Last modified: July 20, 2020
This Policy describes the types of information we may collect from you or that you may provide when you visit the company's websites, ProLon.nz (“Website”) and any digital service on or to which this Policy is linked or referenced (the content and services on such websites, applications, and digital services are collectively referred to as the “Services”), and describes our practices for collecting, using, maintaining, protecting, and disclosing that information.
This Policy applies to information that we collect:
- On our Websites or through the use of our Services.
- In email, text, and other electronic messages between you and this Website or in conjunction with using our Services.
It does not apply to information collected by:
- us offline (except as described below) or through any other means, including on any other website operated by any third party; or
- any third party, including through any application or content (including advertising) that may link to or be accessible from our Websites or provided to you through your use of the Services.
Children Under the Age of 18
Our Website and Services are not intended for children under 18 years of age. No one under 18 years of age may provide any information to our Websites or through the use of our Services. We do not knowingly collect Personal Information from children under 18 years of age. If you are under 18 years of age, please do not use our Websites or the Services or provide any information on or through them, including through on or through any of the features on the Websites or Services. No one under 18 years of age may register on our Websites or through our Services, make any purchases through our Websites or Services, use any of the interactive or public comment features of our Websites or Services, or provide any Personal Information (as defined below) or other personal data to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn that we have collected or received Personal Information from a child under 18 years of age without verification of parental consent, we will delete that information. If you believe that we might have any information from or about a child under 18 years of age, please contact us at Customerservice@prolon.nz.
Data Controller Information
The Company makes decisions about how your information will be used, including information we receive from your interactions with the Websites and our Services. Our data protection officer (“DPO”) is Michael Thomsen, who is responsible for overseeing questions about this Policy. If you have any questions about this Policy or any requests to exercise your legal rights, please contact our DPO using the contact information below.
The name of the Company is L-Nutra. Our Data Protection Officer is Michael Thomsen. Our postal address information is: L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ. You can also contact our DPO by email at firstname.lastname@example.org
Information We Collect About You and How We Collect It
We collect several types of information from and about users of our Website and Services and users who communicate with us, including information:
- required for us to process orders that you may place through our Websites or the Services, including the name on your credit card, your credit card number (only the last four digits of which are visible to the Company), your credit card’s three-digit card verification value (CVV), the expiration date of your credit card, your street address, country, region, and post code (“Financial Information”)
- required for us to schedule live trainings, including your name, email address, address, and phone number;
- required for us to process requests of prospective affiliates who wish to join our programs for affiliates;
- needed for customer relationship management (CRM). Data used and retained for CRM purposes includes basic contact information and records of interactions with our customers and potential customers;
- necessary for us to verify resellers and healthcare providers and to provide products and services to them (this information includes addresses and healthcare provider codes);
- given by you if you elect to participate in surveys. Participation in these surveys is completely voluntary and you may choose whether or not to participate and therefore disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Survey information will be used for purposes of monitoring or improving the use and satisfaction of our Websites and Services and our products and services;
- required for us to tailor our products to you. For instance, we may ask for and retain certain Personal Information that you voluntarily provide to us, such as your gender, height, and weight, in order to provide you appropriate products;
- required for us to identify and authenticate you and secure your interactions with our Websites and the Services, including your user name, email address, and password for our Websites and Services;
- that is about you but individually does not identify you. For instance, we track analytics using cookies that we place on your devices, which allows us to determine the number of visitors to our Websites and using our Services, the pages visited, and the length of time they spend on our Websites and certain webpages and our Services, but these cookies and the third party services that we use generally provide us with only aggregate data of all of our users; and
- about your internet connection, the equipment you use to access our Websites and Services and usage details.
We collect this information:
- Directly from you when you provide it to us.
- Automatically as you navigate through our Websites or use our Services. Information collected automatically may include usage details, your computer or digital device’s IP addresses (that is, a unique string of numbers that identifies each device using the Internet Protocol to communicate over the internet), and information collected through cookies and web beacons. (We describe what these are in the section of this Policy captioned “Information We Collect Through Automatic Data Collection Technologies.”)
- From third parties, for example, Facebook and Google.
How And Why We Use Your Information
- We use the information that we collect about you or that you provide to us, including any Personal Information:
- To present our Websites and their contents to you;
- To provide the Services and their contents to you;
- To provide a map of our location to you;
- To personalise and improve your experience with our Websites and Services;
- To provide tailor-made content in search results and to provide personalized advertising;
- To manage contacts and our relationships with our customers, third parties, affiliates, and resellers;
- To perform analytics;
- To provide you with information, products, or services that you request from us or that we think you might be interested in;
- To provide you with notices about your account and subscriptions, including expiration and renewal notices;
- To notify you about changes to our Websites or Services and any products or services that we offer or provide though them;
- To allow you to participate in interactive features on our Websites and Services;
- To allow you to purchase subscriptions and products and process payments;
- To provide you with periodic product newsletters, updates and offers;
- To contact you and provide you with help if you have a customer service issue;
- To provide you with advisories about our products and services and to otherwise protect you;
- To identify and protect you and other customers and maintain your accounts;
- To develop new products and services;
- To allow licensed healthcare providers (HCPs) to register with the Company so that they can approve their patients or consumers to purchase our products or services;
- To allow resellers and affiliates to sign up with our programs;
- To improve our IT systems;
- To protect rights that affect our property or our security, the property or the safety of our users or the public, to the extent permitted and required by law;
- In any other way we may describe when you provide the information;
- To fulfill any other purpose for which you provide it;
- For any other purpose with your consent.
Aggregated and Non-Personal Data
We may share aggregated and non-Personal Information that we collect under any of the above circumstances. We may also share it with third parties to develop and deliver targeted advertising on our Websites and in our Services and on websites of third parties. We may combine non-personal information that we obtain with other non-personal information that we receive from other sources. We also may share aggregated information with third parties, including our advisors, resellers, advertisers and investors, for the purpose of conducting general business analysis and analytics. For example, we may tell our investors the number of visitors to our Websites, the number of downloads of our mobile applications, and the most popular features or services accessed. This information may be used to develop content and improve our Websites and Services and to target content and advertising to people interested in our products and Services. In some cases, we may share information that you provide to us in a way that will not individually identify you. For instance, we show the first names and states of residence of certain customers who buy our products to others who visit our Websites.
