority in your home country. For example, if you live in the United Kingdom, you would contact the Information Commissioner’s Office.
If you would like to exercise any of your rights described above and submit a request contact firstname.lastname@example.org. We will respond to all legitimate requests within one month. We may sometimes request additional information from you. Please note that we may not be able to fulfil your request under certain circumstances, such as when it is necessary to keep your information to complete an order or meet a legal obligation. If we cannot fulfil the request, we will notify you of the reasons why.
If you disagree with our resolution of your request, you have the right to make a complaint to the supervisory authority in your country. You may also seek to enforce this right through a judicial remedy.
Health Information. We are required by law to maintain records of our customers who report adverse reactions to our dietary supplement products. We ask for your explicit consent before collecting any information about your health or medical conditions. We will use this information only for the purposes of meeting our regulatory and legal obligations [and will not share it with any third parties]. You may withdraw your consent at any time by contacting us as described above.
Data Breaches. Please note that we have put in place procedures to deal with any suspected personal data breach. We will notify you and any applicable EU data protection supervisory authority of a breach where we are legally required to do so.
Marketing and Promotions. If you have indicated that you would like to receive marketing communications from us, we may use your personal information, including your order history, the marketing preferences you tell us about, and the feedback you send us, to build a profile about you and tailor the promotions we send to you. For example, if you sign up to receive promotions from us, and we see you place an order for the same vitamins every month, we may send you special coupons for those vitamins on your birthday. If you have questions about how we use your personal information to tailor the promotions you receive, contact us at email@example.com. If you would like to change your marketing preferences or would no longer like to receive marketing communications from us, contact us at the email address above.
Data Retention. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
EU-U.S. and Swiss-U.S. Privacy Shield
The Company participates in and has certified compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. The Company is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certifications, visit the U.S. Department of Commerce’s Privacy Shield List here.
Under each Privacy Shield Framework, the Company is responsible for the processing of personal data it receives and subsequently transfers to a third party acting as an agent on its behalf when our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless the Company is not responsible for the event giving rise to the damage. The Company complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to each of the Privacy Shield Framework, the Company is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request or firstname.lastname@example.org.
Under certain conditions, more fully described on the Privacy Shield website here, you may invoke binding arbitration after other dispute resolution procedures have been exhausted.
How to Contact Us
Email: email@example.com .
Mail: Terra Laboratories Ltd
3F, 207 Regent Street
London, W1B 3HH
Attention: General Counsel
Thank you for using our Services.
Last Updated: 29th of November 2018