Information You Provide to Us. The information we collect on or through our Website or when you sign up to receive Services may include:
- Information that you provide by filling in forms on our Websites or through our Services. This includes information provided at the time of purchasing products; downloading, using, or subscribing to our Services; contacting us; posting material; making payments (including Financial Information that you provide) or requesting further services. We may also ask you for information when you contact us through our Websites, through the Services, or by telephone. This information includes your name, email address, and telephone number. If you submit a healthcare provider code (“HPC”), this information may allow us to sell products to you that would not otherwise be available to you in the absence of an HPC.
- Information that resellers and health care professionals provide, including names; health care provider codes; licensure details including practice names, license numbers, and specialties; addresses and payment details. We use this information to facilitate wholesale pricing and discounts.
- Information that you provide to us if you choose to subscribe to our free newsletters or obtain reports.
- Metadata from files that you upload to our Websites or to (or by means of) our Services.
- Information that we need to process and fulfill a purchase order.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Details of transactions you carry out through our Websites and through the Services and of the fulfillment of your orders. You may be required to provide Financial Information before placing an order through our Website. We may receive certain information from third parties required for us to fulfill your orders. For instance, if you use a credit card to purchase an item from us, we may receive your email address, name, address, phone number, and the last four digits of your credit card. We use third party processors that provide the credit card processing functions on our Websites and through our Services. These third party processors will receive, store, and process your Financial Information.
- Information that you submit through our Websites and Services when you correspond with us, including through our messaging features.
- Information that you provide to us when you call us or communicate with us by electronic mail. This includes information that you provide to us when you communicate with our customer support department.
- Usernames and passwords that we use to authenticate your access to our Websites and the Services.
Information We Collect Through Automatic Data Collection Technologies. As you navigate through and interact with our Websites and Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Websites and our Services, including traffic data, access times, accessed pages, location data, logs, and other communication data and the resources that you access and use on the Websites and Services.
- Details of whether or not you have opened our emails.
- Information about your computer or device and internet connection, including your IP address, domain name, operating system, browser type and language, and other unique identifying information, including information of machines that have our software downloaded and installed on them.
- Information about the timing and sizes of packets sent between you and the Websites and the Services.
- Information about the pages from which you were referred to our Websites or our Services.
- Information about your monitor screen resolution and colour depth.
When you visit our Websites or use our Services, your browser or application will send information to our servers hosting these Websites and Services. This information is stored in log files that our IT providers and developers will have access to. This information includes the IP address of the requesting device, the date and time of access, the name and uniform resource location of the retrieved file, the referring website, and your browser type. Additional information, such as your operating system may also be included.
The information we collect automatically may include Personal Information, or we may maintain it or associate it with Personal Information that we collect in other ways or receive from third parties. It helps us to improve our Websites and the Services offered through such Websites and Services and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Websites and Services according to your individual interests.
- Optimize your searches.
- Recognize you when you return to our Websites or use our Services.
- Identify you to ensure the security of our Websites and the Services and the transmission and storage of data between you and us.
- Control unauthorized use or abuse of our Websites and our Services.
The technologies we use for this automatic data collection may include:
- Session Cookies: Session cookies are stored in memory and are deleted once you close your web browser.
- Personalization Cookies: Personalization cookies are used for retaining persistent information about our users. Loss of the information stored in a personalization cookie may lessen the functionality of our Websites for users but should not prevent the Websites from working.
- Security Cookies: We use security cookies to authenticate users, prevent fraud, and protect user data from access by unauthorized parties.
- Tracking Cookies: We use tracking cookies to record and analyze user behaviour.
We also use third party cookies, including tracking and advertising cookies. We provide information below about how you can configure the cookie options of your browser in the section titled “Choices You Have Over How We Use Your Personal Information” below.
Web Beacons. Certain pages on our Websites and available through our Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Personal Information is not collected by us via cookies and other tracking technologies except as disclosed below. If you have previously provided Personal Information to us, cookies may be tied to such information.
Other Tracking Technologies
We advertise on Facebook (including Instagram), Google, Outbrain, Twitter and Zemanta. The third parties may use tracking technologies to collect information, for instance, when you click on our ads. We do not receive any Personal Information from these advertisers that would allow us to identify a specific user of our Websites or Services except as described below. Collected data includes:
- The IP address of your device;
- The date and time that you access our Websites and Services;
- The identification number of a cookie;
- The device identification of your devices, if you use our applications on your devices such as tablets or smartphones; and
- Technical information about your browser and your operating system.
Google DoubleClick: Our Websites and Services use DoubleClick by Google. Use of DoubleClick allows Google and its partner sites to serve ads that we purchase from Google on other websites and services based on information it learns from your previous visits to our Websites or use of our Services. Third party cookies detect which advertisements have already appeared in your browser and whether you visited a website or a service because of an advertisement. This allows you to receive advertisements that are relevant to your interests. The data arising in this context can be transmitted by Google to a server in the United States for evaluation and stored there.
To opt out of the cookies provided by Google for DoubleClick, please visit: https://adssettings.google.com/authenticated?hl=en.
Google AdWords: As a user of Google AdWords, we partner with Google to perform conversion tracking on some of the pages of our Websites which you may access through our Services. Google Adwords places a cookie on your computer or mobile device if you have accessed certain webpages on our Websites or through our Services via a Google advertisement. If you visit certain pages on our Websites or through our Services and the Google Adwords cookie has not yet expired, we and Google can track whether you have clicked on an advertisement and been referred to our page as a result. The information collected by means of this cookie allows us to obtain conversion statistics that help us with improving our Websites and our Services. We and other Adwords’ customers know, among other things, the total number of customers who have clicked on our advertisements and been redirected to a page on a website with a conversion tracking tag. But no Adwords customer receives any information by which it can personally identify visitors to its websites. If you do not want to participate in the tracking that we do using Google Adwords, you can prevent the placement of the applicable cookie by configuring your browser or device to prevent websites from setting cookies. You can also deactivate conversion tracking cookies by setting your browser to block cookies from the domain googleadservices.com.
You can find more information on Google Remarketing under Google’s data protection information. We do not control Google, and we do not have control over the use of data that you share with Google.
Outbrain. The Company uses conversion tracking services from Outbrain. Our Websites and our Services and some third parties that have site on which we advertise serve some webpages with Outbrain pixels. If you click on an advertisement placed by Outbrain, Outbrain will use a conversion tracking pixel to track the event. Outbrain targets advertisements on the basis of what items you have previously visited on the internet as well as what items you have clicked on. Outbrain uses unique user ids, IP addresses and other information about your device, browser type, operating system, pages visited, time of visit, referring website URLs, and other information so that it can serve targeted advertisements. Outbrain’s recommendations may be paid for by an advertiser linking you to a new website or they may provide a link to another page on the same publisher’s website.
Twitter Conversion Tracking: We use the Conversion Tracking service of Twitter Inc., (“Twitter”). We and Twitter track whether a visitor to our Websites or of our Services clicks on a link posted by Twitter. Twitter and the Company can determine whether such an action has taken place. In addition, we use Twitter’s Tailored Audiences service. This allows us to provide targeted advertisements to visitors to our Websites and users of our Services. To provide the Tailored Audiences service, we embed some functional code from Twitter that we have integrated into our Websites that your browser or device can execute. Tailored Audiences is also used to create targeting lists of potential customers that meet certain criteria, including geographical location, gender, age, and device types.
Facebook, Google, Outbrain, Twitter, and Zemanta store and process your personal information in the United States and elsewhere in the world.
If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see “Choices You Have Over How We Use Your Personal Information.”
Google Analytics: Our Websites and Services use Google Analytics, a web analytics service provided by Google, to understand how our customers interact with our Websites and Services. Google Analytics collects Internet Protocol (IP) addresses, which are used to provide the analytic services and to identify from which country, state, or city visitors to our Websites and Services arrive. Google Analytics mainly relies on cookies to retain your information in persistent storage, and you may configure your browser or device to prohibit or disable cookies altogether or delete any individual cookie. Google Analytics transmits the information it obtains to Google, which stores it on its servers in the United States or around the world. Google will use this information for analyzing your use of our website, generating reports on website activity for us and providing other services relating to website activity and internet usage. We obtain data about the website from which visitors come to our Websites, which pages visitors visit, and how often and for what duration visitors visit particular pages on our Websites. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
VWO: Some of our Websites and our Services use Visual Website Optimizer (“VWO”), a web analytics service provided by Wingify, Inc. VWO helps us assess the usability of certain pages. Certain user-behavior metrics are collected, such as the date and time that you accessed certain webpages, the pages that you access, and your IP address. In order to obtain meaningful test results, cookies are also used for temporarily storing information and later accessing it.
Plug-Ins and Tools
Vimeo: Some of our Websites and Services include videos provided by the Vimeo video portal.
If you visit one of our pages featuring a Vimeo plugin, you will connect to Vimeo’s servers, and Vimeo servers will track which pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our Websites or Services or do not have a Vimeo account.
Google reCAPTCHA: On some of our Websites and Services we use Google’s reCAPTCHA service to prevent automated programs from misusing our Websites and Services.
Currently, we use the following social media plug-ins: Facebook, LinkedIn, Pinterest, Twitter, Google Plus, and Instagram on some of our Websites and Services. (These plug-ins are sometimes referred to as “widgets”.) If you visit these Websites and social media plug-ins are provided on the web pages that you visit, no personal data are forwarded to the plug-in providers unless and until you click on a plug in. You can identify the providers of the plug-ins by their icons, marks, stylized initials, branding, or logos (e.g. the “f” of Facebook, the “g+” symbol of Google Plus, the camera icon of Instagram, the “in” symbol of LinkedIn, the stylized “p” in a red circle of Pinterest, and the bird symbol of Twitter). If you click on a plug in, you will directly communicate with the plug-in provider, which will receive a notification that you have accessed its website or services from our Websites or Services. By enabling the plug-in, your Personal Information and other data are sent to the plug-in provider and stored there. As plug-in providers often rely heavily on cookies to collect data and store it on your local device, you can delete cookies from your browser’s security settings prior to clicking a plug-in to limit the data that a plug-in provider receives about you. We do not control the providers of the social media plug ins, and their use of your Personal Information and other data is subject to their privacy policies. We provide links to these in the Section captioned “Third Party Services” below.
Facebook and Facebook Plugins (Like & Share Buttons): Our Websites and Services include links to Facebook and may include plugins for Facebook. The plugins are labeled with a Facebook logo or the addition “Facebook Social Plug-in” or “Facebook Social Plugin.” An overview of the Facebook plugins and their appearance can be found at: https://developers.facebook.com/docs/plugins.
We provide links to Facebook on certain pages of our Websites and through the Services. The links are identified by a stylized lowercase “f.” If you click on the link, you will be directed to a webpage that we maintain with Facebook and will be prompted to login if you are not already logged into your Facebook account. If you do not have a Facebook account, you will need to create an account before you will see Facebook content.
If you do not want Facebook to link your visits to our Websites or use of our Services with your Facebook account, please do not log into your Facebook account when using our Websites and Services. You can prevent the loading of the Facebook plugins and the data processing procedures described above also with add-ons for your browser, for example, with the script blocker Privacy Badger, available at https://www.eff.org/privacybadger.
LinkedIn. Some pages on our Websites and Services contain integrated components of LinkedIn. With each request to a page on our Websites or Services in which a LinkedIn component (LinkedIn plug-in) is integrated, your browser or device is automatically prompted to download the corresponding LinkedIn component of LinkedIn. Further information about the LinkedIn plug-in may be accessed under https://developer.linkedin.com/plugins. During the course of this process, LinkedIn receives data about the specific sub-pages of our Websites and portions of our Services that you have visited. If you are logged in with LinkedIn at the time you access these pages, LinkedIn detects with every visit to our Websites or Services by you—and for the entire duration of your stay on our Websites or using our Services—the specific sub-pages of our Websites and certain portions of our Services that you have visited. This information is collected through the LinkedIn integration with our Websites and Services and associated with your LinkedIn account. This happens whether or not you click on the LinkedIn button. If you click on one of the LinkedIn buttons integrated on our website, LinkedIn associates this information to your personal LinkedIn user account, if you have one, and stores the personal data.
If you do not want LinkedIn to receive this data, then you should make sure to log off from your LinkedIn account before visiting our Websites or using our Services.
LinkedIn allows you to unsubscribe from certain types of messages and advertisements and to manage advertising setting under https://www.linkedin.com/psettings/guest-controls.
Pinterest. On certain pages of our Websites and the Services, we use plugins of the social network Pinterest. If you visit a page that contains one of these plugins, your browser or mobile application will connect directly to Pinterest servers. These plugins transmit certain log data to Pinterest servers located in the United States. This log data may contain your IP address, the uniform resource locators of the websites you visit that have integrated with Pinterest, the type and setting of your browser, the date and time of your request, information about how you use Pinterest, and cookie data.
Twitter Plugin: Our Websites and Services include links to Twitter and certain functions of the Twitter service may have been integrated into our Websites and Services. If you click on the Twitter icon, you will connect to a web page that the Company maintains with Twitter. This page provides information about our products and services and allows you to, among other things, “follow” us using the Twitter service so that you will receive short promotional messages from us. We also post photos and videos on the Twitter service. When you use Twitter and “retweet” content, the content from the websites that you retweet are connected to your Twitter account and broadcast to other users. In doing so, data will also be transferred to Twitter.
Some of our Websites and Services may include Twitter plug-ins. These plug-ins are labeled with a Twitter logo, such as a blue bird. To learn more about Twitter plugins and how to identify them, please visit: https://about.twitter.com/de/resources/buttons.
When you access a page on our Websites or through the Services that contains a Twitter plug-in, your browser connects directly to a Twitter server. Twitter transmits content to the plug-in and to your browser, and content from Twitter is embedded into the page that you view on our Websites or Services. This integration provides Twitter with information that your browser or mobile application has accessed the corresponding page of our Websites or our Services, even if you do not have a Twitter account or are not currently logged in to Twitter. This information (including your IP address) is directly transmitted from your browser to a Twitter server and stored by Twitter.
If you have an account with Twitter and are logged in to it, Twitter can immediately associate information about your visit to our Websites or Services with information Twitter has from your Twitter account. If you interact with the Twitter plug-ins by, for instance, clicking on the “Twitter” icon, the information is also directly transmitted to Twitter’s servers and stored there. Twitter will publish this information on your Twitter account, and your contacts will receive notification of your activity.
If you have a Twitter account and wish to limit the collection of information about our Websites and Services and the aggregation of your user data with the information about you that Twitter maintains, please make sure that you log out of Twitter before visiting our Websites or using our Services.
You can prevent the loading of the Twitter plugins and restrict the data processing procedures described above also with add-ons for your browser, for example, with the script blocker Privacy Badger, available at https://www.eff.org/privacybadger.
If you have a Twitter account, you can modify your privacy preferences in your account settings at https://twitter.com/account/settings.
Google+ Plugin: Some of our Websites and Services use Google Plus (“Google+”) functions. An overview of the Google plugins and their appearance can be found at: https://developers.google.com/+/plugins. If you click on the Google+1 button, you will be redirected to a web page that the Company has on the Google+ website. Using the Google +1 button, which is a lowercase g and a plus sign, allows you to publish information on the Google+ social platform. When you access a page on our Websites or through our Services that contains such a plugin, your browser or device establishes a direct connection to Google’s servers. The content of the plugin is transmitted by Google directly to your browser or device and integrated into the page. The integration gives Google the information that your browser or device has accessed the corresponding page of our Websites or Services, even if you do not have a Google+ profile or are not currently logged in to Google+. If you use the Google+ button, you and other users can receive custom content from Google and us. Google stores both the fact that you have pressed the +1 button in about certain content and information that you were viewing when you clicked the +1 icon. Google can link the items that you approve with your profile name and photo (if you have provided one) in Google services or in other places on websites and advertisements on the Internet.
Google also records information about the items that you have approved by clicking on the +1 button. To use the Google +1 button, you need a public Google profile that must contain at least your user name. This name is the same name associated with you for all Google services. Others who know your email address or other Personal Information about you may see your Google profile on Google+.
Instagram Plug-Ins: Our Websites and Services link to Instagram (“Instagram”), which is a photo and video-sharing social network. An overview of the Instagram plugins and their appearance can be found at: http://blog.instagram.com/post/36222022872/introducing-instagram-badges. If you access pages on our Websites or through our Services that contain the Instagram icon, you will be referred to a page that the Company maintains on the Instagram website.
How We Store Your Information
All Personal Information is stored on restricted database servers. We use industry standard measures to prevent the loss, misuse and alteration of your information once it is in our care. Our hosting provider has access to the servers. Our third party hosting provider has access to the servers on which your data is stored. We use secure sockets layer technology for transmitting your data and encrypting passwords.
Disclosure and Sharing of Your Information
All Personal Information remains private with us and is not distributed, rented, shared or sold to any outside organizations without your consent except as described in this Policy. We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
We may disclose or share information, including Personal Information, that we collect or you provide as described in this Policy:
- To contractors, service providers, and other third parties (including resellers) we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them. More information about how and what we share with third parties is described below in the section captioned “Third Party Services.”
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the assets of the Company, whether as a going concern or as part of bankruptcy, assignment for the benefit of creditors, liquidation, or similar proceeding, or the application of laws or equitable principles affecting creditors’ rights generally, in which information, including Personal Information, held by the Company about our Websites and Services’ users is among the assets transferred.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your information, including Personal Information:
- To cooperate with government and law enforcement officials and private parties to enforce and comply with the law, including to comply with any court order, law, or legal process (including responses to subpoenas), including to respond to any government or regulatory request.
- To prevent or to stop activity that we believe is illegal or unethical.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection, credit risk reduction, and resolving disputes.
Third parties to which we disclose Personal Information and other data may have their own privacy policies that describe how they use and disclose this information. We do not control the third parties with whom we share data or their privacy policies. The privacy policies of these third parties will govern the use, handling and disclosure of your Personal Information and other information that we share with them once we have shared it with those third parties as described in this Policy. If you want to learn more about these privacy practices of these third parties, we encourage you to visit their websites. We have presented links to some of these privacy policies in this Policy to help you find them. Please note, however, that third parties may change their policies and the links to such policies from time to time. If you find that the policies are not available, please contact the Company at L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ. You can also contact our DPO by email at email@example.com The third parties to which we disclose Personal Information and other data (or their servers) may exist inside or outside New Zealand.
Choices You Have Over How We Use Your Personal Information
We strive to provide you with choices regarding the Personal Information and other types of information that you provide to us. We are not, however, responsible for ensuring the confidentiality of your information, including Personal Information, if you choose to provide such information on our Websites or through our Services and opt to make such information accessible to all or some of the public. Any personal information you choose to provide should reflect how much you want others to know about you as the information (including Personal Information) that you provide to the Websites or the Services, as your information may be broadly and quickly disseminated. You can control who has access to any files that you upload, but you understand that any shared files may be re-shared or copied. Although we allow you to limit access to your files, please be aware that no security measures are perfect or impenetrable, and files that you share on the Websites or through the Services may become publicly available. We cannot control the actions of other users with whom you share your files, nor can we guarantee that only authorized persons will view your files.
We have created mechanisms to provide you with the following control over your information:
Changing the Information Provided to Us. You may review, update, correct or delete personal information or your account by emailing us at firstname.lastname@example.org
- You can unsubscribe from marketing emails by sending an email requesting that we unsubscribe you from our lists to email@example.com
Promotional Offers from the Company. We may provide certain promotional offers to you by email newsletter if you sign up for such newsletters on our Websites or through the Services. For instance, we may inform you about new features that might interest you in the body of the email newsletter. You may elect to stop receiving our email newsletters. If you do not wish to have your email address used by the Company to promote our products or services, you can opt-out by (i) checking the relevant box located on the form on which we collect your data (the registration form); (ii) clicking the “unsubscribe link” at the bottom of all of our digital promotional correspondence; (iii) sending us an email stating your request to firstname.lastname@example.org or (iv) sending a letter via the postal service to L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki
Auckland 2013, NZ. If you do not want us to store metadata (that is, information about your data, such as file creation time and date, file size, dimensions of a digital photograph, colour depth, image resolution, type of camera, shutter speed, and other data) associated with files you share on our Websites or through our Services (such as photos), please remove the metadata before uploading the files.
Promotional Emails. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions or unsubscribe via the “unsubscribe link” at the bottom of all promotional e-mails.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on NAI’s website here.
You may opt out of the automated collection of information by third-party ad networks for the purpose of delivering advertisements tailored to your interests, by visiting the consumer opt-out page for the Self-Regulatory Principles for Online Behavioral Advertising at http://www.aboutads.info/choices/.
Most browsers allow you to block and delete cookies. Each browser has a different way of configuring cookie settings. You can disable cookies and learn more about how to configure the cookie handling options for your browser at the following sites:
- Click the Chrome menu on the browser toolbar.
- Select the Settings option.
- Click Show advanced settings.
- In the section captioned “Privacy,” click the Content Settings, Cookie, and Site Data button. Chrome will provide you with the option to delete all of the cookies or select them one by one.
- For more information: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en.
- Click Tools in the browser menu and then select Options.
- Select the Privacy pane.
- To disable cookies, deselect the Accept cookies from the Site check box.
- For more information see: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Select Tools at the top of the browser window and select Internet Options.
- In the options window, click the Privacy tab.
- To disable cookies, place the cursor at the top to block all cookies.
- For more information, please see https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Go to Settings> Safari> Clear Cookies and Data.
- For more information see: https://support.apple.com/kb/PH21411.
Accessing and Correcting Your Information
You have rights to your data, and you can request to delete or transfer your data upon cancelling any subscriptions that you may have with us in accordance with this Policy. You can review and change some of your Personal Information by emailing email@example.com.
You can opt out of promotional emails at any time by emailing firstname.lastname@example.org, but you will still receive communications such as receipts, confirmation emails and customer service updates that are considered necessary to provide Services to you.
You may also send us an email at email@example.com to request access to, correct or delete any Personal Information that you have provided to us. We cannot delete your Personal Information except by also deleting your user account and information about any orders that you may have placed with us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
For information about our third-party service providers’ policies regarding access and correction of Personal Information, please see the section captioned “Third Party Services” below.
You may also send us an email at firstname.lastname@example.org to withdraw any consents that you have provided us. We may not accommodate a request, for instance for deletion of Personal Information, if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
For information about our third-party service providers’ policies regarding withdrawing consent, please see the section captioned “Third Party Services” below.
Unless you request to delete your Personal Information, we will retain your information for as long as your account is active, as needed to provide you products and services, to communicate with you about our products and services, to resolve legal disputes, and as required by law. If you wish to cancel your account or request that we no longer use your information to provide you Services, please contact us at email@example.com. Deactivation of your account does not mean your Personal Information has been deleted from our database entirely and we may not control third party vendors who may retain your Personal Information and other data. To request removal of your data, please send an email to firstname.lastname@example.org. While your account is active and even after it has been closed or you have requested deletion of your Personal Information, we will retain your Personal Information as long as we deem it reasonably necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We will provide details on how to delete your data upon cancellation of any subscription that you may have with us. For detailed information on this process, please reach out to our support team at email@example.com
For information about our third party service providers’ policies regarding data retention, please see the section captioned “Third Party Services” below.
To request a copy of the personal data that we retain about you, please send an email to firstname.lastname@example.org or postal mail to L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ. We will provide details on how to initiate a data transfer if you email email@example.com
For information about our third-party service providers’ policies regarding data portability, please see the section captioned “Third Party Services” below.
Third Party Services
We may share certain information, including Personal Information, that we collect about you with our service providers who perform functions on our behalf. These service providers may collect information based upon your use of our Websites or our Services. These providers perform such functions as hosting our web servers, processing credit card payments, providing accounting and customer relationship management services, sending postal mail and email, analysing data, providing development and IT and telecommunication support, and providing marketing assistance and customer service. In most cases, except as required under applicable law, we do not have control over the data privacy practices of these third parties, and the use of any Personal Information and other data is governed by their privacy policies, which may be updated from time to time. If any of your Personal Information is required by a third party, as described above, we will take steps to ensure that it is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
Our service providers include:
- MedProWellness (Terms and Conditions). MedProWellness provides customized nutrition programs created by certified coaches to help our customers achieve their health and wellness goals. MedProWellness also provides health-management tools. We share information, including Personal Information such as names, phone numbers, email and physical addresses, and information about calls that you may have had with our employees, with MedProWellness. MedProWellness’s services may allow you to choose to share certain information, including health information, with the public. There are a number of ways in which you can control how much information is shared with the public, and MedProWellness will make efforts to comply with your instructions. By designating information to be shared through MedProWellness, you may reveal information about gender, health, nationality, or other sensitive information that you choose to share.
- Resellers. Our resellers resell our products. We collect resellers’ names, addresses, licenses, and other information. Resellers will see the names and the amount of products that are sold by the Company to their customers.
- Other Service Providers. Third parties to whom we outsource certain services such as, without limitation, software developers, waste disposal, IT systems (such as data centers, hosting providers, email providers) or software providers, IT Support service providers, cyber security and forensic providers, document and information storage providers. Most of these service providers are located in the United States. Some of these service providers, such as some of our software developers, are located in other countries such as India and Pakistan.
- Other IT Providers. Third party service providers for certain auditing or breach responses may collect or obtain system logs and maintenance files that record interaction with our Websites and Services (System logs) and other Personal Information (such as IP addresses).
- Third party postal or courier providers who assist us in delivering our products and Services to you, or delivering documents related to them.
- Any third party for whom your consent has been provided or other legal basis obtained, including companies or people that we introduce you to or companies or people with whom you ask us to share your Personal Information.
We have contracts with these third-party service providers, and they are subject to the legal requirements of the jurisdictions in which they operate. Contact information for these providers is provided below.
Please note this list does not include all the third parties with whom or with which we share Personal Information and there may be other examples where we need to share with other parties in order to provide the Services as effectively as we can. More details concerning the collection or processing of Personal Information may be requested from the Company at any time. Please see the contact information at the end of this document.
Please note that the links to our third-party service providers’ privacy policies and the information contained within them may change from time to time, and the links provided above may not be current. If the links provided do not allow you to access the privacy policies, please notify us by contacting us at firstname.lastname@example.org
We do not sell any contact or analytics data to any third party.
By using our Websites or Services, you consent to your Personal Information being transferred to and from these third parties and processed and stored by them, and having them transfer your data to other countries, including countries that have different data protection rules than your country unless, by law, further explicit consent is required, in which case we will obtain your explicit consent prior to transferring Personal Information. If you are a European resident, you have additional rights under the GDPR. We do not represent that our Websites, Services, or these third party services are appropriate or available in any particular jurisdiction.
Third Party Contact Information
- Authorize.net: Authorize.net is operated by CyberSource Corporation, P.O. Box 8999, San Francisco, CA 94128, ATTN: Data Use and Privacy Office. Fax: (650) 286-6547.
- Automattic: WordPress and WooCommerce are operated by: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110.
- DoubleClick: The operator of DoubleClick is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
- Facebook: Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States.
- Formsite: Formsite is operated by Formsite at 5202 Washington St, STE 11, Downers Grove, IL, United States.
- Google: Google is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.
- H2 Wellness: H2 Wellness is operated by H2 Wellness, Inc, h2 Clinics, Inc., 4019 Westerly Place, Suite 100, Newport Beach, CA 92660, United States.
- InfusionSoft: Infusionsoft is operated by Infusion Software, Inc., Infusion Software, Inc., 1260 S. Spectrum Blvd., Chandler, AZ 85286, United States.
- Instagram: Instagram is owned by Facebook and is operated by Facebook, Inc., 1601 Willow Road, Menlo Park, CA 94025, United States.
- LinkedIn: LinkedIn is owned by Microsoft and operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, United States.
- MedProWellness: Medpro Wellness is operated by Medpro Wellness, Inc., 184 North Ave East, Cranford, NJ 07016, United States.
- Outbrain: Outbrain is operated by Outbrain Inc., Outbrain Inc., 39 West 13th Street, 3rd floor, New York, NY 10011, United States.
- PayPal: PayPal is operated by PayPal, Inc., 2211 North First Street, San Jose, California 95131, United States.
- Pinterest: Pinterest is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, United States.
- Quickbooks: Quickbooks is operated by Intuit, Inc., 2800 E Commerce Center Place, Tucson, AZ 85706, United States.
- com: Salesforce.com is operated by Salesforce, Inc., The Landmark @ One Market Street, Suite 300, San Francisco, CA 94105, United States.
- Twitter: Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, United States.
- Vimeo: Vimeo is operated by Vimeo, Inc., 555 West 18th Street, New York, New York 10011, United States.
- VWO: VWO is operated by Wingify, 14th Floor, KLJ Tower North, Netaji Subhash Place, Pitam Pura, Delhi 110034, India.
- Webgility: Webgility is operated by Webgility, Inc., 201 Mission Street, Suite 1550, San Francisco, CA 94105, United States.
- Zemanta: Zemanta is operated by Zemanta Inc., 33 West 17th Street. 9th floor, 10010 New York NY, United States.
- Zendesk: Zendesk is operated by Zendesk, Inc., 1019 Market Street, San Francisco, CA 94103, United States.
- Zoominfo: Zoominfo is operated by Zoom Information Inc., 307 Waverley Oaks Road, Waltham, MA 02452, United States.
We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. We encrypt all information during transmission. All information you provide to us is stored on our secure servers behind firewalls, and we implement the services of a third-party hosting company to provide backup services. We do not store any credit card information that you may supply to us.
The safety and security of your information also depends on you. Where we have given you the ability to choose a password for access to certain parts of our Websites or to obtain certain services available through the Websites or Services, you are responsible for keeping this password confidential. We ask that you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Websites or in connection with our Services. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Websites or Services.
For information about our third-party service providers’ policies regarding data security, please see the section captioned “Third Party Services” above.
In the event of a data breach, the Company’s immediate priority is to identify and isolate the breach by locking down all systems, reviewing audit logs, and resetting all system passwords. Unless prohibited by applicable law or unless we are asked by applicable law enforcement to delay notification, we will work with our attorneys and relevant government authorities and notify all affected clients of the breach, explaining what had happened and what steps we will take to prevent future breaches to the extent required by applicable law. We will share information, including Personal Information, with them in order to comply with applicable law.
Your Rights Under the GDPR
If you live or reside in the European Union, you have the right under the GDPR to request from us access to and rectification or erasure of your personal data, the right to data portability, the right to restriction of processing of your personal data, the right to object to processing of your Personal Data, and the right to lodge a complaint with a supervisory authority. Under the GDPR, “Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’). An “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. (Article 4 GDPR.) If you live or reside outside of the European Union, you may have similar rights under your local laws. For purposes of the GDPR, the Company operates as a data controller.
Under the GDPR, if you are a resident of the European Union, you have the right to obtain from the Company confirmation as to whether or not Personal Data concerning you are being processed, and, where that is the case, access to the Personal Data and the following information:
- the purpose of the processing;
- the categories of Personal Data concerned;
- the recipients or categories of the recipients to whom the Personal Data have been or will be disclosed, in particular recipients in third countries or international organisations;
- the Personal Data retention periods or criteria used to determine this period;
- the right to lodge a complaint with a supervisory authority;
- information about Personal Data if the Personal Data are not collected from you; and
- the existence of automated decision-making, including profiling, including, in some cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
If you reside in the European Union, you also have the right under the GDPR:
- pursuant to Article 16, to obtain from the Company the correction of inaccurate Personal Data concerning you, without unjustified delay;
- pursuant to Article 17, to obtain from the Company the erasure of Personal Data concerning you without unjustified delay;
- pursuant to Article 18, to obtain from the Company restriction of processing where one of the following occurs:
- you contest the accuracy of Personal Data, for a period necessary for the Company to verify the accuracy of such Personal Data;
- the processing is illegal and you oppose the erasure of Personal Data and request the restriction of their use;
- the Company no longer needs the Personal Data for processing, but the retention of Personal Data are necessary for you in order to ascertain, exercise or defend our legal claims;
- you have objected to processing treatment pursuant to Article 21(1), pending the verification whether the legitimate grounds of the Company override those of you.
- pursuant to Article 20, to receive Personal Data concerning you in a structured format, commonly used and readable by automatic device, and to have that data transferred to another data controller without hindrance by the Company if the basis of the Company’s processing of your Personal Data was consent or contract and the processing was carried out by electronic means; and
- pursuant to Article 21, to oppose at any time the processing of Personal Data concerning you for certain reasons, including direct marketing purposes.
In order to exercise your rights, please send an email to email@example.com or write us at: L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki
Auckland 2013, NZ. We will inform you of the receipt and will process your request within five working days. In the most complex cases we will undertake to provide you with an initial response no later than fifteen days.
Our Legal Basis for Processing Under the GDPR
If you are a resident of the European Union, you have certain rights that may not apply to other users of our Websites and Services. When processing your Personal Data, we primarily process data as a controller, for the purposes explained above. These purposes represent our legitimate interests for the purposes of Article 6(1)(f) of the GDPR. At the same time, some of the Personal Information that we process which is Personal Data under the GDPR is necessary for us to perform a contract with you, such as to ship our products, or in order to take steps at your request before entering into a contract with you. For example, if you express your interest in purchasing one of our products, such as by filling out a web form, we will process the Personal Information that you submit to comply with your request. This may include sharing your Personal Information with one of our authorized resellers or credit card processors, who will then use your Personal Information to complete the purchase transaction. In addition, we are legally obliged to provide certain information to criminal prosecution or tax authorities in individual cases upon request. In these cases, the legal basis for the processing is either legal requirements (Article 6(1)(c) GDPR) or reasons of public interest (Article 6(1)(e) GDPR). In some cases, we request medical and other Personal Data from you to assess whether our products and services are suitable for you; this processing is necessary for reasons of public interest in the area of public health. In these cases, the legal basis for the processing is explicit consent (Article 6(1)(a) GDPR). Providing consent for these purposes is optional and, in the absence of such, the Company will only process the data for the purposes referred to in the other categories, without curtailing your use of the services. Even if consent to the processing for such purposes is given, it may be revoked at any time by making a request to Michael Thomsen at L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ or by email at firstname.lastname@example.org
The following table provides additional information about our use of Personal Data.
|New Column||New Column||New Column||New Column|
To register you as a user to our Services.
Account information such as your name, email address, address, password, telephone number, and other information you provide, including health data (such as your height, weight, and health goals) and other data that you supply.
Legitimate Interest: To determine which products and services may be suitable for you and to provide you with information you need and other services you request and to efficiently communicate with you or a contact person for you (Article 6(1)(f) GDPR).
Consent: We will request certain sensitive Personal Information and send you information about our products and services (and the products and services themselves, if you order them) pursuant to your explicit consent (Article 6(1)(a) GDPR).
Contract: If you are our customer or prospective customer (Article 6(1)(b) GDPR).
To respond to inquiries that we receive from you and to fulfill requests
Contact information such as your name, email address, address, telephone number, and other information you provide, such as your requests. We may also use data that you provide about what type of user you are, e.g. a physician or a consumer.
Legitimate Interest: To provide you with information you need and other services you request and to efficiently communicate with you or a contact person for you (Article 6(1)(f) GDPR).
Consent: We will send you marketing communications by email pursuant to your consent (Article 6(1)(a) GDPR).
Contract: If you are our customer or prospective customer (Article 6(1)(b) GDPR).
To allow us to understand what types of materials you would like to receive and to send you or allow you download this material, such as white papers, scientific articles, and similar marketing communications.
Contact information and other information you provide, such as your preferences for the types of materials you would like to receive and your areas of interests.
Legitimate Interest: To provide you with information you need and other services you request and to efficiently communicate with our client where you are the client or contact person for our client (Article 6(1)(f) GDPR).
To assess your suitability to take our products and use our services.
Health data and other data that you supply.
Legitimate Interest: To determine which products and services may be suitable for you based on your physical and health characteristics and to provide you with information you need and other services you request and to efficiently communicate with you or a contact person for you (Article 6(1)(f) GDPR).
Consent: We will request certain sensitive Personal Information and send you information about our products and services (and the products and services themselves, if you order them) pursuant to your explicit consent (Article 6(1)(a) GDPR).
Contract: If you are our customer or prospective customer (Article 6(1)(b) GDPR).
To obtain analytic information to improve your experience with our Websites and Services and to understand more about our prospective customers and customers.
Details of your visits to our Websites and Services, including which geographic regions you come from, which pages you visit, and how often and for how long you visit particular pages on our Websites.
Legitimate Interest: To understand where our users come from, what our legal responsibilities are, and how to improve our Websites and Services (Article 6(1)(f) GDPR).
To optimize your experience on our Websites and with our Services and to provide us with information to improve them.
Details of your visits to our Websites and our Services, including traffic data, access times, accessed pages, location data, logs, and other communication data and the resources that you access and use on the Websites and Services.
Legitimate Interest: To ensure that we serve information from our Websites and Services that your device can interpret to provide us with information that allows us to improve our Websites and Services, to evaluate and audit our systems to ensure stability, performance, and security, and for other administrative purposes (Article 6(1)(f) GDPR).
To process cookies.
Session, personalization, security, and tracking information.
Legitimate Interest: The data processed in connection with cookies is necessary for the purposes mentioned, in order to safeguard our legitimate interests and those of third parties. (Article 6(1)(f) GDPR).
To send promotional and marketing communications, including the sending of newsletters and market research, through automated tools (text messages, e-mails, push notifications) and other means (e.g. by telephone), and by our third party partners.
Contact information and other information you provide, such as your preferences for the types of materials you would like to receive and your areas of interests.
Legitimate Interest: To provide you with information you need and other services you request and to efficiently communicate with our prospective customers and customers or contact persons for them (Article 6(1)(f) GDPR).
To help us let others know about our products and services and the science behind them by having you post about us and our products and services on social media sites and to allow us to perform diagnostic analytics to assess the number of visitors, posts, page views, reviews and followers in order to optimize future marketing campaigns.
Log data, including your IP address and web pages that you have visited on our Websites and other websites.
Legitimate Interest: processing for marketing (Article 6(1)(f) GDPR).
To provide you with information or advertisements about products, services, and other items that may be relevant to your interests by evaluating certain personal aspects relating to you, in particular to analyze or predict certain aspects concerning preferences, interests, behavior, or location and to obtain information about the effectiveness of our advertisements.
Contact information and other information you provide, such as your preferences for the types of materials you would like to receive and your areas of interests. Information about your use of the Websites and Services and other websites, including your IP address, web pages visited, duration of visits, whether you click on specific advertisements, and whether your purchases can be associated with advertisements that we have run on other platforms or websites.
Legitimate Interest: To provide you with information about our products and services and to determine the effectiveness of our promotional campaigns and advertising as long as the targeting does not produce legal or similarly significant effects on you (Article 6(1)(f) GDPR).
To process your orders for our services and products.
Contact information, billing and credit card information, shipping addresses, and other information necessary to fulfill your requests.
Legitimate Interest: To ensure that you receive the products that you order and to efficiently communicate with you or a contact person for you (Article 6(1)(f) GDPR).
Consent: We will request this information and process the orders you place, including by having our vendors process your credit card transactions, pursuant to your consent (Article 6(1)(a) GDPR).
Contract: If you are our customer or prospective customer (Article 6(1)(b) GDPR).
To conduct surveys and questionnaires.
Contact information and other information you provide, such the answers to our surveys.
Legitimate interests: To evaluate and take action with regard to your feedback and comments about our products and services (Article 6(1)(f) GDPR).
Contract: If you are our customer or prospective customer (Article 6(1)(b) GDPR).
To register you for online and in person events and deliver event-related materials.
Contact information other information you provide.
Legitimate interests: To enable your attendance at our events and to deliver you event materials (Article 6(1)(f) GDPR).
Contract: As may be described on the registration page for the event (Article 6(1)(a) GDPR).
To obtain current contact information and update contract records in our CRM.
Contact information and other information you provide, such as the products you have purchased.
You, public sources, and third party vendors.
Legitimate interests: To ensure the accuracy of our customer and other contact data (Article 6(1)(f) GDPR).
To perform website analytics.
Technical information and other information we collect, including demographics, interests, behavior tracking, event tracking.
First and third party analytics cookies
Legitimate interests: To understand more about visitors to our Websites and users of our Services (what pages you view, how long you visit, your devices, etc.) in order to improve our Websites and Services (Article 6(1)(f) GDPR).
To perform authentication that your use of our Websites and Services is legitimate and is not being done by automated programs.
Third party cookies
Legitimate Interest: To ensure that our systems are not compromised by bots and to prevent fraud (Article 6(1)(f) GDPR).
Consent: We will allow third party cookies to be set and stored, pursuant to your consent (Article 6(1)(a) GDPR).
We only process special categories of Personal Data, such as racial or ethnic origin, political opinion or affiliation, religious or philosophical belief, trade union membership, health, sex life or orientation, genetic data, or biometric data, if you give us your explicit consent, the processing is necessary to meet a legal or regulatory obligation, the processing is in connection with the establishment, exercise or defense of our or your legal claims or is otherwise expressly permitted by the GDPR. We do not presently collect most kinds of this information, other than health and gender. We consider that for some category of persons, it would be appropriate to request and retain this information for preventive nutritional or health and wellness support.
Exercising Your Rights under the GDPR and Otherwise
To request access to or rectification, portability or erasure of your personal data, or to delete your account with us and you reside in a state that is a member of the European Union, please send an email to email@example.com or write us at: L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ
Whether you live or reside in the European Union and you wish to exercise your right to restriction of processing or your right to object to processing or do not live in the European Union but you believe you have a right to restriction of processing or a right to object to processing under your local laws, please send an email to firstname.lastname@example.org or write us at: L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ
For information about our third-party service providers’ policies regarding the GDPR, please see the section captioned “Third Party Services” above.
International Data Transfers
If you reside in the European Union and are covered by the GDPR, we will only transfer your Personal Information that is protected under the GDPR to third parties if:
- you have given your express consent pursuant to Article 6(1)(a) of the GDPR;
- the disclosure pursuant to Article 6(1)(f) of the GDPR is necessary for the establishment, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data;
- a legal obligation exists for the disclosure pursuant to Article 6(1)(c) of the GDPR or
- this is legally permissible and is required by Article 6(1)(b) of the GDPR for the processing of contractual relationships with you.
If you reside in the EU and have rights under the GDPR, please note that your personal data will be transmitted to:
- third parties that typically act as processors pursuant to Article 28 of the GDPR, who could be:
- persons, companies or professional firms that provide assistance and advice to the Company in accounting, administrative, legal, tax, financial and debt collection with respect to the provision of the services;
- subjects with whom it is necessary to interact for the provision of the services (for example hosting providers);
- subjects authorized by the Company in order to perform technical maintenance activities (including maintenance of network equipment and electronic communications networks).
- subjects, institutions or authorities, independent data controllers, to whom it is mandatory to communicate your personal data in accordance with the provisions of law or orders of the authorities;
- authorized persons pursuant to Article 29 of the GDPR from the Company necessary to carry out activities strictly related to the provision of the services, who are committed to confidentiality or have an appropriate legal obligation of confidentiality;
In the case of reorganization, merger or quota sales, the Company may transfer to third parties affected by such operations all personal data collected and for the specific purposes for which you have given consent. In all these cases, your consent will not be necessary.
It is our policy to post any changes we make to our Policy on this page with a notice that the Policy has been updated on the Websites’ home pages. If we make material changes to how we treat our users’ Personal Information, we will provide you with prior notice by positing a notice on our Websites’ home pages or through conspicuous notice through our Services. The date the Policy was last revised is identified at the top of the page. We may also notify you by email to the email address specified in your account. Any revised Policy will be effective as of the published effective date. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Websites and Services and this Policy to check for any changes.
Methods of Contact
From time to time, we may e-mail or contact you regarding important L-Nutra updates or feature announcements, as well as news from our partners. You may opt out of receiving emails or contacts from us by e-mailing our support team at email@example.com
To ask questions or comment about this Policy and our privacy practices, please contact us:
By Mail: L-Nutra, Attn: Privacy/Data Protection Officer, CWL, 18 Cryers Road, East Tamaki Auckland 2013, NZ
By Electronic Mail: firstname.lastname@example.org
When you contact us, we collect information that helps us categorize your question, respond to it, and, if applicable, investigate any breach of our Terms of Service or this Policy. We also use this information to track potential problems and trends and customize our support responses to better serve you.